Were You Affected By Hackers This Year?

You have a lot to be thankful for if you or your company were not affected by hackers this year. But, if you live in Middle TN, you were affected whether you realize it or not. The colonial pipeline caused gasoline shortages this year at the end of April. The two-factor authentication, 2FA, that most banks and financial companies use today is the result of hacking attempts into business and personal accounts. Multiple Facebook page hijackings were also reported, disrupting personal lives.

Hackers and their illicit companies have become mainstream and are a serious threat. Did you know that hacking attempts have increased by 314% over the past year? Intrusion and exploitation is fast becoming the bigger threat than even ransomware. Hackers are getting on systems and on average, not being detected for 206 days. During that time the “kernel” is becoming embedded in the backups and so becomes persistent. Recovering from a backup solution may work short-term, but the kernel is still there to be reactivated leaving your company open for another exploit.

It is no longer a case of someone in their mother’s basement trying to break into the company. It is groups of malicious people including nation-states that are doing the hacking. It is artificial intelligence (AI). It is automated attacks that cannot be stopped without active involvement and cost.

Small businesses are the low-hanging fruit. They are being exploited because they have a mindset where they think “it won’t happen to me, because I’m too small”. Or, “I don’t have anything stored that would be of use to a hacker, so they won’t bother me.” Hackers know that. They know most small business do not put their resources into pro-actively defending their companies.

Sure, on and off-site managed backups are necessary. Managed firewalls are necessary. Managed anti-virus is necessary. Those are required to keep businesses safe from physical threats like fire, flooding, rogue employees and lower forms of malware. However, these days it is no longer enough.

Security as a service is now necessary. These security companies are pro-active in searching for exploits in your systems. Using algorithms, artificial intelligence, backed up by good (White hat) hackers, these companies provide another level of protection. This type of protection also provides the necessary documentation for cyber insurance, should it be purchased. Security as a service basically is proactive protection for your company and a primary method of meeting cyber insurance requirements.

If you don’t have these, cyber insurance is a waste of money, because the companies may not pay out if you are not actively engaged in protecting your company.

Nay and Associates, LLC provides security as a service as an add-on to their managed services. We’ve looked and found some cost-effective options that will work to protect our clients. The result is an agent that can be placed on each client’s computer that can identify, isolate and remove rogue programs, backed up by security experts.

Unlike some of the more common security software you see advertised, the managed services mentioned above is more likely to catch and remediate attempts that could potentially damage or compromise your computer systems. Managed security services will identify external hacking and also catch things already present on your computer systems, such as embedded “kernels”.

All the best and stay well,
Jim Nay