Are You Your Own Worst Enemy?

Employees Often Open the Door for Cyber Attacks and Information Theft

If you pay attention to the issue of cyber security and data breaches, you’ll surely hear about a slew of malicious attacks from sophisticated hacking organizations and complex high-tech espionage. Recently, the chair of the U.S. Securities and Exchange Commission, Mary Jo White, even went so far as to say that cyber attacks are the “biggest risk we face” as a nation.1

However, some recently released reports are turning this notion on its head after discovering that the biggest causes of data security problems tend to result from simple human error.

The privacy and data protection team at Baker & Hostetler LLP looked at more than 200 incidents of data breaches in 2014 and discovered that of the 139 incidents in which the cause of the breach could be identified, the largest single source of the problems resulted from employee negligence.

When a cyber security breach is significant enough to grab headlines, there is an incentive for those tasked with protecting data networks to play up the sophistication of the attacks. If the perpetrators of breaches are portrayed as technological wizards with virtually unlimited state-backed resources, then victims look less vulnerable, security firms can more effectively tout their products and services, and politicians can stump for tougher regulation and increased funding for cyber defenses.

The fact is that the vast majority of hacking attacks are successful because employees click on links in tainted emails, companies fail to apply readily available fixes to known software vulnerabilities, or technicians improperly configure their systems.

A report from Verizon Communications Inc. found that more than two-thirds of the 290 electronic espionage cases it learned about in 2014 involved phishing, the security industry’s term for trick emails. Verizon found that sending phishing emails to just 10 employees will get hackers inside corporate gates 90 percent of the time, simply because so many people click on tainted links or attachments.2

Verizon scientist Bob Rudis said attackers use phishing to install malware and steal credentials from employees, then use those credentials to access programs and files on compromised networks.

Another report from technology and security company Symantec Corp. found that state-sponsored spies also utilized email phishing techniques simply because they work so well, and because the less sophisticated approach draws less scrutiny from IT employees charged with protecting a network’s security.

However, once hackers gain access to a system through these simple phishing techniques, they write more sophisticated, customized software designed to avoid detection by installed security programs.

Symantec also discovered an increasing prevalence of the use of “ransomware,” a particularly nasty form of cyber attack in which hackers encrypt a computer’s files and say they’ll only release them once the victim organization pays a ransom.

Of course, there’s no guarantee that even if a victim pays the demanded ransom amount they will actually get access to their files again, which makes dealing with ransomware a particularly tricky issue.3

Addressing the vulnerabilities in your digital security before an attack takes place can save your district countless time and resources. Digital safety resource eRisk Hub® is available to all Pool members and was specifically made available in response to the threat of data breaches while also providing a live resource for IT departments of any size or scope.

NetDiligence provides three levels of threat assessments at discounted prices for Pool members, and 50% of the cost of this resource is eligible for reimbursement through our Safety and Loss Prevention Grant program. For more information about pricing and which level of threat assessment is right for your district, contact NetDiligence at (610) 525-6383 or management@netdiligence.com.

This fall, we’ll be providing free cyber threat assessments to six member districts.

Email info@csdpool.org if you would like to enter your district for the chance to win a free cyber threat assessment.

Looking for cyber security training for you and your employees?

Our online training provider, TargetSolutions, offers a one-hour “Computer Security Awareness” course. This training is specifically designed to increase computer safety awareness, ensure online security, and protect all valuable information stored on computers. Remember — security is every computer user’s responsibility!

Covered topics include:

  • Possible Threats
  • Malicious Software (spyware, viruses, malware, etc.)
  • Phishing
  • Identity Theft
  • Loss of Data
  • Public Computer Safety Tips
  • Password Protection
  • E-mail Security

What to do if you fall victim to a ransomware attack

In an article published in Business Insider3 in early June, Steve Grobman, Chief Technology Officer of Intel’s Security Group, provided the following tips for what to do if you fall victim to a ransomware attack:

Alert law enforcement. While they might not be able to help you much, they should still be made aware of the crime.

Turn off your infected computer and disconnect it from the network. This is important because an infected computer can potentially take down other computers sharing the same network. While the malicious software itself can be removed, getting your data back is a whole different story.

Because new strains of ransomware are using advanced cryptography, recovering files is pretty much impossible without the necessary key to unencrypt them.

Decide whether or not you are going to pay the ransom. It is really critical that backups are set up in such a way that they are separate from your computer and occur on a regular basis. That way, if you are hit by ransomware, you are able to get data back without paying the ransom.

If you’ve backed up your data on an external drive, you can at least recover the data you lost from the point of the last backup. This would save you from having to take the chance of paying the criminals who locked your computer.

If you decide to risk paying the ransom, you should know that the criminals responsible will likely require you to pay using a virtual currency like Bitcoin over the Tor network, which is a software used to make web browsing anonymous. This means that tracing the thieves is nearly impossible, and if they decide not to release your files, you are pretty much out of luck and money.

Even if the hackers do give you the keys to unlock your encrypted files, there is always a chance they can lock your computer again in the future to demand more payment. Furthermore, by paying, you are also providing additional incentives for criminals to continue building ransomware and making it more effective and helping it become an even bigger problem in the future. Considering the risks, it’s inadvisable to pay the hackers.

Resources:

1 Employee Negligence Biggest Cause of Data Breaches
2 Most Cyber Attacks Due to Trick Emails, Errors, Not Sophisticated Hacking
3 What to do If Your Computer Gets Taken Over by Ransomeware