How Much Worse Has Ransomware Gotten? Let?s look at this somewhat casually.  Ransomware was never something to be trifled with. However, compared to the attacks we?re seeing today, the attacks of the past seem to be small potatoes at their worst. Having your business? data encrypted is bad. However, crippled supply chains and interrupted national infrastructures (as we?ve seen in the recent attacks on JBS SA and Colonial Pipeline) are undoubtedly worse. The dangers that such ransomware attacks pose cannot be understated, and no business is truly safe. The White House recently said as much in their warning to companies in regards to their cybersecurity preparations. This is Why the US Justice Department is Speaking Out Understandably concerned about the ramifications such threats could easily pose to national security, the Department of Justice has joined with the White House to draw a line in the sand. As their way of responding to what they accurately described as a ?growing threat,? investigations into ransomware cases will now be handled similarly to how terrorism cases are? all stops taken out in terms of what tools are used. Other Governing Bodies are Following Suit Likewise, in response to the JBS hack and the potential economic ramifications it will likely cause, the US Congress is now considering the lack of federal oversight into the cybersecurity protections implemented by meat processors. Such oversight could help to create a more unified strategy to help prevent and mitigate these kinds of attacks and their widespread impacts. Ransomware Threats are Also Getting Worse In addition to many ransomware attacks being waged on bigger, higher-value targets, the strategies involved across the board are evolving. Just consider the ideal progression of a ransomware attack from the attacker?s perspective. Use ransomware to encrypt a targeted system Threaten to delete all contents of a targeted system if a ransom isn?t paid Profit Understanding this, the consensus amongst security-minded businesses was that keeping an isolated backup was the perfect failsafe against such an attack. After all, with the backup to fall back on, the encrypted data could be deleted and replaced with relatively minor cost to the business. This is one of the many, many reasons we always recommend a business to keep a backup squirreled away.  Unfortunately, as will always be the case with cybercriminals, these practices encouraged them to adapt their processes. Lately, more and more attacks are following a slightly different method than what we?ve been seeing: Steal data from a system, using ransomware to encrypt it after the data has been harvested Threaten to delete all contents of a targeted system if a ransom isn?t paid Profit Threaten to leak or sell the stolen data unless a second ransom is paid Profit again This double-whammy approach to ransomware first came onto the scene in late 2019, and has exploded since. One recent survey found that 77 percent of ransomware attacks now come with threats to leak data if a ransom isn?t paid. This same survey also revealed that such attacks are increasingly directed against SMBs, who have considerably fewer resources than enterprise-level targets. So, if keeping a backup no longer helps to squash the entire threat, what can a company do? How a Business Can Resist Ransomware First, it will help to understand how the majority of modern ransomware […]

No Strategy Going In Here, we start with the move that many are guilty of: adopting a cloud-based model for the sake of adopting a cloud-based model. While there?s a lot of benefits that the cloud can offer to businesses, these benefits will only come if the cloud is utilized properly. This means it is crucial that the business seeking to migrate to the cloud should start by establishing a reason to migrate at all. Identifying how your processes could be improved through a shift to the cloud should be the first step of that shift. Up In the Air Costs While the cloud can offer businesses some considerable cost savings through various means?streamlining processes, cutting administrative costs, adopting various productivity benefits?accomplishing these ends can feel expensive in and of itself. There are numerous benefits to be had from the adoption of the cloud, assuming that it?s done with the right preparation and consideration. Otherwise, runaway costs derived from the service itself (compounded with the cost of migration, monetary risks, and training users to the new service) could easily derail your business? cost-saving intentions. Security and Compliance Issues Naturally, many companies balk at the idea of handing their data (in many ways, the keys to the metaphorical castle) over to an external provider. While cloud platforms are generally trustworthy, the risk that these companies face of backlash should the data they entrust to the provider be breached leads to no small amount of hesitance.  Human Error Finally, we come to one of the most prevalent and prolific challenges to any technological improvements to a business? processes: the employees who must make use of them. Without the knowledge of the tools that the cloud offers, or any familiarity with using them, your team may be hesitant or even resistant to using your cloud solutions. Worse, they could potentially make use of them incorrectly and thereby open your business to risk. Working With Us Allows You to Bypass These Challenges White Mountain IT Services is here to help. Considering our role, it should be no surprise that we are well-acquainted with today?s advanced solutions and the hoops that sometimes must be jumped through in order to use them? including cloud services. Instead of dealing with your provider, you could simply pass your needs along to us and we?ll see that they are fulfilled, supporting your team every step of the way. To learn more about the cloud and what it is capable of doing for your business, please reach out to us by calling (603) 889-0800.

11 Ways to Make Sure Your Team is On Their Guard Gamification In order to fully absorb the lessons that your security training is meant to impart, your team members need to be engaged in the training. One famously effective way to encourage this is to make it fun (at least to some degree). Running simulated attacks, with incentives given out to motivate your employees to do their best in identifying and reporting them, with help to reinforce the positive behaviors you want your team to exhibit if and when they have to contend with the real McCoy. This also allows your employees to gain practical experience with a live threat, so to speak. Incorporate Security Awareness into Onboarding Strategies There?s a lot that has been said about the impact that a first impression can have, so it only makes sense to have one of the first impressions you place onto your newly-hired employees be the importance of cybersecurity. Instilling good security habits early on will only help your organization resist more threats in the future. Make It Understood that Mistakes are Expected Accidents happen, and the best-laid plans of mice and men often go awry. Regardless of how well your team is prepared, there is almost certainly going to be a slip-up somewhere down the line. Part of your security training has to be the acknowledgment that there will be mistakes made by your employees, and the publicized acceptance of that outcome. If your team members expect to be punished for their mistakes, they will only work harder to hide them. You need to know about these issues so that they can be resolved, and your team members educated so that these mistakes are not repeated. Shape Training to Your Team?s Situation, Work Roles, and Age Groups Chances are, your team members are not a monolith? in addition to the many different roles that they likely fill, they come from a variety of backgrounds, age groups, and other differentiators. As a result, a single method of teaching isn?t likely to work equally effectively amongst them all. While it is important that everyone is trained, it is equally important to remember that not everyone will respond to a given form of training in the same way. You need to diversify your training strategy to involve a variety of methods to account for the various learning styles your team members are likely to exhibit. Keep it Short, Sweet, and Frequent Long, cookie-cutter training sessions are a great way to disengage your team from the lessons that your training is meant to impart. Substituting marathon-style training for shorter, more frequent ?sprint? sessions will help keep your team interested, and will allow for more consistent training to take place. Use Different Mediums Much in the same way that your training needs to account for various learning styles, your training should come in different formats. Basically, you don?t want your training to exclusively be presented as group lectures delivered to the team (or whatever your chosen default is). By switching up the format, you help to make your training more impactful, which will help it stick better with your teammates. Encourage Them to Share Lessons with Their Families One of the best ways to ensure that your employees fully understand the cybersecurity principles that […]

What Happened to JBS S.A.? Over the last weekend of May 2021, JBS? global IT systems were targeted by a ransomware attack that completely shut down the meat processor?s operations in North America and Australia. Seeing as effectively each step of the company?s operations (from livestock procurement all the way to export and shipment) rely on some kind of technology, everything was put on pause. Fortunately, JBS had implemented backups, and have therefore been able to restore their systems and are returning to operation. Furthermore, there has been no apparent evidence discovered suggesting that any customer, employee, or supplier data was compromised in the attack. However, this does not mean that there is nothing more to examine surrounding these events. Let?s go into the major takeaways that need to be addressed. First of All, Who?s Responsible, and Who is Involved in Fighting Back? There has been no indication that any activist groups were involved in the attack. Rather, sophisticated cybercriminals?the sort that have been previously associated with Russian cyberattacks?have been assigned blame for this attack. Along with the Federal Bureau of Investigation?s interest in the cyberattack, the United States government has been in communication with Russia concerning these efforts. The Australian Cyber Security Centre has also been providing their assistance, although they would not disclose what the nature of this assistance was, while the company was also working with both the Australian government and the Australian Federal Police to more assuredly identify the responsible party. The Impacts of Ransomware and Other Threats While ransomware is still relatively new in terms of mainstream threats, it has grown from a concerning eccentricity to a global concern in the few years it has been popularized. More than a threat that simply locks down a computer or network, ransomware now involves an element of exfiltration?not only is the target?s data deleted unless a ransom is paid, it is also stolen and sold unless a second ransom demand is also paid up. This form of attack is closely associated with exactly the groups that are suspected of conducting the attack on JBS. Fortunately, JBS was smart and had protected themselves ahead of time by implementing a backup solution. This is precisely why we always encourage businesses to do just that: the backup serves as your business? insurance policy should your operations ever be targeted by such an attack. Unfortunately, this isn?t unlikely as many such attacks are spread through automated phishing campaigns and other hands-off means of dispersing malware. At White Mountain IT Services, we?re committed to helping businesses resist cybersecurity issues of all shapes and sizes, along with helping you manage your IT in the operational sense. Start a conversation with us by calling (603) 889-0800 today.

First, we would be amiss if we didn?t start with what makes them different. HIPAA and HITRUST, contrary to what you may assume, aren?t both regulatory frameworks. HIPAA very much is, but HITRUST is actually an organization that itself developed its own framework (the Common Security Framework, or CSF) that assists businesses in complying with HIPAA, as well as PCI DSS, NIST guidelines, and other regulations. What is the Health Insurance Portability and Accountability Act? Signed into law in August of 1996, HIPAA establishes the many requirements that healthcare organizations and their partners must adhere to, with these requirements expanded upon further by the addition of the HIPAA Omnibus Rule that better integrated the demands of the HITECH (Health Information Technology for Economic and Clinical Health) Act. What Does the Health Information Trust Alliance Do? HITRUST, as a coalition, works to integrate the tenets of HIPAA into its own CSF. By establishing certain requirements of businesses that align with what HIPAA mandates, the HITRUST CSF makes the portability and accountability act far more actionable. How Do These Two Acronyms Coexist? Building on HIPAA, the HITRUST CSF creates a standardized framework and certification process for the healthcare industry to abide by, while also integrating the demands of HIPAA with those passed down by other compliances and frameworks, as we mentioned above. In many ways, HITRUST is therefore the larger challenge to comply with. Speaking plainly. HIPAA lays out the rules that healthcare providers, organizations, and affiliated businesses must abide by. HITECH gives them the strategies and solutions needed to do so. As a result, both are critically important considerations for any healthcare-affiliated business that wishes to avoid considerable challenges. Do You Need Assistance in Keeping Your Business Compliant? There is no shortage of security protocols and protections that assorted businesses in different industries must be cognizant of in order to continue their operations without being subjected to assorted fines. White Mountain IT Services is here to help you and your practice see to it that you are, with all the technical parts handled for you. Find out exactly what our team can put in place for you and assist you in managing by calling (603) 889-0800 today.