The hot topic in IT right now is cybersecurity. Most every industry vertical is concerned about getting hacked because, according to Phil Florence, Technical Account Manager at Blue Technologies, Inc., it’s not a matter of if a company will be hacked, but when.
“Companies are having issues with viruses and phishing, but the more significant concern is ransomware,” Florence says. “There are a lot of ransomware attacks, which can force organizations to pay a large ransom to regain access to their data. If an attack is successful, hackers could demand thousands if not hundreds of thousands of dollars to release their information. And even if they pay, they’re not guaranteed to get the data back.”
Smart Business spoke with Florence about cyberthreats such as ransomware and what managed IT services can do to protect organizations from attacks.
What is ransomware and what does an attack look like?
Ransomware is hard to detect. In some cases, an attack can lead to a complete takeover of a person’s computer — as in, someone would see their mouse pointer move on their screen as the hacker accesses files within a network. Sometimes the ransomware is actually a virus that sits on a network, inactive and undetected, as the ransomware attackers snoop around to see what sort of files and resources they could access. That means a company likely won’t be aware that they’re being hacked. Sometimes the computers just go to a blank screen and no longer respond to commands, locking an operator out of their own system.
Hackers are entering via the internet to any connected device. Often that happens when employees are using laptops outside the office. If the laptop doesn’t have the latest security patches on it, it’s susceptible to a virus. Once that virus-infected laptop is brought into the office and connects to the corporate network, then it can proliferate throughout the network and spread viruses to other devices, including other network devices, giving the hacker access to devices across the organization.
How does a ransomware attack differ from a phishing attack?
In a phishing attack, someone has to open an attachment for the virus to get in. That typically happens when employees are not made aware of the threats and the forms they take. Some managed IT services providers offer security awareness training that runs employees through exercises that mimic those scenarios and trains employees on how to handle them.
With ransomware, however, it comes through any internet-facing device often without the user’s detection. Stopping that requires network protection, usually through endpoint detection and response or managed detection and response. A managed IT services company would load those components onto a customer’s network, offering a larger level of protection than can be offered through an antivirus. Once the virus, malware or ransomware attack is detected, the managed IT services company will run forensics to understand the attack and block it.
How can companies protect themselves?
It’s difficult for most companies to protect themselves against these attacks because they often lack the necessary resources or have less than a full understanding of the threats. That’s why many companies work with a managed IT services provider. These certified professionals know the industry, have broad experience combating these attacks and can implement solutions that protect a company’s data and devices. Even companies with in-house IT should use an outside provider because they’re often focused on business initiatives rather than protection. A managed IT service provider has the expertise and the tools to fight against intruders, allowing clients to focus on running their business without concern of being shut down by an attack.
When choosing a managed IT services provider, look for one with a full breadth of services as well as a 24/7 helpdesk that can keep eyes on a network around the clock. Look for proven, certified and skilled professionals who have a track record of successfully protecting a company’s investments. ●
INSIGHTS Technology is brought to you by Blue Technologies, Inc.