Author: Stuart Crawford

This Ransomware Survival Guide will help your employees master the skills to prevent downloading or linking to malicious ransomware threats.

It will help them recognize phishing emails, malicious links and what to do when they find them. It will help you protect your organization and:

• Prevent ransomware attacks.
• Ensure your employees can continue working after an attack.
• Store your data securely, so it’s safeguarded from ransomware threats.

You’ve surely seen the results of ransomware attacks in the news. These attacks are escalating, sophisticated and often successful. Ransomware attacks are increasing, and so are the ransoms to recover your data and get your network back up and running.

“Ransomware is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network. On average, more than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300-percent increase over the approximately 1,000 attacks per day seen in 2015. There are very effective prevention and response actions that can significantly mitigate the risk posed to your organization.”⁵

If you think your small or mid-sized business won’t be attacked, you’re wrong. Hackers target organizations like yours because most aren’t armed to defend against ransomware attacks. It’s essential that you and your employees are educated and prepared to prevent becoming a victim of ransomware attack.

This Ransomware Survival Guide will arm you with the facts you need to defend against an attack.

Topics

• WHAT IS RANSOMWARE?
• TYPES OF RANSOMWARE
• HOW RANSOMWARE IS DELIVERED
• WHAT TO DO IF YOUR FILES ARE ENCRYPTED
• HOW TO PROTECT YOUR BUSINESS FROM A RANSOMWARE ATTACK
• THE RIGHT KIND OF BACKUP SOLUTION – HOW TO PROTECT YOUR DATA
• WHAT ELSE YOU CAN DO TO DEFEND AGAINST A RANSOMWARE ATTACK
• ADDITIONAL TECHNICAL DEFENSES YOUR MSP CAN DEPLOY

WHAT IS RANSOMWARE?

Ransomware comes in many different forms. It’s a type of malware that prohibits access to your computer devices unless you pay a ransom. Ransomware malware encrypts your data so you can’t use it. Once it does, it can travel throughout your network and encrypt other mapped and unmapped drives and bring your organization’s productivity to a halt.

You’ll know that ransomware has entered your computer because the hackers display a screen or webpage explaining how much you should pay to unlock your files (the ransom payment). These typically run in the $300-$500 range, but today some organizations are paying upwards of $1,000 per computer.

To avoid being caught by the FBI, the criminals demand that you pay the ransom with a form of cryptocurrency like Bitcoin. Once your payment is verified, the hackers may send you decryption software to unlock your files. (Sometimes they don’t.)

With over 2,900 new forms of malware being reported, it’s hard to keep up with them all.  The FBI urges business owners and individuals not to pay the ransom. However, if you do decide to pay, there is a chance that you still will not get your files back. ⁴

According to the FBI, businesses paid “more than $209 million in ransom payments” in the first three months of 2016 compared to $25 million in all of 2015.” ³ And they’ve established a pattern of attacking not only businesses (large and small) but:

• Hospitals
• Police stations
• Schools

TYPES OF RANSOMWARE

Encrypting Ransomware

This is the most common type of ransomware. It encrypts your files and demands payment, typically in the form of Bitcoin to send you a decryption key.

Leakware (also called Doxware)

This is an upgraded version of encryption ransomware where the criminal threatens to release your confidential data on the web. This has the potential to create financial and data loss, and expose your trade secrets, source codes, and other confidential information. It typically causes reputational damage.

Mobile Ransomware

Ransomware is no longer constrained to desktop computers. Mobile ransomware is malware that steals sensitive data or locks a mobile device permanently and then demands payment before unlocking it. The incidence of mobile ransomware is increasing rapidly.

Wiper

This is a new form of ransomware that encrypts your system and completely deletes all of your data. Its motive is to erase your data, but it will still display a message asking for a ransom payment.  NotPetya, first discovered in 2016, was wiper ransomware.

Locky

If your computers are infected by Locky, it will rename all of your important files and prevent you from opening them.  It does this by encrypting files with the extension locky. You must purchase the decryption key to retrieve your files. To do this, you have to go to the Dark Web and pay $400+ in Bitcoin.

Cryptolocker

CryptoLocker infects computers that run Microsoft Windows. Like other forms of ransomware, you must pay the hackers to decrypt and recover your files.  CryptoLocker spreads via fake phishing emails designed to mimic the look of those from legitimate businesses.

Cerber

This ransomware encrypts your files using Advanced Encryption Standard (AES) encryption. It demands a ransom of .059 Bitcoins (worth $500) and communicates via a text-to-speech voice message, a recording, a web page, or a plain text document. You can’t decrypt files unless you pay the ransom.

Ransom32

Ransom32 is a “ransomware-as-a-service” that lets criminals create their own type of ransomware.  It uses JavaScript and can target computers that run Windows, Mac OS X, and Linux.

FakeBsod

FakeBsod locks your web browser.  It tells you to go to a particular webpage (that contains the ransomware). The message says to “contact Microsoft technicians” about an “Error 333 Registry Failure of the operating system – Host: Blue screen Error 0x0000000CE”. When you call the phone number, you’ll be asked to pay a fee to fix the problem.

Non-Encrypting Ransomware

This type of ransomware doesn’t encrypt files. Instead, it blocks access to them and shows frustrating messages when you attempt to access them.

Here’s what the FBI tells us about ransomware: “The FBI and our federal, international, and private sector partners have taken proactive steps to neutralize some of the more significant ransomware scams through law enforcement actions against major botnets that facilitated the distribution and operation of ransomware.” ¹

The FBI wants you to contact them if you’ve been victimized by ransomware or other forms of cyber fraud. You can do this via the FBI’s Internet Crime Complaint Center.

HOW RANSOMWARE IS DELIVERED

Hackers primarily use the following attack vectors to infect computers: phishing emails, unpatched programs, compromised websites, poisoned online advertising and free software downloads. The infection begins when you or one of your employees opens an email attachment that contains ransomware. Once they do, the malicious virus automatically installs itself on the computer and encrypts all the files.  If the computer is linked to others on your network, additional computers can be infected as well.

Phishing Emails

People are the weakest link in security because we’re trusting by nature. Cybercriminals send emails disguised as legitimate messages, hoping to entice the user to open an infected attachment or click a link that takes them to an infected website. Known as phishing, this tactic is highly effective. According to the Verizon 2017 Data Breach Investigation Report, phishing attacks continue to rise and 43% of all breaches they studied utilized phishing.⁶

Opening a phishing email isn’t enough to get a user infected with ransomware. Users must open the infected attachment or click the link that takes them to a compromised website.

This is the most common scenario. You’ll receive a realistic-looking email with a link or attachment that contains the ransomware. Hackers will often send a number of these links or attachments to hide the one with the malware. Once it’s clicked, the malicious software loads itself and the ransomware infection spreads throughout your files, locking them until you pay the ransom.

Drive-by-Downloads

If you unknowingly visit a realistic-looking website containing ransomware, it can load itself onto your computer. If you use an old browser, out-of-date software, or third-party applications, you’ll be more vulnerable. A hacker can detect a vulnerability and exploit it.

When a software vendor discovers this, they’ll release a patch to repair the issue, but by this time the criminal has already done their dirty work. Examples include unpatched versions of Adobe Flash, a bug in Java, an old web browser, or an unpatched operating system. Cybercriminals can automatically install ransomware when compromised websites are visited.

Free Software  

Many people download free software.  Some forms are legitimate, but others contain ransomware.  They are especially prominent in broken versions of expensive games, free games, porn content, screensavers, or bogus software. By convincing the user that they should download the software, hackers can get past firewalls and email filters. You might not even know that they’ve done this until the ransomware activates weeks later.

WHAT TO DO IF YOUR FILES ARE ENCRYPTED

Tell your employees to let you know if they experience the following:   

• They can’t open their files, or they get error messages saying a file is corrupted or contains the wrong extension.
• A window pops up with a ransomware program that they can’t close. This window may contain a message about paying a ransom to unlock files.
• A message says that a countdown has started for a ransom to decrypt files and that it will increase over time.
• They see files in their directories with names like “How to decrypt files.txt or decrypt_instructions.html.”

If you believe one or more computers has been infected, try these:

• Unplug the infected computer from your network. You may also need to turn off all network access for all your computers until you know the virus is contained.
• Set your Basic Input Output System (BIOS) time back if the ransomware has started a countdown. This will hopefully give you more time to recover your critical files and try to eliminate the malware. You can access your BIOS time through the BIOS Setup Utility on your computer.
• Restore your files from your last backup. This is why it’s important to regularly backup your files to an enterprise-cloud solution. Make sure your most recent backup wasn’t infected.
• You can use a disaster recovery as a service (DRaaS)

HOW TO PROTECT YOUR BUSINESS FROM A RANSOMWARE ATTACK

One of the most important things you can do is to have your IT Managed Services Provider deploy remote monitoring of your IT environment and implement a business continuity plan (BCP) and Disaster Recovery Plan (DR) in advance of an attack. Cybersecurity is all about your IT defense controls. If you can detect and block a potential infection, this is always the best defense. If you are infected, you’ll be able to continue working if you have a proper BCP in effect.

Make sure your most recent backup wasn’t infected. If you use a disaster recovery as a service (DRaaS) solution, you can do this. You can quickly “spin up” the DR image on your computer in a self-contained virtual machine (VM), so you can inspect the DR image without exposing it to your entire network.

As mentioned previously, alert the FBI.  Don’t pay the ransom. This is a mistake because you still may not get your files back and the criminals may continue to extort money from you.  

THE RIGHT KIND OF BACKUP SOLUTION – HOW TO PROTECT YOUR DATA

As mentioned above, you’ll need this if your computer files get infected with ransomware or other forms of malware. Not all backup solutions are the same, especially when it comes to ransomware.

Your business requires an enterprise-grade version of a cloud backup solution. The limits of consumer backup solutions will reduce your ability to recover from a ransomware attack.  

Many consumer-grade backup solutions save a limited history of files. When your files get infected, you’ll only have a recent backup that is probably infected as well.  So, you won’t be able to restore your files.

The right enterprise-grade cloud backup solution will copy a complete version history of your data. Because you might not know that your files are infected until possibly weeks later, you can go back to a version before the infection occurred and restore your files if you use an enterprise-grade cloud solution.

Talk to your IT Managed Services Provider about this. They can help you use the cloud backup solution that’s best for your business.     

WHAT ELSE YOU CAN DO TO DEFEND AGAINST A RANSOMWARE ATTACK 

The good news is that there are best practices you can adopt to protect your business. Your IT Managed Services Provider can help you with these.

1. Implement an awareness and training program. Because end users are targets, employees should be aware of the threat of ransomware and how it is delivered.
2. Enable strong spam filters to prevent phishing emails (an attempt to obtain sensitive information electronically) from reaching employees and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
3. Scan all incoming and outgoing emails to detect threats and filter executable files (used to perform computer functions) from reaching employees.
4. Configure firewalls to block access to known malicious IP addresses.
5. Patch operating systems, software, and firmware on devices. Consider using a centralized patch management system.
6. Set anti-virus and anti-malware programs to conduct regular scans automatically.
7. Manage the use of privileged accounts based on the principle of least privilege: no employees should be assigned administrative access unless absolutely needed and those with a need for administrator accounts should only use them when necessary.
8. Configure access controls—including file, directory, and network share permissions with least privilege in mind. If an employee only needs to read specific files, the employee should not have write access to those files, directories, or shares.
9. Disable macro scripts (toolbar buttons and keyboard shortcut) from office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full office suite applications.
10. Implement Software Restriction Policies (SRP)s or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs including the AppData/LocalAppData folder.
11. Consider disabling Remote Desktop Protocol (RDP) if it is not being used.
12. Use application whitelisting, which only allows systems to execute programs known and permitted by security policies.
13. Execute operating system environments or specific programs in a virtualized environment.
14. Categorize data based on organizational value and implement physical and logical separation of networks and data for different organizational units. ²

Your IT MSP Can Provide Security Awareness Training for Your Employees.

Even if you use all the right technology solutions to safeguard your business data, your employees can still click on malicious links or visit websites containing ransomware.  Cybersecurity Awareness Training should be conducted regularly as ransomware changes and is a moving target. All new employees should undergo this training, and it should be repeated once a year.

The FBI, U.S. Computer Emergency Readiness Team, and the Federal Financial Institutions Examination Council have put out guidance and best practices on how to help protect your systems from this growing threat.

Some of the basic defenses against ransomware include:

• Educating all staff on the risks and how to use email and the web safely;
• Making sure to regularly back up critical systems and data;
• Maintaining up-to-date firewalls and anti-malware systems and protections;
• Limiting the ability of users or IT systems to write onto servers or other systems;
• Having a robust patch-management program;
• Using web- and email-protection systems and software; and
• Removing any device suspected of being infected from your systems.

ADDITIONAL TECHNICAL DEFENSES YOUR MSP CAN DEPLOY

Encrypt Your Data

If you have systems where users enter credentials, ensure this data is encrypted.

Multi-Factor Authentication

Require multi-factor authentication for all remote access to sites where your users must log in.

Block Websites

Ask your MSP to block “unrated” sites. This will reduce your exposure to ransomware.

Restrict IP Addresses

Ask your MSP to block outbound traffic that you have no business with, such as hacker-havens in Eastern Europe, Russia, etc.

Threat Detection & Alerts  

Have a system for early detection and confirmation. In today’s threat environment, signature-based detection is not enough. Organizations that employ detection tactics experience improved speed and accuracy of response to ransomware threats.

Restrict Dangerous Software

Employ software “whitelisting” policies to block execution from suspicious \ProgramData and \Users.

Make Sure System Restoration Solutions Are Available Offline. This includes your backup software and license keys. Your MSP should refresh your backup tools every quarter.

Test Data Restores Offsite Every 3 Months. Make sure you can restore your systems from scratch.

Ask Your MSP To Make Sure Monitoring And Alerting Solutions Are Working.  Log the right events on your perimeter devices, as well as on all your servers. This way your MSP will have the information you need to respond effectively.

Conduct Regular Penetration Tests.  This is performed by simulating malicious ransomware and other attacks from your organization’s internal and external users.

The increased incidence and rapid evolution of ransomware have raised concerns and stakes for both small and large businesses. Of everything we’ve discussed here, the two most important things to do to protect your business are to use a solid, enterprise-grade cloud backup solution and to provide professional Security Awareness Training for your employees.

In any case, your IT Managed Services Provider is your best friend. They’ll help you fight and prevent ransomware and cybercrime of all kinds. Don’t wait to contact them.

References:

1. https://www.fbi.gov/news/stories/ransomware-on-the-rise
2. https://www.sba.gov/blogs/14-tips-protect-your-business-ransomware-attacks
3. https://www.ncua.gov/newsroom/Pages/ncua-report/2016/october/ransomware-serious-growing-threat.aspx
4. https://www.fbi.gov/audio-repository/news-podcasts-thisweek-ransomware-on-the-rise.mp3/view
5. https://www.justice.gov/criminal-ccips/file/872771/download
6. https://www.verizondigitalmedia.com/blog/2017/07/2017-verizon-data-breach-investigations-report/

With the increase and diversification of consumer goods in the world today, there is a constant need for more manufacturing firms. Most manufacturing firms work around the clock and still can’t meet the needs of their customers. These companies play a big role in ensuring that the desires of consumers are met. Because of the urgent nature of manufacturing products, many manufacturers face numerous challenges.

These include:

Evolving consumer needs

Consumer’s tastes and needs are constantly evolving. Consumer needs are affected by factors such as the entertainment industry, the latest fashion trends, the weather, and even the environment in which the consumer lives. Manufacturing firms must constantly be scrambling to meet the ever-changing needs of consumers. This can be a daunting task. For most companies, it’s time-consuming and expensive to change the manufacturing process. Changes in consumer needs can either be systemic or abrupt. While systemic changes are predictable and somewhat easier to deal with, changes which occur abruptly pose the greatest challenge to manufacturing firms. Firms are forced to make unexpected modifications to their products and the process of production.

Technological changes

Like consumer needs, technology is constantly changing. Changes in technology are viewed positively in most circumstances. New technology can make doing certain jobs simpler while improving accuracy. Machines can now do the work of dozens of humans, reducing the number of people employed.

Technology, however, may have adverse effects on businesses in various ways. First of all, with technology comes the risk of cybercrime. Cyber-attacks are a constant threat that manufacturing firms have to be aware of. These attacks can have negative effects on the firm, including revealing their trade secrets or exposing their client list. This, in turn, can result in a loss of revenue and the company may be at a disadvantage in the marketplace.

Another problem associated with technology is the rate at which technology changes. Today, you may have the most modern equipment available, but all that could change with some new invention. Keeping up with changing technology in the world of manufacturing can be an expensive affair. Sometimes equipment can be modified and sometimes it must be replaced. This means that a manufacturing company must constantly be on the outlook for new and advanced technology and must have both the willingness and the money to purchase or upgrade their machinery. This can be costly.

Compliance with rules and regulations

Without a doubt, the manufacturing industry is one of the most regulated industries in any given country. Most governments exercise a lot of power in this area because of the effects that these firms’ products can have on consumers. Some rules and regulations affecting manufacturing firms include taxation, standardization rules, and consumer protection regulations. Manufacturing firms are also required to ensure that their premises are safe for workers. Accidents in large, busy manufacturing plants are common, but they do slow down the workflow. In some cases, the plant can be fined for not following the set human safety standards. Most of the time, compliance with these regulations is costly.

Competition

This has been a common problem for firms since time immemorial. Growth in the number of manufacturing firms is bound to increase competition. Competition in the world today, however, is not the same as in days past. With the fast adoption of the World Wide Web, it has become increasingly easier for competitors to market their products in a global marketplace. Manufacturing firms in China, for example, are extremely hard to beat on their prices and turnaround times. The Chinese do not have wage or safety laws. They can work their people around the clock and many do. Competitors in the United States will have a hard time matching the low prices of Chinese manufacturers. In the US, companies must observe OHSA safety laws and they must pay workers a minimum wage. This has led to most companies going overseas for their products and manufacturing needs.

Lack of adequately skilled personnel

One of the biggest problems faced by employers in the world today is the number of baby boomers attaining retirement age. Upon retiring, baby boomers leave a vacuum in the field, having taken their numerous years of experience with them. People taking over from the baby boomers, on the other hand, are not adequately prepared or skilled enough to fill in the gap left. Firms are thus spending a lot of money training the new workforce.

Inflation

Money is generally hard to come by for most people in the world today. Poor economic policies and poor implementation of sound economic rules has caused a rise in inflation rates over the years. When there is an improvement, it is usually by a rather small margin, which does not make much of an impact in the lives of most people. Manufacturing firms are hard hit by inflation. Firstly, the cost of raw materials that they depend on is likely to rise as a result of inflation. The cost of production, generally, also rises. This means a rise in the cost of the finished product. But because inflation affects everyone, consumers may not have enough money to purchase these higher priced items. Consumers can now surf the web and find cheaper products from all over the world.

Final thoughts

Manufacturing firms play a big role in every country’s economy. They ensure that there is always a supply to meet the growing demand. However, the problems they face each year make their work much more challenging. Juggling all the various components required for success can leave some manufacturers out in the cold.

The government, as well as other stakeholders and interested parties, have emphasized the importance of following the laws and regulations on cyber security. With the ever-growing increase in cyber security threats, these regulations have become imperative.

All organizations, both large and small, must ensure they take the necessary steps to prevent, reduce the risk, and mitigate the effects of cybercrime. The terms ‘risk analysis’ and ‘gap analysis’ are used often when considering appropriate steps to take to ensure cyber security. An analysis of the definition and impact of these terms is therefore important to understand their difference and applicability.

Definitions

It is currently a legal requirement, pursuant to the Health Insurance Portability and Accountability Act (HIPAA) and the accompanying Privacy, Security, and Breach Notification Rules that cover entities and their business associates to protect electronic health information. These institutions are required to put in place appropriate measures to ensure the security of this information.

Risk analysis, as the name suggests, consists of steps taken to analyze the risks that an organization or an industry faces. In terms of cyber security, risk analysis is composed of researching and discovering the risks associated with a particular organization or industry; for instance manufacturing firms. After discovering the specific risks, the person conducting the analysis looks at the level of exposure. In this regard, the person will examine the likelihood of each specific risk affecting the organization and grade them in ascending order, from the most serious threat to the least serious. The aim of risk analysis in this regard is to make users aware of the greatest risks they face. The ultimate goal of risk analysis is to empower organizations at risk to protect themselves from cyber theft with the goal of reducing risks to a reasonable and appropriate level.

Gap analysis, on the other hand, takes place mostly after risk analysis has been conducted.  The aim of gap analysis is to determine the level of preparedness and protection that an organization has in place. This piece of information is then analyzed so as to reveal whether adequate steps have been taken to completely protect these organizations from cyber-crimes. Gap analysis is thus geared towards discovering the shortfalls of the procedures in place. This gives the organization a picture of where they’re at in terms of best practices. They can then take steps to adopt better procedures.

Requirements for risk analysis

Risk analysis, while required by the rules, does not have to be conducted using any specific method. This means that those affected are at liberty to choose whatever techniques they deem appropriate. Whatever the method, risk analysis must consider all the potential dangers that electronically protected health information (ePHIL) might be exposed to.

Entities are required to identify all the locations and information systems where the data to be protected was created, received, maintained and even transmitted. This list takes into consideration the mobile devices, electronic media, and communications equipment. The risk analysis system is also required to identify and to document potential threats and vulnerabilities.

The next step to be taken by the risk analysis is to access the current security measures that have been put in place by the organization. In so doing, the firm is required to document how effective the firm’s current controls are. This is to be followed by an assessment of the current risks facing the firm or the organization. This will enable the entity to gauge which risk is greatest and to what extent the entity is protected against the risk. The firm conducting the risk analysis should then document these findings. This provision is not a requirement under the security rules. However, for future reference, it is important the information obtained from the risk analysis be documented. Finally, the entity should ensure that it conducts frequent periodic reviews and updates.

Conducting gap analysis

Gap analysis is not a requirement under the HIPAA rules. Entities, however, are advised to conduct periodic gap analysis as a follow-up to the risk analysis or at the same time with the risk analysis. Gap analysis, if well conducted, enables the entity to discover the extent to which the protective measures it has undertaken are effective. Having explained the difference between gap analysis and risk analysis, it is important to note that while gap analysis is critical for proper protection, conducting a gap analysis does not satisfy all requirements under the security rules. Organizations are required to conduct a risk analysis, but a gap analysis can provide helpful information.

Final thoughts

In this day and time, an organization can’t be too careful with their data, especially those who hold sensitive health information for patients. The news laws include serious penalties for those who are not careful enough. In addition, patient confidence can be diminished when an organization is careless with handling health records.

A critical skill that an aspiring lawyer must possess is commercial awareness. One particularly important aspect is to demonstrate a comprehensive understanding of the market in which these law firms work. At the end of the day, any firm is just a business like all the others and therefore, it should react similarly to the changes made in the industry.

A law firm should capitalize on new opportunities that pop up while also working on overcoming the obstacles so that it can stay ahead of other law firms. The year 2018 brings about a new set of challenges that law firms should work on if they wish to thrive in this globally competitive sector. Below, we cover three of the major issues that law firms will be facing this year:

Cybersecurity

Cybersecurity is becoming a big issue, and hackers have started to target an increasing number of institutions. For instance, there was a ransomware hack back in 2017 that threatened numerous organizations in more than 150 countries across the globe.

Hackers target law firms since they possess exceptionally confidential and valuable information that hackers can use for monetary purposes. Sensitive information that law firms possess include patents, bank information, trade secrets, and in some cases, government secrets as well. One key task for law firms is to make sure that the client’s data is protected at all times. However, with the increasing number of threats, as well as the complexity of the attacks, security has become a great challenge.

Failure to protect the data adequately can cause two major problems. Firstly, law firms can face claims of negligence and claimants can argue that law firms are negligent about taking care of data. They can also argue that law firms have breached the contract that stated they would carry out services with reasonable care and skillfulness.

Secondly, when looking from an economic and business perspective, it can undermine the reputation of the firm.

The solution to this challenge is to choose only top-of-the-line security. This year, firms should make security their top priority. An attorney must make sure that the firm itself, as well as third-party vendors, adhere to advanced industry standards to guarantee that a secure environment is maintained. They should follow practices such as conducting training with users regarding best security practices, never storing data on personal devices, and multi-factor authentication.

Incorporating technology

Technology also plays a big factor in determining how employees work in law firms. Due to technological advancements, efficiency has increased such that the time lawyers spend on a task is reduced.

While technology that enables lawyers to become more productive has been evolving for a number of years, the underlying problem is that firms usually have many people working for them that may not be well-trained. This failure has led to data breaches and ransomware attacks when employees take certain actions that allow cyber thieves inside. Training for all employees must be ongoing. People get busy and forget, then make careless mistakes. Monthly training sessions can raise awareness.

Though some security solutions promote unrealistic and lofty expectations, simple monthly training has proven to be very effective.  Human error is most often the reason why a law firm’s network is infected with a virus or worm.

The easy solution for this problem is mandatory monthly security training. People can be readily taught exactly what to look for in emails. A security professional can explain how phishing scams work. Better informed employees are far less likely to click on a suspicious link that downloads a deadly ransomware attack.

Helping users accept change

Implementing change is difficult because humans are just naturally resistant to change. Research suggests that 70% of initiatives taken for organizational change do not achieve their target. While there are numerous factors that can be blamed for this failure, employee resistance is the biggest one, contributing to 39%. While change is often not welcome, it is definitely possible. Employees must understand the reason for these changes. They must fully grasp the cost of one single breach.

Employees once resisted new technology as well, but today, people seem to enjoy learning about all the new robotic gadgets being invented. Users of new technology or changes to security should be fully involved from the beginning. The key is to keep it simple. The management is responsible for communicating their expectations and explaining to the staff why the change is critical.

Once employees understand why new security measures have been put in place, they should be fully on-board. After all, if a law firm experiences a huge breach that costs millions, it will affect everyone that works at the firm. Jobs could be lost, along with damage to the firm’s reputation.

Each year brings new challenges with it. Though new technology is often viewed with some trepidation, the end result is that law firms will be able to get more done with fewer resources. This can improve the bottom line and help a firm move ahead of the competition. Whether you’re dealing with new security challenges or a new content management system, face the challenge head-on.

What Is It?  What Do We Need To Know?  What Should We Do?

First step:  Watch our training session on GDPR – Click Here

If you don’t know what the GDPR is, and if you’re not ready for it, you’re going to get caught short because this is a legal deadline and it’s coming up fast. The General Data Protection Regulation goes into effect May 25, 2018.  It’s a privacy law that the European Union is enforcing to protect the personal data businesses collect. Even if your business is outside of the EU, you must comply.

What is the GDPR?

The GDPR affects all internet business worldwide. It’s a very complex law, so we can’t explain everything here. We’ve provided some resources below that you should check out.  Keep in mind that there are many gray areas where this law is concerned. So, you should do some research to determine how the law affects your organization’s unique situation.

The GDPR is an internet privacy law. All businesses, small or large, and even entrepreneurs who do business on the Internet with consumers located in the European Union need to be aware of how the law affects them.

It doesn’t matter if your company is inside the EU, or anywhere else in the world– If you do business with anyone in the following countries, you must comply with this new law by May 25th:

1. Austria
2. Belgium
3. Bulgaria
4. Croatia
5. Cyprus
6. Czech Republic
7. Denmark
8. Estonia
9. Finland
10. France
11. Germany
12. Greece
13. Hungary
14. Ireland
15. Italy
16. Latvia
17. Lithuania
18. Luxembourg
19. Malta
20. Netherlands
21. Poland
22. Portugal
23. Romania
24. Slovakia
25. Slovenia
26. Spain
27. Sweden
28. United Kingdom

The GDPR is a consumer data protection law. It ensures that individuals can:

• Access their personal data.
• Export their personal data.
• Correct errors in their personal data.
• Object to the processing of their personal data.
• Erase their personal data.

The GDPR applies to the acquisition, processing, and storage of personal data – from initial gathering to final deletion of this data and every point in between. It applies specifically to personal data and anything that pertains to identifiable data such as:

• Names
• Email Addresses
• Physical Addresses
• Phone Numbers
• Birthdate
• Age
• Sex
• Race
• ID Numbers
• Nationality
• Citizenship
• Marital Status
• Family Data
• Health Data
• Physical Characteristics
• Profile Pictures
• Occupation
• Employment History
• Income
• IP Addresses
• Cookies
• (and more)

This could be information you collect automatically from Google, an opt-in, or other collection methods online – anything that would identify an individual.

How Will The GDPR Affect My Business?

If your business has a website or an email list, you may be affected.

The GDPR affects any business relationship or transaction whether commercial or free where one or more of the entities are in the European Union. It’s not based on citizenship, rather location.  Any business within the EU must comply with the GDPR across its entire audience. If your business is in any of the 28 European Union Member States, you must comply with the law if you conduct a transaction with anyone located anywhere. If your business is located in the U.S. and you collect data about any business or person in the EU, you must comply with the GDPR.

How Should We Prepare For The GDPR?

There are three requirements you must meet before May 25th.

Controls and Notifications

• Protect personal data using appropriate security.
• Notify authorities of personal data breaches.
• Obtain appropriate consents for processing data.
• Keep records detailing data processing.

Transparent Policies

• Provide clear notice of data collection.
• Outline processing purposes and use cases.
• Define data retention and deletion policies.

IT and Training

• Train privacy personnel and employees.
• Audit and update data policies.
• Employ a Data Protection Officer (if required).
• Create and manage compliant vendor contracts.

Some Examples

Before the GDPR:

Let’s say you offer a whitepaper or free video to people online. Before the GDPR, your prospect provided their information, you gave them the freebie, and the consent was assumed because they accepted your gift.  Pretty easy, right?

After the GDPR:

You can no longer assume that their consent is given if they accept your gift. Now you must specifically obtain their consent. It must be given freely, specifically, and be unambiguous. Nor can you require them to give their consent to receive the gift.

Note: This new standard applies to all of your existing lists. Beginning May 25th, you can no longer send marketing emails to anyone who hasn’t given their precise consent for you to keep their personal information.  Plus, you cannot go back and ask them for their consent. You’ll need a stand-alone system to do this.

What Can We Do To Comply With These Strict Rules?

This is important. You must do this BEFORE May 25, 2018.

Compliance/Preservation

Step 1. Segment your email mailing lists into two parts.

• Non-EU subscribers
• EU-based subscribers and any unknowns

You want to continue to build goodwill with your Non-EU contacts so reach out to them as you would have before.  The EU-based and unknowns you’ll need to re-engage with. Here’s what we mean:

Step 2. Re-engage EU-based and Unknowns.

• Before emailing them, add additional value and content to your website.
• Then send them a link to your website and request their specific consent to keep their personal information.
• Set up a system to migrate those who give consent over to it.
• On May 24, 2018, you must delete anyone in this group who hasn’t consented. 

Remember, storing and deleting their information is considered processing. That’s why you must do this BEFORE May 25th.

Breach Notification Requirements

The 2018 GDPR replaces the old Data Protection Directive of 1995. The most recent GDPR breach notification requirement was enacted in April 2016.  It set a higher compliance standard for data inventory, and a defined risk management process and mandatory notification to data protection authorities.

Breach notification is a huge endeavor and requires involvement from everyone inside an organization. In-house tech support and outsourced Technology Service Providers should have acquired a good understanding of the consequences a data breach causes and the data breach notification requirements for their organization.  They must be prepared in advance to respond to security incidents.

The Following Are Additional Steps You Should Take To Prepare Your Technology Before May 25th  

Your Technology Solutions Provider Can Help

• Perform a thorough inventory of your personally identifiable information, where it’s stored–in onsite storage or in the Cloud. And determine what geographical locations it’s housed. Don’t forget about your databases. PII is often stored in databases.
• Perform a Gap Analysis. This is a process where you compare your organization’s IT performance to the expected requirements. It helps you understand if your technology and other resources are operating effectively. By doing this, your Technology Solution Provider (TSP) can then create an action plan to fill in the gaps. The right TSP will understand the GDPR regulations and how your IT must support your compliance efforts.
• Develop an Action Plan. Your TSP should document a detailed action plan for how to use technology to meet the GDPR if you experience a data breach. This should include individuals’ roles and responsibilities. Conduct tabletop exercises to practice how the plan will work with specific timelines and milestones.
• Ensure data privacy. If you don’t have a Technology Solution Provider, then you need one for this. Data protection is key for any-sized organization. Consumers have the right to have their data erased if they want. This is called “the right to be forgotten.”  This is a concept that was put into practice in the European Union in 2006, and it’s a part of the GDPR. You won’t be able to do this if their data is stolen.
• Be sure to document and monitor everything that you do that’s related to GDPR Compliance. This includes any changes or upgrades that your Tech Company makes to your IT environment. You may need to demonstrate that you’ve done your due diligence when it comes to protecting citizens’ private information and that you practice “defense-in-depth” strategies where you use multiple layers of security controls when it comes to your technology.

Resources To Check Out For More Information

The European Commission’s website regarding the GDPR:

https://ec.europa.eu/info/law/law-topic/data-protection

Wikipedia

General Data Protection Regulation

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

Information from the service vendors you use:

• Mail Chimp
• Salesforce
• Google
• Microsoft

These and other services have GDPR-centric web pages with helpful information that impacts your relationship with them, how they handle processing, and how they can help you comply with the new regulations.

Get going now. There’s a lot to do before May 25th!

There is no denying how critical Microsoft Excel is for day-to-day data processing and visualizations across organizations. Still, many users are not as familiar with the complete functionality of this handy tool as they could be. Today’s users say they have a fairly good knowledge of Excel and yet Microsoft adds new features each year to make it even more useful. Most companies simply don’t have a decent Excel training program to keep their employees up-to-date on the latest new spreadsheet features.

The most recent version of Microsoft Excel – both on traditional offline Office platforms and the cloud-based environment Office 365 – have new charts that introduce a whole world of data visualization.

You’ll be happy to know that Excel opens in your web browser just like Word, OneNote, PowerPoint, and PDF documents – making it a breeze for you to work with your data in the cloud.

The new Excel charts that were recently added are pretty handy. It is well worth knowing how and when to utilize them. This guide will walk you through three of the best to be released this year.

Waterfall charts

Businesses and organizations always seek to understand their finances better so that they can make their revenue projections more effective. It is critical for them to assess how profits and losses play out at different financial periods. One way to quickly understand and communicate these sets of financial data is through the visualization of financial statements. This is where Waterfall Excel charts come in.

Waterfall charts allow you to quickly illustrate the line items available in your financial data in a manner that provides a clear picture of how each item impacts your bottom line. They help make it easier to understand the cumulative effect of positive and/or negative values that are sequentially introduced.

You could use a Waterfall chart to illustrate how the negative and positive values in your data cumulatively affect the totals or final value such as net income, for instance.

Normally, the outlays or losses that occur throughout the business period should appear as negative integers, while profits or gains are stipulated as positive figures in the Waterfall chart.

Here are some revenue data from the Seattle Art Museum that we will use in our illustration:

To create a Waterfall chart, select your data and head to the ‘Insert’ tab on the Excel ribbon. From there, navigate to the Charts section and click the Waterfall icon.

Once you do that, Excel inserts a Waterfall chart for you, with all the values in the dataset you selected.

Suppose we select the positive values above (first data set); Excel will automatically detect that these are all positive values and color them green as follows:

Notice however that Excel does not identify the last value (Total Operating Revenue) as a total; that’s why it has calibrated it with the same green color.

To resolve that issue, double-click on that total and check the box marked “Set as Total” in the Format Data Point pane that appears.

You’ll see that this action immediately updates the chart, changing the color of the total value from green to grey, reflecting that all the other values colored green actually accrue to that total.

If we follow the same procedure for the Total Operating Expense (second set of data), our final Waterfall chart would look something like this:

Treemaps

Treemaps are great for showing relationships between sets of data. They use colors to create a contrast between the data sets so that you can capture the information on a Treemap at a glance. Let’s use these ticket sales data from the Seattle Art Museum to illustrate what we’re saying:

As you can see, all the ticket sales have been divided into either online or onsite subcategories and the many different classifications of ticket types. By so doing, we are indicating to Excel how we want to organize our chart.

To create the Treemap chart, we have to first select our entire data, then head to the ‘Insert’ tab on the Excel ribbon, and navigate to the hierarchy map symbol. Click the symbol to automatically insert a Treemap chart showing different relationships between online and onsite ticket sales broken down by ticket type.

Map charts

Map Charts help you draw comparisons of values and show how categories compare across different geographical regions. This is to say you may use map charts only when your data have geographical regions included.

A map chart, for instance, would help us visualize the geographical distribution of revenue from the ticket sales above.

To create a Map chart, we would select our data, tap the Insert button and click the map symbol.

This automatically inserts a chloroplast chart with the selected data geographically distributed in it. We can further customize the chart by double-clicking the legend and using the options on the Format Legend Entry menu.

Conclusion

Graphical representation can be quite helpful when it comes to making comparisons of various sets of data or when you want to pinpoint a trend at a glance. With good knowledge of these charts, you have even more tools in your arsenal to take on any data analysis project.

Cyber breaches have become the norm across the United States and in many parts of the world. Regardless of the size of your company or your budget for security, your company could be at risk. This has caused rapid growth in the cybersecurity industry. According to Forbes, this market will reach 170 billion dollars by the year 2020.

Some of this growth is being fueled by the advancement of new technology in cloud-based applications, the Internet of Things, and the increase in the number of computers and mobile devices. However, much of it is being initiated by the constant onslaught of cyber-attacks at home and at work.

Biggest Data Breaches of 2017

During 2017, there were actually hundreds of data breaches in the US, though the public only heard about a fraction of those.

The Equifax hack topped the list with a devastating breach that affected 145 million customers. It stunned the public, proving once again, that no one is out of reach of hackers. With each passing breach, hackers refine their techniques so that more consumers are affected and even more extensive damage is done.

The financial data for over 3 million customers was compromised in the Hitachi Payment Services malware hack. This was reported in February 2017 and eventually led to a massive decline in credit card use. Hitachi suffered damage to their reputation and loss of profits and revenue.

Regardless of how many attacks there are, they continue to have the same effect on the public. Cyber breaches cause consumers to be leery of doing business with the company. People stopped buying products from Target stores right after that breach. The cost to Target was substantial. Breaches damage a company’s brand name and cost millions to resolve in many cases.

Worldwide Data Breaches

The largest leak in the world, known as the Big Asian Leak, exposed the personal information of 185 million customers. Though the names, addresses, passcodes and some financial information was stolen by hackers, most of the Asian companies who were hacked refused to admit they’d been breached and most refused to comment as well.  The stolen data was eventually offered for sale on the dark web by an online vendor known as “DoubleFlag.”

In the US, consumers expect companies to be fully transparent when a breach does occur. They expect certain steps to be taken to avoid future attacks. Sometimes this happens and sometimes it doesn’t. Company leaders tend to think that if they’ve already been hacked once, there’s very little likelihood that it will happen again. There’s no solid proof to indicate that this is true. Hackers search for easy targets; companies with weak, ineffective cybersecurity.

How data breaches for 2018 are shaping up

The last few years have shown a few definite trends. For instance, in 2015 and 2016, businesses were targeted 40.1 percent of the time with the healthcare industry a close second at 35.4 percent. In 2017, there were a total of 868 cyber breaches with businesses and health care agencies the main targets.

Major businesses across the country have stepped up their security on every level and yet 2018 has already proven to be a busy time for hackers.  A new trend involves cyber thieves looking beyond computers and phones for targets. They’ve discovered a whole world of unsecured devices, such as medical devices, educational and government organizations, and other vulnerable technology.

A new study shows that only 51 percent of all companies monitor and analyze their security information on a regular basis. About 45 percent subscribe to some type of intelligence service, while only 52 percent said they used high-tech intrusion detection systems. These numbers indicate a troubling trend. Only about half of all American companies are actually taking their cybersecurity seriously enough.

Ransomware attacks are on the rise as well. In some cases, the cyber thieves do not ask for much money. They demand smaller amounts like $1900 or $4,500. This strategy makes it far more likely that a business will pay the ransom. It’s just more prudent to pay those smaller amounts than to call in the authorities or security experts to resolve the issues.  Below are a few of the major cyber-attacks that have occurred for 2018.

Cyber Breaches and Ransomware Attacks January 2018

Several Indiana hospitals reported ransomware attacks. In one instance, the hospital paid $55,000 to thieves but reported that no data was stolen. The San Diego Office of Education reported a breach of employee retirement data. It was discovered that an unknown number of email addresses were leaked from MailChimp. National Stores, Inc. reported that some financial data from an unknown number of its credit card users was leaked.

WordPress continued having major issues with cyber thieves who were secretly placing crypto-mining code on the computers of its users. This code is designed to run in the background on a user’s computer without their knowledge for the purpose of mining cryptocurrency.  A major embarrassment to Kansas officials, it was reported that the Kansas Secretary of State website accidentally leaked the last four digits of hundreds of Kansas state government workers.

Cyber Breaches and Ransomware Attacks February 2018

The City of Allentown, PA was crippled by a malware attack that has to date cost at least one million dollars. Both financial and public safety systems were attacked. In a phishing attack, 50,000 Snapchat users had their log-in credentials stolen. A hospital in Tennessee revealed that 24,000 of its past patients may have been exposed to crypto-mining attacks.  Both Chase and Hometown Banks revealed that customer data may have been compromised due to skimming/shimming devices placed at ATM machines.  A dangerous T-Mobile bug was responsible for hackers being able to highjack the accounts of T-Mobile customers.

Cyber Breaches and Ransomware Attacks March 2018

In March, the city of Atlanta reported various government systems were down due to a ransomware attack. Several schools and hospitals reported malware and ransomware attacks that shut down their systems for indefinite periods of time. Some data was compromised in these attacks. Other hospitals reported that employee email accounts were hacked leaking confidential patient information. Even the National Lottery Association reported the loss of log-in info for over 10 million players. Emails were sent out instructing players to change their passwords. A point-of-sale breach occurred at some Applebee’s Restaurants exposing the credit card information of its patrons.

Cyber Breaches and Ransomware Attacks April 2018

April was a busy month for hackers. Over 72 million records were leaked in a long string of ransomware, malware and data breaches. The most notable included Sears Stores, Delta Airlines, K-Mart and Panera Bread. A service that connects handymen with customers called TaskRabbit had to shut down its website and suspend use of its app due to a massive data breach. SunTrust admitted that a former employee had stolen the customer data of 1.5 million customers. A data search service called LocalBlox reported that 48 million records were left accessible on the Internet. The data included personal info, as well as psychographic data used by marketing agencies.

Moving into the Future

Though the numbers are not out yet for May, experts believe that there will continue to be massive data leaks, ransomware attacks, malware attacks, and cyber breaches. Cyber thieves refine their strategies with each passing month. Consumers and business owners must stay on top of the activities of cyber thieves. Experts recommend hiring security experts to gauge how effective your cybersecurity is and recommend methods to improve it. The best defense continues to be a strong offense.

Wireless networking has become a very important aspect of human life. The global marketplace has forced businesses to find new ways of reaching their customers in countries around the world. However, wireless networking isn’t just for business owners. Various people in every way of life rely on wireless networking for different reasons.

Teenagers, young adults, parents, and even senior citizens count on wireless networks to perform a wide range of tasks each day. From paying the bills to visiting favorite social media sites, consumers depend on these services in an ever-increasing number of ways.

Today’s business people can’t survive without wireless networks to maintain an online presence. Dependable networking is extremely important for the success of any business in this complex online world. There are various providers who specialize in wireless networking. Both individuals and businesses now have numerous options available to them. In this sea of service providers, it may be difficult to find the service that best suits your needs. Each business has its own requirements and usually a tight budget to work with.

Professional services

Managed wireless networking services are most often offered by professionals. These are IT pros who specialize in wireless networking and a wide range of other services. Outsourcing your IT services can make your life much easier. But it’s important to find a provider who understands the specific needs of each customer; someone who will become a trusted partner. This is one of the major pain points of small business owners. They feel as if their IT needs will be lost in the busy workday of an IT specialist and they will not get the exact networking solution they need to thrive in the marketplace.

Eliminates the need to hire trained IT pros

Upon contracting for managed wireless services, the service provider brings his or her own team of professionals in to do all IT-related work. The costs for getting your professional services are factored into the contract price. Usually, this includes 24/7 support, which can be a big expense for some. This can eliminate a major headache for most business owners. You don’t have to hire and train employees to perform these services. Managed wireless networking services thus ensure that businesses employ a smaller number of personnel and therefore save on hiring costs.

Customized solutions

One of the major benefits from outsourcing your IT services is that you can get exactly what you need at a price that fits your budget. Managed service providers are specialists in their field. They are in a position to offer customized solutions to their clients. They most often have an IT consultant on staff who will work with you in determining your specific business IT requirements. For some, this is an easy process and for others, it is more complex due to HIPAA compliance and other government regulations. Most small business owners are not experienced enough to determine how to best handle these complex issues. But, an experienced IT professional knows. Depending on the service provider that you decide to partner with, you may have the option of choosing from different wireless options. The advantage of this is that you can choose specific services depending on their prices. You can select scalable options that will grow with your company.

Extra services

Managed networking service providers usually deliver many extra services, such as assessing, designing, deploying, and managing network services. This can take a real load off any business owner’s plate. It can be a burden to deal with older equipment that’s constantly breaking down. But if your contract includes unlimited service calls, you can rest easy. You won’t have to pay extra or employ people to handle things. As a result, you get inclusive services and at rather affordable costs. Your employees don’t have to spend time trying to fix networking equipment that breaks down. Simply call your IT service provider and you can get back to doing your regular job.

Legal liability

With the increase in the number of cyber crimes, managed networking providers become very important. First of all, these people are in a position to handle any type of data leak or security issue. Having the necessary knowledge of the latest advancements in cyber security is a valuable asset. Your managed service provider is responsible for keeping your systems well-protected.  Secondly, cyber thieves are constantly improving their methods of breaking in and stealing your data. Keeping up with these issues is a time-consuming and complex task. With managed wireless service providers, you do not have to worry about this. Your provider will stay on top of all the latest technology to ensure that your computers and network are protected.  This helps to reduce your liability as well.

Consistent monthly charges

Managed wireless networking agreements state an exact amount of money that the organization is to pay for their services. This means that your company can budget for these expenses. This eliminates enormous charges for broken equipment and outdated software. In most cases, the cost of handling all these problems and charges for networking and computer repairs will be far more than your regular monthly charge. This gives business owners peace of mind and prevents unexpected charges.

Final thoughts

In this era where wireless networks are an absolute necessity, it’s wise for any size business to opt for managed IT services. Find professionals in your area that have a good reputation; a company that stands behind its promises. Most IT service providers include regular maintenance to keep your computers running smoothly. They ensure that your network is protected against cyber intruders. Managed Wireless Networking Providers are a great choice for any organization looking to alleviate the burden of networking, computer repairs, and dependable IT services.