Florida city pays $600,000 to hackers who seized its computer system? UGH!

The Riviera Beach City Council voted to pay $600,000 in ransom to regain control over their computer systems after hackers had encrypted city data and just today I read that another Florida city paid $450,000.  After shaking off the initial shock,a stream of questions flood my brain like, "Didn't they have a backup?" and "How did the hackers get in?" But I already know the answers: No, they did not have a valid backup and the network equipment was either mis-configured and/or not kept up to date with security patches. In fact, Microsoft and, makers of the anti-virus software involved, Webroot, indicate the hackers were able to encrypt the data because the servers were not kept up to date. In other words, the problem was completely avoidable!

While this example underlines the importance of protecting your data by simply patching applying patches, it is not all that it takes to safeguard your business systems.  Here is an overview of Plexus IT's strategy for protecting our customers, a method that has, to date, proven 100% effective:

  • Firewall - It is imperative that your network is protected from the outside by a firewall that screens out infections files and blocks harmful web sites. There are number of fantastic firewalls that accomplish this including Sophos, Untangle, Juniper, Fortinet and our favorites, Cisco Meraki and SonicWall. These products come with subscriptions to keep your firewall up to date against the latest threats.  We also require Capture Advanced Threat Protection to be enabled so that email attachments are unpacked in the cloud and tested before you can download them.  It is fast, reliable and essential to remaining safe.
  • Spam Filter - Since most malware enters computers on the backs of email, it is vital to subscribe to a third party spam filter.  If you are using Office 365, the built-in filter is effective, but somewhat difficult to configure and managed.  Trend Micro has a very effective filter, but like Microsoft, the admin console is a cumbersome chore and if you call support, expect a 30 minute hold time to speak to someone hard to understand. In our experience the most effective tool with a great admin console and excellent support is AppRiver.
  • Anti-Virus - Windows's built in anti-virus has come a long way and is known in the IT community to be pretty good, however, as we keep saying, it is imperative that it be kept up to date.  For ease of management and fast, reliable tech support, Plexus IT's go-to is Webroot.  The product is extremely reliable and support staff are responsive and easy to work with.
  • Updates - Make sure that all of your equipment is kept up to date with the manufacturer's software updates.  This includes servers, computers (PCs and Macs), firewalls, wireless access points and anything else connected to the network. Your computers can be set to receive updates and reboot automatically. Unless you have a cloud managed Meraki system, most firewall and wireless networking equipment needs to be updated manually.
  • Backups -  That can't be said enough. Backups, Backups, backups.  Also called Backup & Disaster Recovery (BDR) or Business Continuity, you need a thoughtful backup strategy to make sure that, if your data is encrypted by hackers (or stolen, or consumed in a fire) you can get it back, preferably as quickly as possible to avoid downtime.  Plexus IT recommends DATTO which can backup your data once a day or once every few minutes so that you can get it back ASAP if needed. Datto will also store your data in the cloud (their server) in case your server becomes completely unavailable.  What's more, your server can be virtualized on the Datto device, or in the cloud nearly almost instantly.  If your hackers demand $600k to decrypt your data you can tell them to pound sand. Your data safe and as current as the most recent update.
  • Training - Finally, and perhaps most importantly, training your staff and building security-focused office culture is absolutely key! Most malware come through email designed to trick users into clicking the a link or an attached file. They have subject lines like "There is a problem with your UPS shipment. Click here for more info." Of course, the innocent user wants to make sure her package arrives on time, clicks the link and - whammo - suddenly the entire office is complaining that they can't get to their files. Your staff need to be trained to avoid clicking emailed links or attachments unless they are absolutely 100% sure they are safe. To that end, we highly recommend using training tools which test your staff's cyber awareness. Companies like Webroot us phishing simulators to send emails that look like the real thing, but contain tell-tale signs that users should spot before clicking, such as spelling and grammatical errors. If the user clicks the link without spotting these giveaways, they will be taken to the next step which can be a training web site to show them where they went wrong.  As the administrator of the phishing simulation, you'll see who clicked and requires additional training.

How secure is your company? If you're suddenly victimized by ransomware, will you pay untold thousands to recover your data, or will you be able to recover quickly thanks to reliable backups?  If your server should fail and business comes to a stand still, can you be back up and running in minutes even without that server?  This is a level of security and Plexus IT provides its customers.  We require this level of security among our customers because, frankly we sleep better at night and we know you will, too.

Please contact us for a free security evaluation. We'll spend some time making sure your network isn't a potential fire hazard and make some recommendations on how to safe guard it from the bad guys of the world.  Call Today: 888-995-7841