Back >
< Back
Contains 0 items
Subtotal: $0.00



Is Your Business Safe from a CYBERATTACK?

It’s almost impossible to run any business nowadays without using computers, the internet, online ordering, and social media. And although technology has increased customer bases, markets, and product availability with new levels of speed and interaction, technology has also brought its own problems—or rather new levels of speed and interaction for the ancient problem of honest merchants guarding against thieves and scammers.

Is Your Business Safe from a CYBERATTACK?

PROTECT YOUR VALUABLE INFORMATION BY FENDING OFF RANSOMWARE AND PHISHING ATTEMPTS

By Brian Stanley

It’s almost impossible to run any business nowadays without using computers, the internet, online ordering, and social media. And although technology has increased customer bases, markets, and product availability with new levels of speed and interaction, technology has also brought its own problems—or rather new levels of speed and interaction for the ancient problem of honest merchants guarding against thieves and scammers.

“In today’s world, less-than-adequate cybersecurity puts an entire business at risk,” said Steven Bowcut, editor-in-chief of Brilliance Security Magazine, which reports on physical security and cybersecurity issues. “A ransomware attack could literally put you out of business,” Bowcut warned.

“Ransomware” is a type of malware that takes over computers or networks and steals data and blocks files and information from authorized users. The programmers who put the ransomware on the system then demand ransom in exchange for restoring files or network access.

Because no one would intentionally allow such programs to operate on their system, ransomware is disguised as other data—the kind of things people are likely to download or click on.

One Friday in May, an Awards and Personalization Association (APA) member received a message from what appeared to be a relative’s Facebook account. The APA member clicked on the message. When it appeared the page or file was one of the countless broken links on the information superhighway, the member closed the message and went on with the day.

The APA member asked to not be identified, but does hold an executive position at a retailer with many employees. By clicking on the message, this member had planted a ransomware program that was rewriting file names so the computer wouldn’t know how to open them.

“And since I have administration rights, it was infecting almost every computer on our server on our network,” the member said. “When I logged in the next day, a few things weren’t working right. I thought that might be because I was working remotely, but when I reached out to IT, they found it was ransomware.”

In all, 24 computers on the company network were infected with the ransomware. Those that weren’t included four computers that were operating with an older version of Windows, which the ransomware program wasn’t compatible with, and one computer used by an employee who had logged off and shut everything down before leaving for the day.

“One employee did the things we’re all supposed to do. That stopped that one from getting infected too,” the APA member noted.

According to the FBI, ransomware victims should not go along with what cybercriminals want.

“Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity,” the FBI Internet Crime Complaint Center advises. In 2020, the FBI received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million. Bowcut believes this year’s statistics are on track to greatly outpace those numbers.

Because the affected company already had a contract with an IT company and regularly backed up data on a remote cloud system, they did not pay the ransom.

“We back up all the time. And that makes a huge difference. I think we were more prepared than most companies for a cyberattack, but there were still some things we had to deal with,” the APA member acknowledged. The IT company started “rebuilding” computers on the Monday after the cyberattack, which included upgrading some levels of protection.

“It still took a solid two weeks to be back to normal,” the APA member said. “Our computers are hooked up to printer, laser, and other equipment. It took a lot of time to make those connections again.”

The APA member feels the company’s IT contract has definitely paid for itself this year and investing in new desktop anti-virus software was another worthwhile purchase. The member’s personal account will also now use a different login and password from the administration account.

PHISHING EMAILS

Bowcut said most businesses are targeted with “phishing” emails, links, and messages several times a week.

“The goal is to trick someone into putting in their information so they can steal the credentials or download malware,” Bowcut said. “Ransomware targeted toward individuals is more rare since most people don’t have the same need to get their data back as a business does.”

Bowcut said phishing emails are sent out every day by the millions. “The different groups [of criminals] that do this go after where they can do the most damage or get the most money,” Bowcut said. “With small businesses, it’s usually a shotgun approach, not a targeted attack.”

However, even though small businesses may not be specifically targeted, they do possess valuable information that cyber criminals seek, such as employee and customer records and bank account information.

Bowcut believes cybercrime would be greatly reduced if businesses provided basic training in password management and spotting phishing emails.

“If you’ve had the same password for a few months, it’s (likely) in the hands of cybercriminals,” Bowcut said. “Don’t use the same password for different websites.”

Phishing emails used to be almost comically obvious, with spelling mistakes and odd grammar, but criminals have gotten better about making their communications look legitimate.

“If you get an email that looks like it’s from your bank, don’t click to respond. Get out of that browser. Go into another one if you want to look at your account,” Bowcut said.

Legitimate software manufacturers are constantly working to reduce vulnerability to hacking, so Bowcut also recommends updating programs and apps continually.

“There’s a balance between security and convenience,” he said. “Small businesses have to budget for the cost of data protection. Make sure you’re backing up critical data, so at least you’re not sunk if you have to start over, and keep those backups separate from your network.”

FREE RESOURCES TO KEEP YOUR BUSINESS SAFE

Small businesses may have fewer resources than larger companies when it comes to protecting against cybercrimes. Here are some free tools that can help you and your employees keep your business clear from an attack.

Read more about Cybercrime

Awards and Personalization Association

The Awards and Personalization Association is the organization for retailers and suppliers of personalized and customized items. By providing education, meetings, and access to a vibrant network of professionals, the Awards and Personalization Association is the one place to ensure the growth of your talent, your business, and your professional community.

Learn More

© Awards and Personalization Association
Contact Us
Awards and Personalization Association
8735 W. Higgins Road, Suite 300

Chicago, IL 60631

info@awardspersonalization.org
847.375.4800
(Fax) 847.375.6480

Connect with Us