Tag Archives: managed services

5 common myths about malware

5 common myths about malware

Dispelling myths and misconceptions about malware and cyber-crime is necessary to help business owners and managers better understand their network environment, their employee’s use of company assets, and the threats to their network that can severely limit productivity and cut into profit margins.  Here are 5 common myths about malware that can help your business avoid the mistakes other companies have made.

1. I don’t need an IT person.  I only use MAC computers!

Apple products are still vulnerable to attack by cyber-criminals.  Many businesses preferred PC’s because they were more customizable.  Attacks on Apple products are on the rise.  The first case of Ransomware on a Mac occurred in 2016.  Cyber-criminals don’t care what type of computer you buy or what type of operating system you have.

2. My employee’s computer has malware.  Bet they were on an adult website!

The prevalence of malware is so incredibly high that it is virtually unavoidable.  According to Kaspersky Labs, there are 323,000 new samples of malware found every day!  The only way you can avoid malware is to use an “air-gapped” computer.  Air-gapped means that the computer has never been connected to the internet.  The internet is a great resource for sharing information at light speed.  Most businesses are dependent upon the reliable flow of information that the internet provides.  Think not?  Turn off your router when you go into work tomorrow and let me know how it works out for you.  The presence or absence of malware is not a reflection of bad or inappropriate behavior.

Psst…as an aside, the adult website is probably safer than the website of your business, your favorite restaurant and your church.  Adult websites invest in cyber-security because (1) they can’t afford downtime, and (2) their entire income is reliant on staying up (Oh no, he didn’t!).

3. My business is too small.  Cyber-criminals aren’t interested in me.

Criminals don’t operate that way.  A criminal doesn’t examine your P&L before deciding whether to target your business.  The cyber-criminal likely doesn’t even know anything about your company.  Cyber-criminals operate differently.  They attach their malware to an email and send it out a million times across the world.  If they get a click rate of 1%, that’s 10,000 victims.  The average Ransomware demand has been on the rise lately, but for the sake of argument, let’s make it $500.

10,000 * $500 = $5,000,000.

$5 million while sitting at their computer with none of the worries that many street criminals face.  Many operate in overseas countries with no extradition treaty, so they are well outside of the reach of the FBI.  No risk of prison.  Considering that this process is mostly automated and requires very little technical knowledge, they can make $5 million incredibly quickly with minimal skill!

4. Only $500?  Paying the ransom is cheaper than paying you to secure my network!

If you factor in only the amount of the ransom, it is probably cheaper just to pay it.  If that were the only factor, I would tell you myself to pay the ransom.  There are some other factors that you need to weigh before you dole out that money though.

a. Paying the ransom doesn’t guarantee that you will get your data back.

How much is your data worth to your business?  What if you pay the $500 and they won’t or can’t give you the data back?  How well can your business operate without your Quick-books or other financial files, your business contacts, and your customer information?  Last year, 25% of business owners paid the ransom and never recovered their data.

b. Paying the ransom isn’t a simple process.

Most of the cyber-criminals want payment in crypto-currency like Bitcoin because it is untraceable.  Setting up a bitcoin account and purchasing the necessary amount to pay the ransom is not a simple process.  It might take days just to complete the bitcoin purchase.  How many of your employees rely on their computers and data to be productive?  Multiply that times the average hourly wage of those employees.  Now, multiply that times the amount of time it takes to get your computer back in service.  Factor in the loss of revenue for notifying your customers of a data breach and providing them with credit monitoring.  Now you are getting a better idea of the true cost of Ransomware.

c. Who are you paying for your data?

The people that are engaging in this activity are foreign government agents and multi-national corporations.  These cyber-attacks, while easy to do, are not being carried out by the pimply teenager in his Mom’s basement.  Our nation’s enemies are funding, ordering and carrying out these attacks.  (In all fairness, we are probably doing it to them also.)  When you think about giving $500 to a cyber-criminal, think about donating the money to Vladimir Putin, China, and members of the ISIS (or ISIL). Does it still sound like a good idea?

5.  The biggest threat to my network is malware.

The biggest threat to your network are actually your employees.  A 2015 study estimated that employee cyber-security training can reduce threats by anywhere from 45-70%.  Of course, the training must be good quality, and should be followed up with regular testing.  The end result, however, is invaluable.  I can work with you to build layered security designed to protect your network, but what good is it if one click by an employee can bypass it?  Educating employees is a relatively inexpensive endeavor, and they can use what they learn to avoid problems on their personal IoT devices.  So, a win/win!  Companies such as KnowBe4 provide online training and testing resources to help you at very affordable prices.  As reseller partners of KnowBe4 training, we can manage the training and testing for you and still save you money on their normal pricing (limited to the Tampa Bay area).

Investing in cyber-security is one of the few things that our politicians agree on as a need.  While they are fighting over the details, why leave your business vulnerable?  Call A Better Choice Network Solutions at (813) 605-7251 today to schedule a free, no obligation consultation.

information technology, cyber-criminals, ransomware, malware

Never call cyber-criminals to fix your computer!

Being a retired police officer, I beg you to never pay cybercriminals.  Three times in the past 2 weeks, I have had someone tell me “I had a screen pop-up saying my computer was infected with a virus, and I needed to call a 1-800 number.”  And all 3 of them called the number. Two of the three then provided remote access to their computer.  1 of them gave his credit card information to pay a stranger who he never met to do “work” on his computer that he didn’t understand.  Each time, my facial twitch betrayed my disappointment.  (I should really work on that!)  They responded defensively, “Well, I’m not good with computers!”

Please, please, please don’t do this. First, you have no idea who is on the other end of the line when you call. In most cases, it is not a company with your best interests in mind. By giving them access to your computer, they can download other viruses and malware, steal your data, shut down your network, change your passwords, and all sorts of other nefarious behavior.

Second, this type of scam is one of many that helps fund the cyber-criminals and enemies of our nation. At the risk of repeating myself to people who have read previous blogs and articles that I have authored, cybercrime is occurring at rates never before witnessed. It is the perfect crime because it’s most often committed by people outside of the US in places that the FBI can’t reach. These are not crimes being committed by a couple of teenagers in mom’s basement “for kicks.” As a retired cop, I never want to put money in the hands of criminals.

Reputable IT companies and computer repairmen, however, do NOT do business like this. Take a moment to search for a local managed services provider, IT provider, or computer repair company.

What does a reputable company look like?

First, check out the website for their company. Is it aesthetically pleasing?  Does it clearly identify what services the company offers?  Is the material presented in a clear, concise manner that you can understand?  Finally, does the website identify the company as being licensed and insured?

Then, call your local Chamber of Commerce. They will be happy to point you in the direction of one of their members that is a good quality company.

Finally, always follow your gut instinct. If it doesn’t feel right, then it probably isn’t! End the call and move on. There are plenty of companies doing IT out there and not all of them are shady.

Be sure to follow us on Facebook, Twitter, and LinkedIn for updates and news on cyber-security and technology. Additionally, click here to read more about A Better Choice Network Solutions.

David Thornton is a retired police officer and current owner of A Better Choice Network Solutions in Brandon, FL.  He can be contacted via email at info@abcnetfl.com.