During 2020 we saw something we previously had not: a pandemic that spurred an unprecedented number of users into remote school, work, and play.
Where is all that happening? In the cloud. Think Microsoft Office 365, VoIP, Zoom, really, browser-based anything that makes access convenient from anywhere. The downside: convenience is the counterpart of secure.
In 2020 alone, cyberattacks on business increased by 80%.
Here are the numbers:
- Cloud-based attacks up 630% between Jan-April 2020
- Phishing attacks up 660% since March 1, 2020
- Ransomware attacks up 148% March 2020
Why are they doing it?
A miniscule success rate means a big pay out. Let’s do the math: The average ransom in Q3 of 2020 was over $200,000—up from only $5,900 in 2019. The average click rate on a phishing email is 4% and 1/3 of those pay the ransom. For example, the recent breach at Dickey’s BBQ Pit had three million compromised accounts. At 4% that is 120,000 accounts. Now, imagine only 5% (6,000) are businesses and one third (2,000) paid a small ransom of $5,900. That equals just under $12 million. Not bad for a 0.06% success rate.
Currently, the biggest threat we are seeing right now is Microsoft 365 credential harvesting where criminals get your login credentials for email or other Microsoft 365 products from which they can access the larger system.
Typical examples are emails with text reading “Log in to access a fax/voicemail/…” or “Someone sent you a file.” When you click on a link, you are directed to what appears to be an O365 login page. It’s not, but hackers know that catching a user when they’re distracted, multi-tasking, or in a hurry means pay dirt. They’re in.
And you know what? It works. I hate to say, it almost did on me! I recently received an email like that, and the timing made it part of a perfect storm. I had just re-routed a former employee’s email when I got an email much like the example above that was directed to the former employee’s former email address. However, this one came across as a voicemail (VM) and I had not yet gotten the VM changed so I thought “Shoot, I better get on that in case it’s a customer trying to reach us.” Thankfully, I didn’t immediately react. I took a step back, probably due to the diligent cybersecurity awareness training Nex-Tech does, and reconsidered. I am thankful for that pause because as it turned out, it was one of those phishing emails I described above, and they almost had me!
Justin Dempsey, Nex-Tech’s Technology Services Manager and cybersecurity expert brings the point home, “If I can just get one person to click, then I am behind the firewall and I’m behind a lot of the defenses [a company sets up to protect themselves]. That is when I can start moving laterally through the environment to see what the value of the target is and how to best extract it.” Dempsey’s department deals with successful breaches as outlined in the above example about once a week. His tip, “Anytime you’re attempting to log in with your Microsoft Office 365 credentials, the link should always start with this: https://login.microsoftonline.com/. If it does not, it’s not a legitimate site.”
Amidst the doom and gloom, there is good news. For example:
- Businesses who have a fully managed service solution (like a Nex-Tech Technology as a Service (TaaS) or Cybersecurity product) had half the risk of a successful attack than businesses without.
- While toolsets and technologies have evolved along with the bad actors, there is a lot you can do beyond your firewall and backups to protect your organization. For specifics, take a look at this checklist to get a baseline, then come chat with us to get started.
- Remember that humans are the biggest risk. Work with your employees. Provide consistent training, profile scoring, and dark web monitoring. Those are some of the best investments you can make to protect your organization. Nex-Tech’s Cybersecurity Profile service takes care of that (and a few other things) for as little as $20 per user per month. Use the Nex-Tech Cybersecurity Protect Calculator to get costs.
Final words to the wise. Stay vigilant.
#Partner with Nex-Tech because We Do I.T.
For more on why clicks count, how they add up, and understanding what is at stake for small business owners, read our blog: Do Cybercriminals Really Care About Me? Bad actors care no matter how small!
 It is important to note that Nex-Tech will NEVER recommend or aide in paying the ransom. Neither should any other provider you work with.