Are You Having A Technology Emergency?

AccessMSP Blog

Access IT Solutions has been serving the Florida area since 2008, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

ALERT: Cybercriminals are Targeting Central Florida Small Businesses

ALERT: Cybercriminals are Targeting Central Florida Small Businesses

Cybersecurity threats have been increasing over the last several years, and headlines have been cropping up all over about major businesses, organizations, and even public entities getting hit by cyberattacks. It’s easy to see this as a “bigger business” problem, but data has shown that smaller businesses throughout central Florida are now being targeted specifically.

Small Businesses Throughout South and Central Florida are Being Targeted by Cybercriminals

While smaller businesses have never been immune to IT security threats like viruses, malware, ransomware, and other types of attacks, it has been easy to associate large-scale and high-impact attacks like data breaches and distributed denial of service (DDoS) attacks with bigger enterprises. 

Over the years, larger hospital systems and enterprise-level businesses have been the focus of attacks like these, with big names like Yahoo, Facebook, JPMorgan Chase, Marriott, and Equifax getting press. You don’t hear about smaller businesses getting targeted or going out of business due to catastrophic data breaches because they tend to have a smaller footprint and get less attention. 

The problem is that this has been happening more and more frequently, to the point where it’s becoming very evident that smaller businesses are being specifically targeted.

Why Would Hackers Target Smaller Central Florida Businesses?

You might assume that smaller businesses around Vero Beach, Indian River County, West Palm Beach, and all the way up to Melbourne aren’t really in the spotlight when it comes to cybercriminals, especially when Orlando and Miami have so many larger businesses. 

The thing is, smaller businesses tend to be more lax in their IT security. They aren’t protecting themselves from modern attacks like ransomware, and they aren’t up to speed on modern network policies or other protections that could prevent or mitigate certain types of threats. Larger businesses can afford in-house cybersecurity staff that is dedicated to protecting the business. Smaller businesses are just easier targets, even if the payoff tends to be smaller.

Speaking of payoffs though, it isn’t as small as you might think. The average ransomware attack payment in 2020 was $170.000. In 2021, that reached $812,000. This means cybercriminals are exploiting a lot more money off of smaller businesses, and actually getting it. These attacks can be so effective that the victim essentially has two choices; pay the ransom or shut down the business.

This becomes even more severe if your business deals with sensitive information. Medical and Dental practices Hospitals and other healthcare organizations that store patient information are under even more scrutiny, and an attack that breaches that data can do irreparable harm and lead to fines and lawsuits.

How are Central Florida Small Businesses Being Targeted By Cybercriminals?

There are many different attack vectors that a cybercriminal can use to harm a business, but we’ve been seeing some specific examples that have been very effective for hackers. This goes double when the attacks are specifically targeting the victims, as opposed to setting broad targets and playing the numbers game.

Phishing Attacks

Right now, phishing attacks are the leading cause of data breaches and the leading cause of malware distribution. It’s estimated that one in every 99 emails is a phishing attack. According to a 2021 study by Cisco, 86% of organizations had at least one user try to connect to a phishing site that was trying to steal their information.

Phishing is such an old tactic, but it has been proven effective for cybercriminals, especially over the last few years. We’re mostly past the days where people are getting tricked into sending money to someone posing as a Nigerian prince who wants to randomly hand out hundreds of thousands of dollars, but modern phishing attacks are smarter and harder to distinguish from actual legitimate emails. 

Users need to be extremely skeptical when an unsolicited email comes in, especially if it is asking them to log in, reset a password, or submit sensitive information with relative urgency. Users need to take a second and look for telltale signs that they are being scammed before acting.

Modern phishing attacks can be targeted specifically for the recipient. It doesn’t take a whole lot of effort for a cybercriminal to figure out what types of services and accounts your users might need to use at work, so by exploiting those, they are much more likely to get your users to fall into a trap.

Whaling Attacks

Whaling works similar to phishing, except it is designed to specifically target the senior executives of the business. Whaling attacks are emails that look like they come from legitimate people within the company—usually a CEO or board member. These emails will then ask the recipient to share sensitive information or forward over cash in the form of gift cards. 

Look at your own workplace. If “the CEO” were to send an email to the accounting department and ask for three $500 gift cards, what are the chances that the accounting department would do so, no questions asked? Another example would be a manager or executive asking for a password for a particular account. Cybercriminals have even been known to use the target’s official email signature to look as convincing as possible.

Everyone within an organization needs to be taught to inherently not trust emails that are overly urgent and involve the sharing of sensitive information or money. Pick up the phone and get clarification from the sender to make sure it’s legitimate, unless it was an email that you expected already.

Ransomware

Half of all organizations have encountered some type of ransomware, according to the same 2021 Cisco study mentioned before.

Ransomware is a popular type of malware that infects computers very quickly. Some versions of ransomware only affect a single machine, but most have the capability to spread across a network and infect every device available. Once ransomware is triggered, it takes over every single file on the computer and locks it down by encrypting it. It basically makes it impossible for you to access the data. The only way to restore access is by paying the ransom, which could be anywhere from a few hundred dollars to tens of thousands of dollars or more.

If you don’t pay the ransom within a set amount of time (and the ransomware will be sure to wave this in your face) your data will be deleted or stolen and leaked. At this point though, you can already assume that your data is stolen, and the best-case scenario is that if you pay the ransom you’ll regain access again.

But you should NOT pay the ransom. You shouldn’t incentivize this type of activity. There are going to be cases where you are forced to; many organizations have had to pay the cybercriminals because they had no other choice. That’s why this tactic works so well.

The only real solution is to prevent ransomware attacks, and that’s done by having proper security solutions in place that will quickly mitigate attacks and block known threats. Having an extremely solid, well-maintained, monitored backup solution will also be critical because if you do get infected, you’ll want to rely on your backup.

Many types of ransomware are designed to infect backup systems too, so you’ll definitely want something more serious than backup drives and general on-site backup systems.

Cybercriminals know that smaller businesses throughout Central Florida have fewer systems in place to prevent and mitigate ransomware attacks, which is why businesses throughout the east coast of Florida are being targeted specifically.

Don’t Let Your Business Be a Victim

We work with businesses across all of Florida to help them get more out of their technology, and that includes securing their technology to prevent threats and meet strict compliance standards. Don’t let your business suffer from a major attack before you take cybersecurity seriously—it will be much more cost-effective to be prepared. Give us a call today at (888) 548-9511.

After Hurricane Ian, We Need to Talk About Backup ...
Choosing the Right IT Provider for Healthcare Orga...
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, 05 December 2022

Captcha Image

Areas We Serve

Serving the following Florida counties:

Brevard County Hendry County
Indian River County   Highlands County
Broward County Seminole County
Orange County Volusia County
Osceola County Hardee County
St. Lucie County Desoto County
Martin County Charlotte County
Palm Beach County   Collier County
Lake County Marion County
Polk County Lee County
Glades County Sumter County

Contact Us

Learn more about what AccessMSP can do for your business.

Call Us Today
Call us today
(305) 671-3937
 
 
 
 

13301 SW 132nd Avenue
Suite 109
          
Miami, Florida 33186 

 ________________________________

601 21st Street 
Suite 300
      
Vero Beach, Florida 32960 

Latest Blog

If your organization requires reliable computers, then you need access to a professional who can provide consistent, technical support. There is a big difference between a local computer repair person and a professional who understands the ...

Copyright AccessMSP. All Rights Reserved.

TOP