Technology Advisor Blog

Cybersecurity is in the news just about every day!  The balance between cybersecurity and convenience is always tough, and sometimes cybersecurity can even get in the way.  

As summer winds down and the back-to-school season ramps up, it’s the perfect time to review the importance of safeguarding children’s online presence. In a time characterized by the prevalence of social media and digital sharing, it’s crucial to be aware of the risks associated with posting and sharing personal  information about your children on these platforms. This applies to both you and them! It can lead to potential cybersecurity breaches, and it can also have long-lasting consequences for your child’s privacy and safety. Here are some vital pointers and tips to assist in upholding your family’s online safety as your children return to school.

"I'm a small business.  Why would a ransomware gang be out to get me?"  This is a question we hear a lot working with local businesses.  Everyone sees the big cyber crime headlines in the news, most recently with Uber, and last year quite visibly with the Colonial Pipeline, but what many people don't realize is that half of these kinds of threats hit small businesses - the events just don't make national news.  Why are so many small businesses impacted when there are bigger targets out there?  It's Ransomware as a Service.  What's ransomware as a service? You’re likely familiar with software as a service (SaaS) but ransomware? What does that mean?

First, let’s do a quick review of what ransomware is. It's a type of malware that holds the victim’s files and folders for ransom.  This sounds like something out of a Tom Cruise movie, but basically a giant warning shows up on your screen with a ticking clock that says pay the ransom, or you won't ever access your files again.  Most typically, malware gets on your computer network through human error with someone inadvertently clicking on the wrong link or opening the wrong email attachment (like a fake resume).   The malware is deployed and encrypts network data, with a safe return of your data being promised when the ransom is paid. And with payments usually made through cryptocurrency, these crimes are can be committed anonymously.  Cybercrime is big business!

The "Ransomware as a Service" business model was developed for criminal purposes to make it even easier for criminals to conduct crimes. Ransomware requires little effort to deploy with potentially big payouts.  Criminals with little or no technical know-how can now blast out millions of emails to potential victims.  All they need is a few mouse clicks to make a lot of money.

Ransomware as a Service

Technology fuels local businesses these days, helping them achieve their goals and vision. At the same time, local businesses are also at increased risk for growing cyber threats worldwide – ALL businesses are impacted, not just the big ones that make national news. One of the important foundations of keeping your technology safe is to conduct a security risk assessment each year (at least!).

Cybersecurity headlines may sound scary, but it’s important for local businesses to know there are a lot of smart and affordable things you can do to fight back to stay more secure online and increase your chances of surviving a cyber event. A basic security risk assessment can help identify security gaps to remediate, and ongoing employee training will greatly help reduce “clicks” on the wrong things. Preventing problems is a lot less expensive and more effective than responding to an incident, but it’s not possible to eliminate all risk. As a technology service provider, Ekaru has been working with local businesses in the greater Boston area for many years, and having an incident response (IR) plan will make a big difference in your ability to successfully recover after a cyber incident.

October is time for Halloween, Pumpkin Spiced Lattes, and Cybersecurity Awareness Month! Have you ever wondered why there are so many quirky holidays? National Talk Like Shakespeare Day is celebrated on April 23rd for example. There's also Squirrel Appreciation Day which is on January 21st. It may seem confusing, but this just goes to show how diverse our culture really is!  While it may seem like some of these holidays are a bit silly, one of them is pretty important:  an entire month dedicated to cybersecurity. Now that’s a topic worthy of a holiday!

This year’s initiative highlights the growing importance of cybersecurity and encouraging individuals and organizations to take necessary measures to stay safe and secure in an increasingly connected world.

Did you know that the global cost of cyber crimes will go over $2 trillion by 2021? It’s also just not government agencies or large corporations that have to worry about cyber attacks and data breaches. Small businesses are actually the biggest target for cyber criminals because they often have smaller IT teams and less security.

September is time for back to school and back to business! This is a great time to get serious about training your employees to understand their role in helping a business or organization stay safe.

Perfect timing!  Here's a phishing email that just arrived, and a prime example to show a few tips on how to spot a problem email.  The subject of the email was "subscription renewal", and at the beginning of the month a lot of these may arrive in anyone's inbox.  This one immediately caught my eye because the preview text showed "Hello dear".  The other thing to note is that we've all been taught to not "click on the link", but this one invites us to call a number.  That's a common new tactic and in the never ending cat and mouse game as computer users become more aware of dangerous links, the cyber criminals just come up with a new twist.