Cyber Threats on Small Businesses Come from All Angles
The Federal Bureau of Investigation (FBI) recently issued several “cyber alerts” that may impact small businesses in Monmouth County and throughout New Jersey. As with all potential threats to data security and privacy, it is essential that businesses stay up to date on emerging risks and regularly update their policies and procedures to reflect them.
Sophisticated Ransomware Attacks
The FBI recently issued an alert for ransomware, a specific type of malware that encrypts or locks valuable digital files and demands a ransom to release them. According to the agency, malware attacks skyrocketed in 2015 and are poised to “grow even more in 2016, if individuals and organizations don’t prepare for these attacks in advance.”
Most ransomware attacks are launched via an email attachment that appears legitimate, like an invoice or an electronic fax, but in reality, it contains the malicious ransomware code. Once the victim opens it, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network. The attackers then demand ransom payment in exchange for a decryption key.
Who is being targeted?
As highlighted by the FBI, hackers waging ransomware attacks frequently target entities that rely on computers for critical functions, such as hospitals and law enforcement agencies, because they know how critical computers are to the entities’ day-to-day activities. The cyber attackers use this vulnerability to increase the chances that their victims will pay a ransom to restore access to their data.
The FBI recommends that small businesses implement prevention efforts, including both employee awareness training and technical prevention controls. The agency also emphasizes the importance of creating a solid business continuity plan that can help decrease the damage in the event of a ransomware attack.
Do you have any feedback, thoughts, reactions or comments concerning this topic? Feel free to leave a comment below for Fernando M. Pinguelo and follow the twitter accounts @CyberPinguelo and @eWHW_Blog for timely comments on related issues. If you have any questions about this post, please contact me or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouse Watch – Where Technology, Politics, and Privacy Collide (http://ewhwblog.com).