by myCREcloud | Jul 1, 2021 | Uncategorized
Ransomware infiltrates a user’s PC or mobile device using malicious software that is most commonly installed unintentionally after clicking a link in an email that’s posed as something else. Once it is installed, the software prevents users from accessing their files and demands a sum of money to unencrypt the data. The latest advancements in ransomware introduces a more serious threat for modern businesses, encouraging businesses to take stronger security precautions.
How does ransomware get to your devices or the cloud?
Ransomware is delivered in a wide variety of ways. It can be transferred through:
- Javascript exploits
- Microsoft Office macros
- PDF exploits
- Linus malware
- Backdoors
- Emails
Ransomware uses social engineering to bypass layers of security and once it infects one computer, it can easily spread to every device on the same network (and cloud) via automatic syncing. 1 in 10 companies has some form of malware in their storage – making a strong case for programs that auto-detect malware and recover before malware can spread.
The most common ransomware strains
- Bad Rabbit
- Cryptolocker
- GoldenEye
- Jigsaw
- Locky
- Maze
- NotPetya
- Petya
- Ryuk
- Wannacry
How Do I Prevent Ransomware?
Prevention is the best tool to protecting your devices and business from ransomware. Recommendations include:
- Keeping software up-to-date
- Using unique passwords for your online sign-ins
- Reducing the accessibility of cloud applications to only those who need them
- Reporting suspicious activity
- If you are unsure – take it slow and confirm with a colleague!
- Use two-factor authentication
by myCREcloud | Apr 27, 2021 | Uncategorized
As cybercrime becomes more sophisticated, companies find their security systems are no match for modern threats and attacks. Sometimes simple human error can leave a company exposed. This not only damages user trust, but all companies, from small firms to corporations – can suffer severe financial and reputational loss.
A key security factor to consider is the increasing number of devices that are continuously connected to data. As your organization’s web of employees, customers, and vendors increases, so do expectations of instant accessibility. Unanticipated cyber threats can come from hostile powers, competitors, organized hackers, people working within your organization, or third-party vendors. Cybersecurity policies are becoming increasingly crucial as mandatory disclosure of cybersecurity incidents and data breaches continues to grow. These factors highlight the importance of providing extra layers of security from social media accounts to business and financial applications. What’s a cost-effective and wide-reaching solution? Two-factor authentication.
Enter Two-Factor Authentication
Two-factor authentication was created to give the user an extra layer of security to keep prying eyes out of your accounts and data. With this type of security, there is an extra step of verification to ensure that you are the only one who can access your account, even if someone else has your credentials.
When you sign into a device for the first time, you’ll need to provide two pieces of information—your password and the verification code that’s automatically displayed on your trusted device or sent to your phone number. A verification code is a temporary code sent to your device or phone number when you sign in with a new device or browser. Two-factor authentication takes your security to the next level, but there are a few steps you need to take to make sure it works as planned:
- Keep a record of your sign-in credentials
- Ensure that your devices are all password-protected
- Keep your phone number up-to-date
- Notify all key contacts/accounts if your devices have been physically or digitally compromised
Plan for the future and prevent online security breaches with two-factor authentication, employee training, and staying up-to-date with technological advances.
What should I do if I think I’ve been compromised?
Immediately contact us at (833) 982-1020 and any other providers that the breach is related to. Gather as much information about the accounts or data you think has been compromised as possible.
