Blog

Ransomware Attacks and the Importance of Multi-factor Authentication (MFA)

Ransomware, It’s Worse Than You Think! Many small to midsize business owners think that cybercriminals are focused on pursuing larger entities with deeper pockets, but they are wrong. Today’s cybercriminals are buying lists and robotically sending out phishing emails to thousands with very little effort. Within those emails is code that alerts the criminal if their malware has effectively been planted within a computer, possibly your employee’s computer, and then the criminal activity begins. Before the typical computer user is aware the cyber criminal has gotten into their system, your company network, accessed your critical systems that run your business and is able to lockout everyone from accessing their data and then demands a ransom to unlock or return the data back.

Ransomware is very real and following are a few statistics that should get your attention. Since 2016, over 4,000 ransomware attacks occur daily in the USA. The average ransomware fee requested has increased from $5,000 in 2018 to nearly $200,000 in 2020 and it keeps going up! Experts estimate that a ransomware attack will occur every 11 seconds in 2021. The average downtime a company experiences after an attack is 21 days to recover and get back to normal. Is your business prepared to be interrupted and put on pause for a week or two? Oh and 80% who paid the ransom had another attack soon after and 46% of the returned data was corrupted.

When you allow a single set of credentials to play the only role in authentication to your company’s computer network & systems, one compromised credential is all an attacker needs to lock up your systems, steal or manipulate your company data. This is especially true if the account in question is a key account such as your email account that underpins many of your other accounts. Therefore, multi-factor authentication (MFA) often called 2 factor authentication, should be required to gain access to any of your companies computing devices that have access to your business systems, and or customer/client/patient files.

There is an inherent weakness of relying on passwords! Individual passwords are simply not strong enough on their own to protect your company’s data and should never be enough for your most critical accounts such as email, banking, and more. Access to your accounting/billing systems or your customer records needs to hardened or improved. Here are some reasons why requiring more than one credential, multi-factor authentication, is so vital for safeguarding your company resources:

• Many businesses without their knowledge have been exploited by a cybercriminal who has secured employee email addresses and put them up for sale on the Dark Web.
• Studies have shown that many employees reuse the same or similar password everywhere
• Back in 2018, “123456” and “password” were the top two password choices and not a lot has changed. How strict is your company password policy to avoid this?
• The majority of data breaches have been the result of weak or stolen passwords.
Adding a second factor or credential known as multi-factor access (MFA) to access your network and systems makes it significantly harder for malware to cause damage, since attackers now must have two objects in their possession to move forward with their actions. MFA is becoming more ubiquitous and easier to use, which creates less friction with end users. This makes multi-factor authentication attractive for organizations looking to boost their security policies without creating much additional overhead.
One other key point to add – many of your employees, because they know a friend or family member who had a ransomware attack, are now concerned about their own online security and what it can mean to them, which means they are motivated to protect themselves and their accounts. This awareness will help with the rollout and acceptance multi-factor authentication within your organization.

The use of multi-factor authentication better protects your sensitive information. Your employees are the number one risk point for your companies’ network, so multi-factor authentication relieves user and IT admin anxiety by protecting data from falling into the hands of relentless hackers. If a hacker has somehow acquired a user’s password to a system, they cannot gain access, as they do not have the second factor (which is generally in the user’s possession, like a cell phone). Device-based multi-factor authentication (and paired with full-disk encryption) ensures that lost devices do not lead to compromised access or data.

When implemented correctly, multi-factor authentication can significantly benefit your companies’ IT security and your bank accounts, without adding much burden to the end-user. There is never a better time to improve your IT security with multi-factor authentication than today. The threat of your business suffering an attack is real. It is not a matter of will this happen, it is only a matter of when. Are you prepared? C&W Technologies and help.
C&W Technologies since 1985 has assisted small to medium size business with their IT challenges. We provide solutions and services to help better protect access to your network and if compromised, recover faster if a cyber-criminal does lock up your data. To learn more how we can help your business deal with the cyber-criminal and ransomware challenges give us a call at 772-287-5215.

Ransomware, It’s Worse Than You Think! Many small to midsize business owners think that cybercriminals are focused on pursuing larger entities with deeper pockets, but they are wrong. Today’s cybercriminals are buying lists and robotically sending out phishing emails to thousands with very little effort. Within those emails is code that alerts the criminal if their malware has effectively been planted within a computer, possibly your employee’s computer, and then the criminal activity begins. Before the typical computer user is aware the cyber criminal has gotten into their system, your company network, accessed your critical systems that run your business and is able to lockout everyone from accessing their data and then demands a ransom to unlock or return the data back.

Ransomware is very real and following are a few statistics that should get your attention. Since 2016, over 4,000 ransomware attacks occur daily in the USA. The average ransomware fee requested has increased from $5,000 in 2018 to nearly $200,000 in 2020 and it keeps going up! Experts estimate that a ransomware attack will occur every 11 seconds in 2021. The average downtime a company experiences after an attack is 21 days to recover and get back to normal. Is your business prepared to be interrupted and put on pause for a week or two? Oh and 80% who paid the ransom had another attack soon after and 46% of the returned data was corrupted.

When you allow a single set of credentials to play the only role in authentication to your company’s computer network & systems, one compromised credential is all an attacker needs to lock up your systems, steal or manipulate your company data. This is especially true if the account in question is a key account such as your email account that underpins many of your other accounts. Therefore, multi-factor authentication (MFA) often called 2 factor authentication, should be required to gain access to any of your companies computing devices that have access to your business systems, and or customer/client/patient files.

There is an inherent weakness of relying on passwords! Individual passwords are simply not strong enough on their own to protect your company’s data and should never be enough for your most critical accounts such as email, banking, and more. Access to your accounting/billing systems or your customer records needs to hardened or improved. Here are some reasons why requiring more than one credential, multi-factor authentication, is so vital for safeguarding your company resources:

• Many businesses without their knowledge have been exploited by a cybercriminal who has secured employee email addresses and put them up for sale on the Dark Web.
• Studies have shown that many employees reuse the same or similar password everywhere
• Back in 2018, “123456” and “password” were the top two password choices and not a lot has changed. How strict is your company password policy to avoid this?
• The majority of data breaches have been the result of weak or stolen passwords.
Adding a second factor or credential known as multi-factor access (MFA) to access your network and systems makes it significantly harder for malware to cause damage, since attackers now must have two objects in their possession to move forward with their actions. MFA is becoming more ubiquitous and easier to use, which creates less friction with end users. This makes multi-factor authentication attractive for organizations looking to boost their security policies without creating much additional overhead.
One other key point to add – many of your employees, because they know a friend or family member who had a ransomware attack, are now concerned about their own online security and what it can mean to them, which means they are motivated to protect themselves and their accounts. This awareness will help with the rollout and acceptance multi-factor authentication within your organization.

The use of multi-factor authentication better protects your sensitive information. Your employees are the number one risk point for your companies’ network, so multi-factor authentication relieves user and IT admin anxiety by protecting data from falling into the hands of relentless hackers. If a hacker has somehow acquired a user’s password to a system, they cannot gain access, as they do not have the second factor (which is generally in the user’s possession, like a cell phone). Device-based multi-factor authentication (and paired with full-disk encryption) ensures that lost devices do not lead to compromised access or data.

When implemented correctly, multi-factor authentication can significantly benefit your companies’ IT security and your bank accounts, without adding much burden to the end-user. There is never a better time to improve your IT security with multi-factor authentication than today. The threat of your business suffering an attack is real. It is not a matter of will this happen, it is only a matter of when. Are you prepared? C&W Technologies and help.
C&W Technologies since 1985 has assisted small to medium size business with their IT challenges. We provide solutions and services to help better protect access to your network and if compromised, recover faster if a cyber-criminal does lock up your data. To learn more how we can help your business deal with the cyber-criminal and ransomware challenges give us a call at 772-287-5215.

Leave a Comment