There is no downtime when it comes to information security. Cyberattacks can occur any day of the week, at any time, and any place. Cybercriminals don’t discriminate on the type of business or its size as Oregon’s Lewis Audio and Video discovered over the weekend.
News station KGW reported the audio and video business was rendered helpless when ransomware; a type of malware that infects files, encrypting and restricting their access until a ransom is paid, disabled the company’s ability to operate. It (ransomware) “brought us to our knees,” states owner Dennis Lewis in a KGW interview. The cyberattack on Lewis Audio and Video demonstrates the growing trend of hackers targeting small to medium-sized businesses, many concentrated in the Portland area.
Lewis believes that the incident occurred when a new computer infected with malware was put online. The business received a notification that their systems had been compromised and their data was being held hostage. Other companies have experienced similar exploitations in the form of a Crypto type attack as described in this previous KATU article.
John Stephens, managing partner at Luminant Digital Security, explains to KGW “that ransomware has been around for years and typically we’ll see infections with ransomware originate when somebody clicks on a link. That link could be found on a website or in a phishing email.” Considering that attacks can originate from anywhere in the world regardless of geographical boundaries, it is critical that IT professionals or outsourced IT firms are security centric and partner with experienced digital security experts to administer preventative actions such as vulnerability scans or back-up procedures and protocol. “The key is really prevention and preparation,” says Stephens.
Every day more and more organizations find themselves victims of cybercrime. There are measures that can be implemented to defend your business. First, don’t possess a naive mentality, assuming your business is immune to a data breach. Second, acknowledge and understand that preventative tactics can be deployed to mitigate risk, but there is no fail-safe guarantee your company won’t be targeted. However you can greatly reduce the likelihood by alleviating your exposure to threats through proactively seeking out an external security specialist, such as Luminant, to educate, anticipate, and remediate potentially harmful security flaws. Lastly, ensure that your IT professional (whether outsourced or internal) is proficient in security protocol and prioritizes its importance by partnering with an outside digital security authority.