If you want to know what’s happening in top cybersecurity threats right now, ask the FBI.
Recently, Supervisory Special Agent Elvis Chan, spoke with a group of ILTA members in San Francisco. What we learned is that cyberthreats are real to any business. Law firms are under attack because of the information they store and track for their clients. Not to mention just the random state sponsored attacks from places like Russian and North Korea.
The top threats for 2018 are growing in increasing numbers. Business email compromise is the number one type of attack going on in the U.S. today. Phishing e-mails for money is taking millions of dollars away from businesses each year. It’s important that you have protection as well as train, train, train your employees. Just like two-factor authentications to protect access to our programs and data, you should have a two-factor process for any type of money transaction within your business. Preferably, pick up the phone and call to verify the request.
Second is ransomware, and it is becoming more and more significant each year. Basically, criminals will lock you out of your data to get your money, and they are less likely to get caught than robbing a bank. In 2017 it was estimated that $5 billion dollars in damages were incurred globally for ransomware attacks. The FBI’s stance? "Don’t’ pay the ransom." However, it’s up to you to protect your data. If you have daily backups, restore your data and move on. You will suffer some business disruption and costs, but you won’t have to pay and risk paying more and possibly never getting your data back. Even better, find your best behavior-based ransomware protection to prevent it from happening at all.
Finally, the third top threat is Advanced Persistent Threats, or APTs. This is your state-sponsored attacks from predominately bad countries. These are hackers that can steal money from banks, as well as steal data to sell on the black market. The FBI has been able to link and/or prosecute hackers on various incidents over the last few years to North Korea and Russia. These come in many forms, but most often it is accomplished by tricking people within your business to break normal security procedures.
Lastly, we are left with the point that hackers don’t discriminate. Statistics show that these types of attacks happen across all business sectors -- no one is left out. Hackers will hack the most peculiar businesses to get at larger data. Target was attacked through an HVAC vendor, for example.
It’s time that you establish security policies, monitor and analyze network traffic, always be assessing vulnerabilities, add and configure security by investing in products and backups and, finally, always be providing training to your employees.
If something should happen that you feel your data has been breached, call your local FBI field office, preserve original media as evidence, gather logs and conduct a damage assessment. (Get more advice here.) Most importantly, if you can’t convince your firm this is necessary, call your local FBI field office and ask for a Supervisory Special Agent. He or she may be able to discuss this with your shareholders to bring the point home. Nobody is exempt from cybercrime.