The Top 10 Ways Hackers Get Around Your Firewall And Anti-Virus To Rob You Blind
"Cybercrime is at an all-time high, and hackers are setting their sights on companies just like yours who are 'low hanging fruit'. Don’t be their next victim! This report reveals the most common ways that hackers get in and how to protect yourself today."
~ Joseph Martin - President/CEO of Carolina IT Group
Are You A Sitting Duck?
You, the CEO of a small business, are under attack. Right now, extremely dangerous and well-funded cybercrime rings in China, Russia, and Ukraine are using sophisticated software systems to hack into thousands of small businesses like yours to steal credit cards, client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack American businesses.
Don't think you're in danger because you're "small" and not a big target like a J.P. Morgan or Home Depot? Think again. 82,000 NEW malware threats are being released every single day and HALF of the cyber-attacks occurring are aimed at small businesses; you just don't hear about it because it's kept quiet for fear of attracting bad PR, lawsuits, data-breach fines and out of sheer embarrassment.
In fact, the National Cyber Security Alliance reports that one in five small businesses have been victims of cybercrime in the last year – and that number is growing rapidly as more businesses utilize cloud computing, mobile devices and store more information online. You can't turn on the TV or read a newspaper without learning about the latest online data breach, and government fines and regulatory agencies are growing in number and severity. Because of all of this, it's critical that you protect your business from these top 10ways that hackers get into your systems.
- They Take Advantage Of Poorly Trained Employees. The #1 vulnerability for business networks are the employees using them. It's extremely common for an employee to infect an entire network by opening and clicking a phishing e-mail (that's an e-mail cleverly designed to look like a legitimate e-mail from a website or vendor you trust). If they don't know how to spot infected e-mails or online scams, they could compromise your entire network.
- They Exploit Device Usage Outside Of Company Business. You must maintain an Acceptable Use Policy that outlines how employees are permitted to use company-owned PCs, devices, software, Internet access and e-mail. We strongly recommend putting a policy in place that limits the websites employees can access with work devices and Internet connectivity. Further, you have to enforce your policy with content-filtering software and firewalls. We can easily set up permissions and rules that will regulate what websites your employees access and what they do online during company hours and with company-owned devices, giving certain users more "freedom" than others.Having this type of policy is particularly important if your employees are using their own personal devices to access company e-mail and data.If that employee is checking unregulated, personal e-mail on their own laptop that infects that laptop, it can be a gateway for a hacker to enter YOUR network. If that employee leaves, are you allowed to erase company data from their phone? If their phone is lost or stolen, are you permitted to remotely wipe the device – which would delete all of that employee's photos, videos, texts, etc. – to ensure YOUR clients' information isn't compromised?Further, if the data in your organization is highly sensitive, such as patient records, credit card information, financial information and the like, you may not be legally permitted to allow employees to access it on devices that are not secured; but that doesn't mean an employee might not innocently "take work home." If it's a company-owned device, you need to detail what an employee can or cannot do with that device, including "rooting" or "jailbreaking" the device to circumvent security mechanisms you put in place.
- They Take Advantage Of WEAK Password Policies. Passwords should be at least 8 characters and contain lowercase and uppercase letters, symbols and at least one number. On a cell phone, requiring a passcode to be entered will go a long way toward preventing a stolen device from being compromised. Again, this can be ENFORCED by your network administrator so employees don't get lazy and choose easy-to-guess passwords, putting your organization at risk.
- They Attack Networks That Are Not Properly Patched With The Latest Security Updates. New vulnerabilities are frequently found in common software programs you are using, such as Microsoft Office; therefore it's critical you patch and update your systems frequently. If you're under a managed IT plan, this can all be automated for you so you don't have to worry about missing an important update.
- They Attack Networks With No Backups Or Simple Single Location Backups. Simply having a solid, reliable backup can foil some of the most aggressive (and new) ransomware attacks, where a hacker locks up your files and holds them ransom until you pay a fee. If your files are backed up, you don't have to pay a crook to get them back. A good backup will also protect you against an employee accidentally (or intentionally!) deleting or overwriting files, natural disasters, fire, water damage, hardware failures and a host of other data-erasing disasters. Again, your backups should be AUTOMATED and monitored; the worst time to test your backup is when you desperately need it to work!
- They Exploit Networks With Employee Installed Software. One of the fastest ways cybercriminals access networks is by duping unsuspecting users to willfully download malicious software by embedding it within downloadable files, games or other "innocent"-looking apps. This can largely be prevented with a good firewall and employee training and monitoring.
- They Attack Inadequate Firewalls. A firewall acts as the frontline defense against hackers blocking everything you haven't specifically allowed to enter (or leave) your computer network. But all firewalls need monitoring and maintenance, just like all devices on your network. This too should be done by your IT person or company as part of their regular, routine maintenance.
- They Attack Your Devices When You're Off The Office Network. It's not uncommon for hackers to set up fake clones of public Wi-Fi access points to try and get you to connect to THEIR Wi-Fi over the legitimate, safe public one being made available to you. Before connecting, check with an employee of the store or location to verify the name of the Wi-Fi they are providing. Next, NEVER access financial, medical or other sensitive data while on public Wi-Fi. Also, don't shop online and enter your credit card information unless you're absolutely certain the connection point you're on is safe and secure.
- They Use Phishing E-mails To Fool You Into Thinking That You're Visiting A Legitimate Web Site. A phishing e-mail is a bogus e-mail that is carefully designed to look like a legitimate request (or attached file) from a site you trust in an effort to get you to willingly give up your login information to a particular website or to click and download a virus.
Often these e-mails look 100% legitimate and show up in the form of a PDF (scanned document) or a UPS or FedEx tracking number, bank letter, Facebook alert, bank notification, etc. That's what makes these so dangerous – they LOOK exactly like a legitimate e-mail.
- They Use Social Engineering And Pretend To Be You. This is a basic 21st-century tactic. Hackers pretend to be you to reset your passwords. In 2009, social engineers posed as Coca-Cola's CEO, persuading an exec to open an e-mail with software that infiltrated the network. In another scenario, hackers pretended to be a popular online blogger and got Apple to reset the author's iCloud password.
Want Help Ensuring That Your Company Has All 10 Of These Holes Plugged?
If you are concerned about employees and the dangers of cybercriminals gaining access to your network, then call us about how we can implement a managed security plan for your business.
At no cost or obligation, we'll send one of our security consultants and a senior technician to your office to conduct a free Security And Backup Audit of your company's overall network health to review and validate different data-loss and security loopholes, including small-print weasel clauses used by all 3rd-party cloud vendors, giving them zero responsibility or liability for backing up and securing your data. We'll also look for common places where security and backup get overlooked, such as mobile devices, laptops, tablets and home PCs. At the end of this free audit, you'll know:
- Is your network really and truly secured against the most devious cybercriminals? And if not, what do you need to do (at a minimum) to protect yourself now?
- Is your data backup TRULY backing up ALL the important files and data you would never want to lose? We'll also reveal exactly how long it would take to restore your files (most people are shocked to learn it will take much longer than they anticipated).
- Are your employees freely using the Internet to access gambling sites and porn, to look for other jobs and waste time shopping, or to check personal e-mail and social media sites? You know some of this is going on right now, but do you know to what extent?
- Are you accidentally violating any PCI, HIPAA or other data-privacy laws? New laws are being put in place frequently and it's easy to violate one without even being aware; however, you'd still have to suffer the bad PR and fines.
- Is your firewall and antivirus configured properly and up-to-date?
- Are your employees storing confidential and important information on unprotected cloud apps like Google Drive or Dropbox that are OUTSIDE of your backups?
I know it's natural to want to think, "We've got it covered already." Yet I can practically guarantee my team will find one or more ways your business is at serious risk for hacker attacks, data loss and extended downtime – I just see it all too often in the many businesses we've audited over the years.
Even if you have a trusted IT person or company who put your current network in place, it never hurts to get a 3rd party to validate nothing was overlooked. I have no reason to conceal or gloss over anything we find. If you want the straight truth, I'll report it to you!
You Are Under No Obligation To Do Or Buy Anything
I also want to be very clear that there are no expectations on our part for you to do or buy anything when you take us up on our Free Security And Backup Audit. As a matter of fact, I will give you my personal guarantee that you won't have to deal with a pushy, arrogant salesperson because I don't appreciate heavy sales pressure any more than you do.
Whether or not we're a right fit for you remains to be seen. If we are, we'll welcome the opportunity. But if not, we're still more than happy to give this free service to you.
You've spent a lifetime working hard to get where you are. You earned every penny and every client. Why risk losing it all? Get the facts and be certain your business, your reputation and your data are protected. Call us at (252) 565-1235 or you can e-mail me personally at firstname.lastname@example.org.
Dedicated to serving you,
Here’s What A Few Of Our Clients Have Said About Us. . .
Advanced Health & Rehabilitation Center Always take our concern seriously and immediately respond
We have been using Carolina IT Group for over 10 years. Prior to using them, we used various local computer companies and other people. They managed to get the job done and our systems working, but we were always oblivious when it came to maintenance care and monitoring. The inconsistencies in their service slowed down our production and reflected upon us negatively due to long wait times for service. This, in turn left us without the tools needed to properly care for our patients.
We rest easier at nights knowing that all of our important and private patient information is safe, secure and there is someone on the other end monitoring and ready to act if ever needed. The implementation of our new office server took us light years ahead of the competition and has increased our ability to service a great number of patients daily. With peace of mind and confidence that our systems are working appropriately, we can put our focus on our main priority of patient care.
He has assisted us with so many aspects of the business. From computer repair, to software advise and installs, we are never let down. I always enjoy their knowledgeable team visiting and talking with them over the phone. They are always willing to go the extra mile and explain the process of things as well as teach me and our staff ways to help avoid issues in the future. That alone is priceless.
All our issues seem to take high priority with Carolina IT Group. While I know they have several high-profile customers, they always take our concern seriously and immediately respond. We could not have a better or more dependable company to work with for all our IT needs.
I would tell people, and I have told them, that there is no other company to call in Eastern NC but Carolina IT Group. I believe that a good company stands behind its product, treats others with respect, does as it says it's going to, and does not take advantage financially of those that may not know better, Carolina IT Group is certainly a wonderful representation of all those qualities and more..
Dr. Brian Kean,
President of Advanced Health & Rehabilitation Center
The Robert Taylor Group Good folks that do a great job for a fair price
I have been using Carolina IT Group for several years. The company we used before was very spotty but now that we use Carolina IT Group our service is very good.
Whenever we have an issue it is very easy to get up with them to handle our problem and they handle it on a very timely bases. They are very helpful about suggesting new ideas to help us out. They are good folks that do a great job for a fair price.
President of The Robert Taylor Group
ACF Insurance Services, Inc. They are so nice to deal with, so it is a no brainer for us
I have been using Carolina IT Group for 4 years. The provider we had before was good, but now that we use Carolina IT Group it’s even better than before! Whenever we have any issues or emergencies it is very easy to get assistance and the issues get resolved very quickly. I am very glad I switched too!
Carolina IT Group helps us stay up with technology and changes so that we have secure and reliable systems. They are so nice to deal with, so it is a no brainer for us as to why we chose them. Plus, I would refer my best friend in a second to use Carolina IT Group.
President of ACF Insurance Services, Inc.
The Appraisal Advantage Switching to Carolina IT Group was one of the best business decisions
We have been using Carolina IT Group for 10+ years. The service from other IT companies was erratic and undependable at best. However, now our service is quick, reliable, and personable. Whenever I have an IT issue, help is just a phone call away. All of my IT issues get resolved quickly, which is very important to minimize my office downtime.
Switching to Carolina IT Group was one of the best business decisions that I have made. They give me the peace of mind in knowing that if I do have an IT issue, it will be resolved within a very short period of time and my office will be back up and running.
I have recommended Carolina IT Group to several of my friends for their businesses and will continue to do so!
Owner of The Appraisal Advantage
Car Mart of Greenville Things are fixed right the first time
My name is Steven White and I work at Car Mart of Greenville. I am the president, buyer, and controller for the company. We have been using Carolina IT Group for 8 years. The company we used before was sloppy and slow. Now that we are with Carolina IT Group, they are punctual, things are fixed right the first time and they have very fair pricing!
When we have issues and have to call, it is easy to get help and they resolve the problem quickly. I would say that these folks are polite, easy to get along with and got our computers running faster. I would tell any and every one to call Carolina IT Group.
Car Mart of Greenville
Textbook Brokers We now have a much more reliable network
We have been using Carolina IT Group for around 8 years. The other companies that we used in the past were unreliable. These guys are knowledgeable, competitively priced and fast. When we have issues, they are very easy to get up with and come out quickly to handle our problem. They also get things resolved very quickly!
I am definitely glad we switched to Carolina IT Group. We now have a much more reliable network and I tell everyone that ask to use the Carolina IT Group.
Regional Manager for Textbook Brokers
Gregory K. James, P.A. Attorneys at Law We are very glad that we switched to Carolina IT Group
We have been using Carolina IT Group for over 5 years. Before, we were using an independent person to take care of our computers and servers. Now that we use Carolina IT Group our IT service has been excellent. If we do have issues, we have no problems getting our issues handled quickly.
We are very glad that we switched to Carolina IT Group. We now we have a peace of mind, plus they are very understanding and patient. I would tell my best friend to call the Carolina IT Group if you want the best.
Owner Gregory K. James, P.A. Attorneys at Law
Dimensions Professional Search I would not hesitate to recommend Carolina IT Group
I have been using Carolina IT Group for around 10 years. The company I used before was adequate, but very overpriced. Now that I use Carolina IT Group, they have helped us change from a local network environment to a cloud based network environment and has managed our IT infrastructure since then.
When we do have a problem, it is very easy to get in touch with Carolina IT Group and they can check the problem remotely or come to our site if necessary. They have any problems resolved very quickly. I am definitely glad we switchedand I would not hesitate to recommend them as an IT vendor of choice
Principal Partner at Dimensions Professional Search