All Posts by chris

About the Author

Your small business needs to take cybersecurity seriously
Nov 01

Cybersecurity 101: Why You Need to Invest

Can your business survive a data breach?  

On average, 60% of small businesses do not survive within six months of a cyberattack. 

Cyberattacks are a deadly, a far-too-common threat to anyone and anything existing on the internet, projected to cost businesses over 10.5 trillion by 2025 

Despite the scary statistics, small to medium-sized businesses (SMBs) still aren’t prioritizing cybersecurity. They see cybersecurity as an optional expense that “doesn’t fit their budget”.  

As an example, when interviewed by CNBC in a control group of 2,000 business owners, just 5% reported cybersecurity as a priority risk factor to their operations at the moment. In contrast, 38% uphold inflation as their number one concern, followed by supply chain disruption and COVID-19. This hasn’t changed throughout 2022; cybersecurity is still reported as the last thing SMBs are worried about. 

But, with 1 in every 10 SMBs struck by a cyberattack every year, this shouldn’t be the case. Failing to protect your business puts you at risk for breaches and fuels the threat actor economy.  

Undoubtedly, SMB owners are pioneers of innovation, taking on new approaches to their industry in a way larger businesses can’t. It’s surprising that, despite the creativity and intellect it takes to run a business, SMB owners and decision makers still don’t invest in cybersecurity. 

Why? 

After decades spent in the managed IT Services sector, we’ve seen firsthand the top 2 “myths” that prevent business owners from making more effective decisions regarding their cybersecurity. 

Cybersecurity solutions are expensive and complicated. 

Year after year, SMBs don’t budget for cybersecurity because of its’ upfront expense.  

After all, you’d have to hire the right staff, pay upfront for the right software and tooling, and who knows what else. You don’t have time to think about computers and viruses when you’re trying to maintain service with a smile.  

Not to mention: what is cybersecurity? 

Is it something software engineers have to do? Is it the binary code you see floating around the monitor in spy movies?  

How can you be expected, as a business owner, to invest in a concept you can’t see?  

Cybersecurity, simplified 

No, cybersecurity is not a fix-all tool you can buy.  

At its core, cybersecurity is awareness, process, and actions taken to keep your computer networks and devices safe from unauthorized access. It may not sound like it, but just one data breach could spell the end. 

That’s why, starting today, you need to prioritize cybersecurity for your SMB. 

But that’s easier said than done. You can’t build Rome in a day, after all. In order to make cybersecurity a technical reality, we recommend referencing the Center for Internet Security’s (CIS) framework. 

According to CIS, “Every enterprise should start with IG1. IG1 is defined as “essential cyber hygiene,” the foundational set of cyber defense Safeguards that every enterprise should apply to guard against the most common attacks.” CIS has 18 separate Controls, verified security actions for any sized organization reviewed and curated by experts of different industry backgrounds, made to align your organization with the CIS cybersecurity framework for protection from cyber threats. 

Below, we review simple cybersecurity steps you can take, all referenced from CIS CONTROL 7 — Continuous Vulnerability Management.  

5 simple steps to protect your business  

  1. Train your employees 

Human error is the root cause of 95% of all data breaches, according to a recent study by Cybint. 

If your employees aren’t trained to think before they click, it’s only a matter of time before an irreversible, deadly mistake shatters your business. 

Make cybersecurity common knowledge for all employees, and test that knowledge regularly. Have HR require training in cybersecurity best practices and telltale signs of phishing. Keep personal affairs, like social media, off company devices. Curate the company Wi-fi network to block outside phones and tablets. 

  1. Update and patch machines regularly 

It’s important to keep all machines patched because many updates address newly discovered security gaps and vulnerabilities. 

As a business owner, it’s only natural that you’d want to do this yourself. But if you don’t have formal technical training, properly scheduling patches for all your company devices is going to be next to impossible. 

Partner with an expert to improve your business’s cybersecurity standing. Find someone who will: 

  • Automate the process 
  • Ensure it’s done correctly 
  • Abide by the proper documentation for compliance, insurance, and authorities (FBI) 
  • Limit your liability 
  1. Keep one inventory for all assets (devices, systems, networks, etc.) 

You can’t locate where problems and potential weaknesses are in your business infrastructure if you don’t have a clear picture. When you have a clear, concise list of all assets and devices, you’ll need the help of an expert to: 

  • Remove obsolete or retired devices 
  • Disable any unused network ports 
  • Validate all other assets’ current versions 
  • Keep out unnecessary devices and networks, like “mini networks” 
  1. Install Next Gen Anti-virus  

Threat actors can strike at any second, even on weekends, holidays, and late at night. You’ll need an extra layer of defense to monitor your systems for suspicious activity when you can’t. 

Next Gen anti-virus programs detect and contain found anomalies before they can do any lasting damage. Sign up for one, or partner with an expert that can point you towards the best option for your business, before you log in on a Monday to black screens and fragmented hard drives. 

  1. Filter DNS 

Unfortunately, there are many websites disguising themselves as harmless. But threat actors are lurking behind the screen, collecting and sending off your information to offsite servers. 

DNS (Domain Name System) filtering is the process of scanning, indexing, and blocking access to sites hosting potentially malicious content.  

This method of cyberattacking is most used by state-sponsored threat actors, contracted by their governments to gather intel and feed it back to specialized agencies. This is officially regarded as an act of cyberterrorism. 

To make surfing safe, DNS filtering has a wide range of benefits overall: 

  • Protection from malware/ransomware/viruses for everyone, including customers accessing your website 
  • Detailed threat reports 
  • Remote protection capabilities (great for remote companies) 

Cybersecurity is not expensive, but cyberattacks are  

The cost of falling victim to a cyberattack is exponentially more than investing in cybersecurity– Don’t be another SMB who didn’t take cybersecurity seriously until it was too late. The more difficult it is to target you; the less cyber criminals will be interested in stealing from you.  

To stay ahead of the threat actors, you’ll need an expert IT partner like Twin Networks. Contact us today to make sure your business doesn’t get left behind. 

Oct 06

State-Sponsored Threat Actors Use Ransomware to Attack U.S. Public Health Sector

The future of healthcare and private health is in jeopardy. 

According to a July 6, 2022, alert from the Cybersecurity and Infrastructure Security Agency (CISA), FBI, and Department of the Treasury, North Korea-sponsored threat actors have been targeting the U.S. healthcare and public health sector for over a year. 

In the official statement, the FBI warns that they’ve detected a strain of ransomware, aptly titled “Maui”, attacking public health organizations since as far back as May 2021. North Korean state-sponsored threat actors deployed the Maui ransomware to hijack and encrypt servers storing sensitive healthcare data. This includes patient medical records, imaging services, and diagnostics, now unreachable unless the hospital pays a fee. The malicious cyber-attack was unfortunately successful in disrupting many healthcare services for a substantial amount of time. 

But what does this mean for the future of the healthcare industry? 

In light of these attacks, federal agencies are currently urging those in healthcare to fully re-examine their current cybersecurity standing. This includes revisiting their infrastructure, cyber etiquette, and employee training. CISA also recommends fully investing in a robust antivirus software, reporting phishing attempts, and enforcing multifactor authentication (MFA) for all sign-ins.  

In addition, they recommend healthcare organizations to: 

  • “Limit access to data by deploying public key infrastructure and digital certificates to authenticate connections with the network, Internet of Things (IoT) medical devices, and the electronic health record system, as well as to ensure data packages are not manipulated while in transit from man-in-the-middle attacks”.  
  • Use standard user accounts on internal systems instead of administrative accounts, which allow for overarching administrative system privileges and do not ensure least privilege.   
  • Turn off network device management interfaces such as Telnet, SSH, Winbox, and HTTP for wide area networks (WANs) and secure with strong passwords and encryption when enabled.  
  • Secure personal identifiable information (PII)/patient health information (PHI) at collection points and encrypt the data at rest and in transit by using technologies such as Transport Layer Security (TPS). Only store personal patient data on internal systems that are protected by firewalls, and ensure extensive backups are available if data is ever compromised.  
  • Protect stored data by masking the permanent account number (PAN) when it is displayed and rendering it unreadable when it is stored—through cryptography, for example.  
  • Secure the collection, storage, and processing practices for PII and PHI, per regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Implementing HIPAA security measures can prevent the introduction of malware on the system.  
  • Implement and enforce multi-layer network segmentation with the most critical communications and data resting on the most secure and reliable layer.  
  • Use monitoring tools to observe whether IoT devices are behaving erratically due to a compromise.  
  • Create and regularly review internal policies that regulate the collection, storage, access, and monitoring of PII/PHI. 

Is your healthcare organization prepared for ransomware? 

Following the official recommendation from the CISA is just the beginning.

Threat actors can target any healthcare organization at anytime. You’ll need protection, such as backup storage and data encryption, a business continuity plan, a disaster recovery plan, and a technology roadmap.

Learning the ins and outs of cybersecurity is a monumental commitment with a large technical barrier.

Running your business comes first– let the cybersecurity experts at Twin Networks protect your IT infrastructure. We’re here to work with you and provide the solutions you need to stay safe and in operation. 

Check out our previous blog entries, or contact a member of our team to learn more about protecting your business from ransomware and other cyber threats.