Cyber criminals have been attacking businesses with ransomware for the past several years. The criminals targeted the big companies as they could pay multi-million dollar ransoms demanded by the criminals. Almost all big companies now invest heavily in cybersecurity and have appointed a CISO (Chief Information Security Office) who is a cybersecurity expert, to oversee the company’s cybersecurity investments.

Most big companies are now too difficult to attack so the cyber criminals have changed tactics to attack smaller businesses that don’t invest in cybersecurity. The ransom demand is much smaller, in the range of $500K-$1M, and they attack more businesses more frequently. The profile of businesses that the cyber criminals attack is listed below.

Typically the criminals will get access to the businesses network and look at the business financials to determine how much that they can extort from the business. The criminals will then install ransomware, which locks the business data and prevents access. The criminals will demand a ransom to provide the key to unlock the data. Often the criminals will take a copy of the data and then after the ransom is paid, they will demand a second ransom otherwise they will publish the information on the Internet. This is called double extortion.

Authonet has been working very hard to lower the cost of deploying Zero Trust cybersecurity, which is known as the best method to reduce ransomware attacks. Authonet Zero Trust cybersecurity is affordable for small and medium size businesses and easy to install by the IT service provider.

Cyber criminals want access to the business network to either steal data or to plan ransomware and then extort a payment. Cyber criminals have many methods of attack; the most popular are a direct attack and phishing.

A direct attack on a business network requires the criminal to get access through the Internet router and into the data server. Many businesses have installed a firewall and so the direct attack is difficult. There is another method of direct attack where the criminal will steal a remote access password using social engineering. When a business has multi-factor authentication a stolem password will not work because the criminal also need the code that is obtained from the users phone.

Phishing is a process with several steps. The objective of phishing is to persuade a business staff member to unknowingly install software on his or her computer. The software that is installed is called a Trojan virus and enables to criminal to have access to the computer without the user knowing, and also bypassing security measures such as firewalls.

The criminal sends emails, called phishing messages, to the staff that impersonate an entity that the user will recognize, a bank, a company like Amazon or PayPal, or the company that the person works for. Staff business and personal email addresses are obtained from the company website of a search through social media at site such as LinkedIn. The message informs the user about some problem, with an account, with a purchase, etc. and urges the person to solve the problem quickly by clicking on a link. Clicking the link will install the Trojan virus. Next the criminal gets to work accessing the business data on the server.

A business can take action to block phishing emails. One is to filter business emails, removing attachments and links, using a product like the Barracuda email security gateway. The business needs to provide staff with a secure method of transferring information. The business can also block access to personal email websites like Gmail or Yahoo on business computers using an end-point firewall like the Authonet products. Staff can access personal emails on mobile devices that are not connected to the business network.

All businesses large and small are targets for a phishing attack. Take steps now to prevent cyber criminals attacking your business.

The preferred method for a ransomware cyber attack is phishing. The criminal will send many email messages that impersonate legitimate institutions with a link that the messages advises to click to solve a problem. When the link is clicked this installs a Trojan virus on the computer and the virus gives the criminal full access to the computer without the computer user knowing about the attacker.

An effective method of reducing the risk of a phishing attack is Zero Trust cybersecurity. Zero Trust has some very important characteristics.

Zero Trust is flexible, it can be used to reduce the risk of attack or ensure that any attack attempt is blocked..

Zero Trust is added to a business computer network by installing the Authonet end-point Zero Trust gateway, which has the characteristics listed above.

Zero Trust is one of the most important cybersecurity tools. Most large businesses have Zero Trust installed by their IT departments. Now Authonet makes Zero Trust accessible for small and medium businesses with economical products that are easy to install.