Small and medium businesses are being targeted by cyber criminals more than ever. Security measures typically in place in these environments are no longer effective against the types of attacks we are seeing today. Where a standard antivirus product and a competent spam filter may once have been viewed as enough, they are sorely inadequate protection against the types of cyber attacks we are seeing today. Cyber criminals are more and more often crafting targeted attacks on businesses and individuals – planning around antivirus and email security that might be in place.
It was not uncommon in past days for an individual or business to have received a suspicious email from a friend or associate who has had their email account compromised. This is often followed up by an apology or warning email after the user has been tipped off by a friend or colleague, and regained control of their account. Unfortunately, attackers are getting smarter and giving off less obvious signs that your account is compromised, opting instead to wait for a better opportunity and learn all they can.
What does a typical attack look like?
Lets examine a typical scenario that one might encounter as a small business owner or employee:
This could start with any employee in the business having their email address and password compromised – either by reusing the same password somewhere unsecure, or perhaps from a hack on a website / database for which they have used the same email and password. This attacker might then log into their webmail, and silently monitor the internal emails watching for an opportunity and building a list of key people to target. Their next move might perhaps be to “share a document” with you or others in the business, requiring you to log in to a website with your company email. If they are careful they can craft a website that looks very legitimate and would not be flagged by antivirus or security software. With this strategy they may obtain logins and passwords for many more in the business, giving them more access to internal business systems. From here the possibilities of the attack are endless; encrypting business documents (and potentially backups too), impersonating business staff, and the real worrying moves such as impersonating suppliers – asking you to modify their bank details for future payments. This could mean serious financial or reputational damage to the business!
How can you protect your business from these attacks?
The frequency of attacks like the one above are rapidly increasing, prompting the need for businesses to urgently review their security. Unfortunately, there is no silver bullet for IT security – each environment has different risks and requires a different approach to effectively address security concerns without compromising productivity and blowing the IT budget.
Fortunately, there are a few relatively cost effective ways to greatly reduce the risk of attack based on today’s typical cyber threats. Included in these are user training, 2 factor authentication (such as SMS code confirmation), custom security rules in your email system to flag suspicious emails, and smarter email filtering solutions that investigate suspicious website links. Lanter Technologies has worked with many small and medium businesses to improve their security with a variety of different budgets and requirements. Read on further to see the steps that Lanter Technologies would take in order to prevent these typical attacks from occurring.
How can Lanter help your business with security?
Lanter Technologies was established to work with small and medium sized Australian businesses, to understand their goals and then ensure the alignment of their technology to these goals. An important part of Lanter Technologies’ operation is ensuring that security risks are appropriately identified and addressed as part of your technology strategy. Lanter partners with our customers to ensure that their technology is appropriately secured, while keeping budget and productivity requirements in mind. Lanter takes a holistic approach to technology, addressing not only security risks, but also other business risks, performance, business continuity and overall technology strategy.
How would Lanter help to prevent this kind of typical attack?
One of the most effective ways to combat cyber security risks, is in end user education.
One of the most effective ways to combat cyber security risks, is in end user education. Teaching users about what to look for, and how to help prevent attacks is a practical and effective way to help safeguard your business. Lanter provides flexible training options for your users, from simple email campaigns, to on-site training – demonstrating how to stay secure in today’s environment.
Still, even the most vigilant user can still fall victim to scams, hacks or even physical theft. Once a user’s password has been obtained by attackers, it is often very easy for them to log into the user’s email remotely via webmail. This is where two factor authentication (2fa) is an excellent step up in security. With 2fa enabled, anyone logging in from unknown computers or locations would be unable to proceed unless they confirm their identity via an SMS message or pre-registered smartphone app. Often, this can be bypassed for trusted computers or locations (such as your office) which reduces the hassle for day to day user. Whether you are leveraging a modern cloud platform such as Office 365, or an older server based system – Lanter can help you to identify the best way to prevent unauthorised access to your systems.
When it comes to email, modern security filters have evolved far beyond the traditional spam filter. Platforms such as Sophos Email Security help to identify scams and targeted attacks by running security checks and analysis on web links in emails – testing for security risks in an isolated environment. These platforms are designed to protect against new types of threats as quickly as they evolve and adapt.
The traditional antivirus is often no longer enough to protect against modern exploits
When it comes to endpoint protection, the traditional antivirus is often no longer enough to protect against modern exploits. Recently publicised spread of ransomware and crypto-locker attacks demonstrate how traditional antivirus definitions are often inadequate in preventing these kinds of attacks before it is too late. Lanter utilises a modern ‘zero day’ security product called Sophos Intercept X to protect against these attacks. Using machine learning and advanced analytics, it can seamlessly prevent ransomware and similar attacks, even before virus definitions can be developed. When implemented in conjunction with other Sophos products, compromised machines can even be automatically isolated from the network, to prevent the spread of these attacks and limit their effect!
Often, security risks are identified that may not have a simple or practical solution. In these circumstances, Lanter’s engineers will work with the business to introduce bespoke solutions, or to help mitigate the risk in any other way possible, even if this involves solutions outside the realm of technology.
What if you do get hacked?
Sometimes, even the best laid plans go awry, and despite any preparation, the reality is that businesses and individuals do often end up with their security compromised from time to time. In these situations, Lanter works with the victim to promptly lock down their environment, identify the source of the attack, and implement security measures to ensure the attacker is locked out for good.
Where to from here?
IT security is an ever-evolving landscape, and if you have any doubts about the security of your business systems, don’t hesitate to reach out to Lanter Technologies. Lanter will work with you to review the current security risks that your business might be facing, and how those risks can be mitigated in a practical and cost effective way.