Riviera Beach Got Hacked : Forced to Pay 600K in Bitcoin

Cyber-attacks are becoming ever more frequent, affecting local business, schools and even cities.

Most recently, it was reported that Riviera Beach had to pay 65 bitcoins, which is the equivalent of $600,000, to hackers after a government employee clicked on a malicious email link three weeks ago.

This was a classic case of ransomware. A hacker uses social engineering to attack unsuspecting people to click on a link or an email attachment. Once they click, malicious software encrypts files, making them inaccessible until the victim pays to get it encrypted, hence the name ransomware. Ransomware, like in the case of Riviera Beach, is delivered through email via links, downloading attachments and in some cases social media messaging. Many Nerds Support partners who receive suspicious emails, send them to our IT and Software experts to analyze and vet to determine whether the email is safe to open or not. This is just one way to prevent a situation like the one in Riviera Beach.

According to a report by The Council of Economic Advisers, malicious cyber activity cost the US economy between $57 billion and $109 billion in 2016 and since then, cyber-attacks have become far more common. Juniper Research, a cyber-security firm, projected cybercriminals will steal an estimated 33 billion records by 2023. Juniper expects more than half of all data breaches globally to occur in the US by 2023 as well.

Having Backups are Key!

The most important thing businesses can do is back-up their data regularly and consistently. Here at Nerds Support, we provide our partners with daily automated back-ups, for example, and filter out potential malicious websites and emails. Also having cyber security measures in place to mitigate the risks is a big step. Training staff in yearly, quarterly, or semi annual trainings is an effective strategy. Should your business suffer a ransomware attack, at the very least you’ll be able to access your important information, mitigating the impact of the attack. As an organization, you can also employ anti-ransomware software to prevent ransomware from successfully launching. Nerds Support has IT engineers along with sophisticated security software, monitoring suspicious activity 24-7 and alert our partners of any potential threats including strange files, email links, or attachments.

 The DOJ reported an average of 4,000 ransomware attacks occurred per day in 2016 with over a billion dollars in ransoms paid. These numbers have increased since. A Beazley Breach Response study revealed, about 70 percent of ransomware attacks in 2018 targeted small businesses with an average ransom demand of over $100,000, the highest demand topping at $8.5 million.

Ransomware is becoming increasingly lucrative because it offers cyber-criminals a low-risk, high reward method for monetizing malware.  The malicious software typically isn’t very complicated because most businesses are underprepared to deal with ransomware anyway, which appeals to even the most amateur cybercriminal. In March, Albany New York, the state capital, admitted being hit with ransomware on a Saturday. There are minimal to no IT staff on Saturday’s. Neither the private nor public sectors are adequately prepared to handle even the most primitive malware attack precisely because IT security has traditionally been a minimal concern, only now are we seeing the damaging consequences of underappreciating it.

Nerds Support is working hard to protect medium and small businesses from experiencing any cyber breach, including ransomware with its dedicated team of engineers and IT professionals.

Contact us today at 305-551-2009 and hacker proof your firm!

How to Protect Your Small or Medium Sized Business from Cyber Attacks

7 Tips to Prevent a Cyber Hack for Small and Medium Sized Businesses

Cyber Attacks Happen Every Day 

Every day there’s a cybercriminal hacking a company. The news is flooded with new victims. Most people turn a blind eye until it happens to them.

Unfortunately, hackers target all types of businesses whether they be big or small. Why? Data is always useful. A mildly knowledgeable hacker can sell any information they obtain to organizations or individuals on the dark web for a good price.

Many leading companies from all over the world were affected by the Wipro data breach, for example.

Even the most loved, trusted, and popular companies in the U.S. have been hacked. From renowned Arizona Beverage Company, to large Fortune 500 financial firms have become victims of cyber-attacks.

Furthermore, every company, no matter the industry, is at risk. From e-commerce, retailers, healthcare manufacturing, financial services, and managed service providers.

Then again, what does that mean for small and medium sized businesses?  How can my business survive?

Some businesses cannot survive the risk of being hacked at any level. The productivity time lost, the employee morale plummets, possible litigation issues, lost revenue and the most valuable asset loss – clients’ trust. Luckily, there are steps that small and medium sized businesses can take when it comes to cyber-security.

1. Employee training 

Most cyber hacks happen because of phishing. Basically a fancy word for an impostor. In Miami, unfortunately, these types of scams are the norm.

One solution is quarterly or biannual IT Security presentations and assessments. Let’s be honest, most employees find this boring but it needs to be done. Better late than never.

2. Evaluate your current cyber security

Taking stock of the current state of your cyber security is imperative. Knowing where your company stands is the best way of knowing what’s lacking.

3. Set Deadlines and Objectives 

Incentivize employees and set a deadline to complete this assessment. Make clear that this is mandatory.

4. Two Factor Authentication and routine password changes 

We recommend password changes every 30 days with specific requirements. If not you could be exposed to various forms of  Social engineering .

5. Look out for common phishing signs such as :

• Grammatical errors, ex. AIIG vs AIG
• Being asked to disclose personal or confidential email
• Unknown company or sender
• Too good to be true, FREE Services / Products
• Check the URL
• Sometimes the sender is someone that you know! Check, Check the URL

6. Updating Software

The software used by your company should be the most recent version. The older the applications, the more susceptible they are to attacks like zero-day vulnerability. A zero-day vulnerability is essentially a flaw in the software or hardware that creates problems before anyone realizes it.

These attacks on zero-day vulnerabilities can lead to stolen information, breached networks and cause serious damage. However, managed IT services companies like Nerds Support automatically install new updates on all hosted apps. This is done to avoid vulnerabilities that arise from neglecting updates. Network security hacks can take a toll on a business and, in the worst of cases, ruin it completely.

7. Be Careful on Social Media 

Yes, social media. Hackers use this to try and guess your password. Example – Most people use their birthday, anniversary, or important events in their password. This is how a lot of celebrities get hacked.

8. Monitoring Systems at all times

A cyber attacker can come from anywhere. A cyber-attack can happen anytime. There is security software available that alerts you to any suspicious activity. Managed service providers assist in delivering additional support in the form of security analysis. This helps track data that indicates an attack is underway. They can also monitor and track around the clock.

9. Record your phone calls 

Sometimes a hacker might call and disguise as an IT tech, colleague, or partner to gather information and target the company. By recording the call you can refer back to the original target. Using a managed IT Services provider, we will secure your information and act as your very own IT team.

10. Partner with the right Managed IT firm 

Ask questions, do your due diligence. A trusted managed IT services provider  should provide references, recommendations and truly understand your needs. Try partnering with a partner that has experience in your industry and has good referrals. We encourage our prospective clients to visit current clients.
Some questions to ask include:

What verticals are you experts on?

• Are your engineers certified? What certifications do they have?

• How long have you been in business ? And do you use what you sell ?

• What is the SLA ? How do you honor it ?

• Can we speak to current clients ?

Make IT a Priority 

Identifying basic security threats is the first initiative when dealing with cyber-attacks. Taking care of your systems is much the same as taking care of your body, it’s mostly about preventing than treating. All businesses regardless of size have sensitive data they acquire from clients, vendors, employees etc. The unfortunate reality is not many businesses take cyber threats seriously.

Wanting to focus on core business goals is natural but doing so at the expense of your business’s security can be negligent. There is a cyber-attack every 39 seconds, according to a Clarke school study at the University of Virginia.

Cybercrime Will Increase Within Five Years 

In the next five years the world will see a rise in cyber-crime. It may become the greatest threat not only to businesses, but to individuals also. Technology will continue to advance, grow, spread and become commonplace. As it takes on a greater role in the way we interact with one another on both a micro and macro scale, there will also be those trying to exploit its weaknesses for profit or benefit

Instead of lamenting the death of the old days, embrace this new reality. Invest in technologies, technology, training and education to get ahead of the curb.

Every generation has its innovators and its criminals. If you cannot stop progress you must learn to thrive in it.

Cyber Attack Statistics

The Cheapest Option for IT is not always the Best

The old saying is true…. You get what you pay for. When it comes to IT Services, oftentimes, the cheaper route is not the answer. Investing in the right team is imperative. One hack and your company can be out of business and never recover. As reported by CNBC , the cost of a cyber-attack is over 20k for a small business and about 63 percent have already been hacked.

With Nerds Support, you get a team full of Microsoft certified engineers that have gone through a vigorous hiring process. We have the procedures in place so you never have to worry about a cyber-hack or data breach, which means Nerd Support does the worrying for you.

Helping small and medium sized businesses with their IT needs is our purpose. As your Miami IT Services partner, we will secure your information and act as your very own IT team.

You deserve the best team there is. Leave it to Nerds Supports to help you increase productivity, secure your information and handle all IT hiccups.

Nerds Support Contact Us Leaderboard

Hacker trying to hack a website

How to Stop a Rogue Employee?

If you have a business, it is very important to take care of your data the best way that you can. This means you have to learn what social engineering is and you have to make sure that you avoid any issues that can appear from it.

Social engineering is a system that allows hackers to gain access to your information by manipulating your employees to offer them access. Social engineering can be detected through a variety of things, such as emotional manipulation, spam emails and so on.

What is a Rogue Employee?

A rogue employee is a typical employees whose seek confidential company information then sell it to hackers and other companies for a profit. While they technically work for you, they promised someone else that they would give them access to your data. However, rouge employees do not generally start out bad. They begin their tenue as happy employees, but overtime, employees go rouge because they find that the company information they carry is very valuable to other companies.

There are many rogue employees out there. Sure, it may not seem like it, but when your data starts leaking and you did not have any outside interference, it is clear that there is a rogue employee in your business.

Why do employees go rogue?

Most rogue employees tend to be like that because they want more money fast. Maybe they do not like their current salary or they are just looking for a quick payday. Things like this are very important to identify early on. If you do not do that, you can end up handling a major issue that will only grow bigger if it is not managed in a meaningful and professional way. Some rogue employees also believe that they can start their own business with the information that they get from you. There are multiple factors to consider, and each one comes with its own relevant stuff.

How can you combat a rogue employee?

First, you need to be very strict when it comes to sharing sensitive data to employees. Give access only to people that are supposed to have that information and make sure they do not share it with anyone else. The social hackers are always attacking you, so you might as well limit access. In addition, using encrypted solutions and security cameras will also help pinpoint any type of intrusions like that. This is why using business technology solutions can be a very good idea. It does wonders if you use such a system wisely, and you might as well want to do that right away.

However, the best way to fight a rouge employee is by having a reliable IT support team constantly monitoring your company activity. Nerds Support’s data protection services keep companies across South Florida secure. Our highly monitored data centers make it possible for our data team to see the activity going on in your servers and to notify you of suspicious activity immediately.

There will always be rogue employees, which is why you need to pay a lot of attention to the employee behavior and other similar factors. As long as you know how and when to tackle and manage all these things, nothing can stand in your way. Of course, it will be a very challenging thing to do. However, it will surely be worth it so you might as well want to do that if possible!