The Kaseya Ransomware attack is behind us now. There are takeaway lessons in this attack for small and medium business owners on how to be better prepared with help from their managed IT service providers.
This is a re-sharing of an article I created for LinkedIn about a week ago that has only continued to gain more relevance. I hope that as information spreads we can hopefully limit the havoc that these bad-actors continue to unleash.
I'm seeing a lot of phishing emails around COVID-19 / the coronavirus. It's disappointing but expected that cybercriminals know that we are looking for information and answers to guide us through the confusion, anxiety, and uncertainty of what to do next. Be careful not to become a victim of these honed phishing campaigns around some "COVID-19 update" or "current coronavirus news". The last thing a small business needs right now is to lose files or financials to these kind of people, so here are a few quick tips.
1) Be especially wary of emails pretending to be from the CDC, WHO, or other government agencies. Try and find the information by searching for it on their website rather than clicking links emailed to you. Even links that appear valid according to their text may be hyperlinked to a completely different location when followed.
2) Keep an eye out for spelling errors and inconsistencies in the subject line and the from line (or domains that don't look legitimate). Read the entire email address to ensure it's coming from the source you think it is. There are cases of cybercriminals pretending to be internal HR members directing staff to click a link to view updated policies, and are instead directed to a malicious website.
3) Do your homework before donating to a cause. We're at our best when we decide that we will pull together to support each other in trying times, but some will look to take advantage of that instinct.
ArsTechnica put together a great article that's worth a read as well, I've linked to it here. Or better yet, maybe search "ars technica covid 19 phishing" and start practicing Tip #1 now!
Stay safe out there, in every way possible.
You know how your business is performing – probably. You know your business’ KPIs and how to read them: analyzing sales reports, profit and loss statements, and financial and operational ratios.
With the kind of budgets that companies allocate for IT, they expect high outputs from it. Cybersecurity is one of the most basic requests from their technology teams. Ironically, essential cybersecurity checks seem to miss in most IT plans, while companies try to capture too much from technology.
When your workplace manages sensitive data – either your own, or that of your clients – it’s important to ensure you develop and implement an effective information security program.
Whether you’re providing company laptops and mobile devices or implementing a BYOD policy to improve flexibility and mobility, it’s important that you consider how to protect your data and IT infrastructure when the devices accessing your network are not entirely in your control.
In January 2019, the Edmonton Economic Development Corporation reported losing $375,000 in a “targeted fraudulent financial transaction.” And in 2017, MacEwan University was tricked into transferring $11.8 million to a targeted scam.
What did these two scams have in common? They used phishing techniques to trick employees into handing over substantial amounts of cash to what they thought was a legitimate recipient. Proper network monitoring could have helped.
But there are almost always warning signs – and we thought it would be helpful to share some tips to reduce the chance that your business finds itself “on the hook.”
Most businesses have the goal of generating profitable revenue growth, and dedicate much of their time and focus to this endeavour. However, it is equally important to focus on controlling costs, such as remote IT support – without constant vigilance, companies will find themselves struggling to compete under the weight of unnecessary overhead.
With more workers using mobile hardware such as laptops, tablets and mobile phones, Wi-Fi is becoming the default network connection in many workplaces. While it can’t match a wired network for speed and security, the ease of access and flexibility are often worth the trade-off.
But slow connections, unwanted traffic, weak signals, and old technology can all contribute to a frustrating network experience – and start impacting the flow of information and employee performance.
We’ve compiled six tips that can help your business speed up your Wi-Fi network and increase security to boot:
