Girl Scouts and OpenText empower future leaders of tomorrow with cyber resilience

The transition to a digital-first world enables us to connect, work and live in a realm where information is available at our fingertips. The children of today will be working in an environment of tomorrow that is shaped by hyperconnectivity. Operating in this...

World Backup Day reminds us all just how precious our data is

Think of all the important files sitting on your computer right now. If your computer crashed tomorrow, would you be able to retrieve your important files? Would your business suffer as a result? As more and more of our daily activities incorporate digital and online...

3 Reasons We Forget Small & Midsized Businesses are Major Targets for Ransomware

The ransomware attacks that make headlines and steer conversations among cybersecurity professionals usually involve major ransoms, huge corporations and notorious hacking groups. Kia Motors, Accenture, Acer, JBS…these companies were some of the largest to be...

How Ransomware Sneaks In

Ransomware has officially made the mainstream. Dramatic headlines announce the latest attacks and news outlets highlight the staggeringly high ransoms businesses pay to retrieve their stolen data. And it’s no wonder why – ransomware attacks are on the rise and the...

An MSP and SMB guide to disaster preparation, recovery and remediation

Introduction It’s important for a business to be prepared with an exercised business continuity and disaster recovery (BC/DR) plan plan before its hit with ransomware so that it can resume operations as quickly as possible. Key steps and solutions should be followed...

Podcast: Cyber resilience in a remote work world

The global pandemic that began to send us packing from our offices in March of last year upended our established way of working overnight. We’re still feeling the effects. Many office workers have yet to return to the office in the volumes they worked in pre-pandemic....

5 Tips to get Better Efficacy out of Your IT Security Stack

If you’re an admin, service provider, security executive, or are otherwise affiliated with the world of IT solutions, then you know that one of the biggest challenges to overcome is efficacy. Especially in terms of cybersecurity, efficacy is something of an amorphous...

How Cryptocurrency and Cybercrime Trends Influence One Another

Typically, when cryptocurrency values change, one would expect to see changes in crypto-related cybercrime. In particular, trends in Bitcoin values tend to be the bellwether you can use to predict how other currencies’ values will shift, and there are usually...

Improved functionality and new features to help enhance the user experience

Webroot Console 6.5 is here

To help get us closer to retiring the Endpoint Protection Console, we’ve introduced three new functionality features with Webroot Console 6.5.

Friendly name support

To improve overall user functionality within the existing Endpoint Console, we have introduced a naming convention feature that allows users to assign a device a ‘Friendly Name’ that will replace the original Hostname associated with a device. All devices renamed within the Endpoint Console will see this naming convention reflected in the Management Console, allowing users to manage devices without having to navigate down to the Endpoint Console.

Persistent states

To further improve the user experience, the sites and entities pages has been improved with the introduction of persistent states. This introduction allows filters and searches to persist across a user’s session. Admins can seamlessly navigate away from a page and return to the view they were previously working with. This type of functionality will be introduced across other areas of the console in future releases.

Site only Admin view

This release brings forth a new look and feel for Site Only Admins to help align with the rest of the Webroot Management Console. This view represents the beginning for Site Only Admins. Admins will still have access to the Endpoint Protection Console during the uplift process in upcoming releases.

The release of Webroot’s latest console provides users with a simplified and centralized management system, intuitive user experience and enhanced visibility.

Visit our portal to get the latest Webroot updates in real-time.

Browse the status of product updates and enable delivery notifications.

World Password Day and the importance of password integrity

Passwords have become a common way to access and manage our digital lives. Think of all the accounts you have with different providers. Having a password allows you to securely access your information, pay bills or connect with friends and family on various platforms. However, having a password alone is not enough. Your password for each of your accounts needs to be difficult to guess and unpredictable. Your passwords also need to be managed and protected. With World Password Day around the corner, it’s important to take a moment and reflect on the importance of strengthening our digital hygiene beginning with our passwords.

When it comes generating a password, most of us rely on things that we can remember. A birth date, a pet’s name or our favorite sports team. While these options make it easier for us to recall our passwords, it also makes it far simpler for a cybercriminal to uncover them too. With all of the information we are freely sharing online through our social media platforms, a cybercriminal can easily spend a very small amount of time researching our habits, connections and other elements of our lives to guess potential passwords and gain access to our information. That’s why maintaining password integrity helps protect our online lives and reduces the risk of becoming a victim of identity theft or data loss.

What is password integrity?

Think of the foundation of a building. To prevent the building from collapsing in the future causing serious harm, it needs to be built with certain principles in mind. Password integrity involves the same concept. Passwords are the foundation of our digital lives. If they aren’t secure or properly managed, we run the risk of falling victim to cybercriminals who are eager to access our personal data.

Predicable passwords are problematic for several reasons. If your passwords follow the standard guidelines offered by most sites that require a single capital letter, at least 6 charters, numbers and one special character, hackers can easily make a series of attempts to try and gain access.

Without proper password integrity, personal information and business data may be at risk. The impacts for businesses and consumers are enormous. The average cost of a data breach in 2021 rose to over 4 million dollars, increasing 10% from 2020. For some small to medium-sized (SMBs) businesses, this means incurring a financial hit that could mean closing up shop. For consumers, dealing with identity theft can involve a world of headache. From freezing credit cards and assets to contacting all of the companies you regularly interact with, recovering from identity theft can be difficult and time consuming. 

How to develop password integrity

The best way to prevent unauthorized access to your accounts is to protect and manage them. While avoiding duplication of passwords for multiple accounts and enabling two-way authentication can help, using a password manager is another way to help manage all of your account passwords seamlessly.

Included in Webroot’s SecureAnywhere Internet Security Plus antivirus solution is access to LastPass®, a reliable and secure password management tool. LastPass is the most trusted name in secure password management. It encrypts all username, password and credit card information to help keep you safe online. LastPass gives you access to a password vault to store and access all of your passwords from any device.

Securing your digital life means protecting and managing your information. Having a reliable password management tool can help you effortlessly manage all of your passwords. As World Password Day approaches, take a step back and assess your digital hygiene beginning with your passwords. As cybercriminals develop more sophisticated ways to steal our information or identity, maintaining our own password integrity becomes key.

Discover Webroot’s antivirus solutions and learn more about LastPass.

Soaring ransomware payments, consistent infections, deceptive URLs and more in this year’s 2022 BrightCloud® Threat Report

Cyber threats are becoming increasingly difficult to detect. Cybercriminals are also becoming experts in deception. What does this mean for your business? How can you keep your family members safe online and reassure your customers you are protecting their data?

Our threat research analysts have complied the latest threat intelligence data to bring you the most cutting-edge and insightful information about the most recent cyber threats and what they mean for you.

Below is a summary and sneak peek from the full report.

Malware

Whether you operate a business or spend time online surfing the web, malware remains a concern. In the last year, 86% of malware remained unique to a PC, which has been consistent for the past few years. This implies attackers are obtaining a level of consistency in what they do to avoid being caught.

While the goal of spreading infection is top of mind for a bad actor, infection rates are not equal. When we examined the trends between businesses and consumers, there are some marked differences:

  • 53% of consumer PCs were infected more than once, but businesses lag behind migrating from Windows 7, leaving them more suspectable to infection.
  • For medium-sized organizations (21 to 100 licensed PCs) infection rates are just over one-third (34%), infecting nine PCs on average.
  • The manufacturing, public administration and information sectors experienced higher-than-average infection rates.

If your business falls within these industries or if you’re concerned your personal PC could be prone to infection, read the complete section on malware in the 2022 BrightCloud® Threat Report. It’s chock full of insights into the differences in infection rates by type of PC, region and industry.

Skyrocketing ransomware payments will cost more than just your revenue

If you’re a small business owner, you don’t need to be told that you’ve suffered immensely throughout the pandemic. Exposure to ransomware is just another element you’ve had to consider. Ransomware continues to plague small to medium-sized businesses (SMBs). While this is not a new revelation, the smallest organizations, those with 100 employees or less, accounted for 44% of ransomware victims last year.

That’s nearly half.

Why do cybercriminals focus on SMBs? Attacks on larger enterprises and state-owned entities bring a level of publicity and attention that makes it harder for bad actors to achieve their goal of a financial payout. SMBs, given the lack of resources to respond, are more likely to pay and pay a lot. The year-end average for 2021 more than doubled the 2020 average, reaching $322,168. With limited resources at their disposal, the smallest of organizations are faced with tough decisions ahead when it comes to making ransomware payments and disclosing their decision to do so.

Law enforcement agencies are starting to gain headway on ransomware gangs. To learn how countries are banding together to shutdown notorious groups like REvil and DarkSide, check out the ransomware section of the full report.

High-risk URLs are phishing for your data in the most benign of locations

We discovered four million new high-risk URLs were in existence in 2021. To make matters worse, almost 66% of them involved phishing. Cybercriminals look to certain times of the year to execute their attacks. They are also keen to impersonate well-known brands to lure you into clicking on malicious links. Our complete list of top brands that are most impersonated is available in the phishing section of our full report.

­­­Thwarting cyber threats through cyber resilience

“Businesses’ ability to prepare for and recover from threats will increase as they integrate cyber resilience into their technologies, processes, and people,” said Mark J. Barrenechea, OpenText CEO & CTO. “With security risks escalating worldwide and a persistent state of ‘unprecedented’ threats, compromises are inevitable. This year’s findings reiterate the need for organizations to deploy strong multi-layered security defenses to help them remain at the heart of cyber resilience and circumvent even the most creative cybercriminals.”

Our full report helps you uncover the latest cyber trends powered by our BrightCloud® Threat Intelligence platform.

To learn more and empower your cyber know-how, download the 2022 BrightCloud® Threat Report.

World Backup Day reminds us all just how precious our data is

Think of all the important files sitting on your computer right now. If your computer crashed tomorrow, would you be able to retrieve your important files? Would your business suffer as a result? As more and more of our daily activities incorporate digital and online files, it’s important for businesses and consumers to back up their data.

What is backup?

Simply put, backup is a copy of your files. Think of your family photos, home videos, tax information and other important documents. Typically we compile these files on our computer. Without backing these files up, they can get lost or stolen.  

Why backup?

Backup enables you to keep your data accessible and secure. There are so many ways your personal files or business documents could experience data loss. It could simply be a result of human error. Data loss can also occur as a result of falling victim to ransomware, malware or phishing. According to the 2022 BrightCloud® Threat Report, medium-sized organizations (21 to 100 licensed PCs) experienced malware infection rates that affected nine PCs on average last year. To make matters worse, BrightCloud® Threat Intelligence also revealed four million new high-risk URLs were in existence in 2021 and almost 66% of them involved phishing. Whether you have important files stored on your personal or business computers, your data remains at risk.

“The possibility of data loss and theft should be top of mind for individuals and businesses. Our increased reliance on digital files, the rise in cyber attacks, human error and natural disasters are just a few examples of how your data remains highly vulnerable,” says Tyler Moffitt, senior security analyst at Carbonite + Webroot, OpenText Security Solutions.

Take control of your data through backup

Beginning the backup process can be daunting. Whether you’re looking to back up your family’s documents or your mission-critical business files, it’s important to consider:

  • Where will you back up your data? There are a number of backup options. From external hard drive to the cloud, there are many ways to prevent loss. It’s important to find a solution that fits your needs.
  • What is your retention policy? A retention policy allows you to keep certain backups for a longer period of time. For instance, a business may decide it’s necessary to keep daily backups for a total of 30 days, but a family may choose to hold onto all their family photos for months  before archiving.

Say goodbye to data loss with Carbonite

Even though there are many ways to back up your data, not all options are created equal. For instance, storing your personal files on an external drive can backfire if the drive becomes corrupt or lost. As more of our data exists online, it’s important to consider cloud-based options.

Many vendors in the market offer cloud backup solutions for your home or business. But it’s important to find a reliable and trusted provider. Carbonite is an award-winning, industry leader with reliable backup solutions. Over one million people trust Carbonite to protect their digital lives. Carbonite offers automatic, dependable and convenient backup for all of your devices and hard drive files.

Make data backup a priority

World Backup Day is an important reminder to preserve our data. As the threat landscape continues to evolve, backing up your files becomes part of a larger cyber resilience strategy. Cyber resilience is a defense in depth strategy that helps ensure continuous access to your personal and business data no matter what happens. 

Carbonite offers solutions for consumers and businesses. Discover which of our plans is right for you.

Own a small business and need data backup? Discover Carbonite Safe® for professionals.

Kick start your backup journey today. To understand your backup needs, begin with our quick assessment. We’ll help you pinpoint the level of backup you need. We’ll also give you an opportunity to experience it without commitment.

Start a free trial today and discover for yourself how simple it is to back up your data with Carbonite.

Protect From Cyberattacks With These 6 Steps For Cyber Resilience

Making the case

The pros behind Carbonite + Webroot joined forces with industry leading researchers at IDC to develop an easy-to-understand framework for fighting back against cybercrime. The results? A 6-step plan for adopting a cyber resilience strategy meant to keep businesses safe.

IDC looked into the data and past the alarming headlines with million-dollar ransom payments and crippling supply chain attacks.

The facts they found are eye-opening and underline why cyber resilience is the best strategy:

  • less than 2% of full-time staff at SMBs are dedicated to tech
  • 30% of companies that paid a ransom forked over between $100,000 and $1 million
  • 56% of ransomware victims suffered at least a few days or a week of downtime

Of course, the best strategies can’t help anyone who doesn’t adopt them. So IDC also compiled tips for communicating with businesses. Whether you’re an MSP, an IT pro or just a friend, you can use these tips to help convince the underprepared that they need a cyber resilience strategy.

The 4 reasons why cyber resilience makes sense

IDC researchers make an iron-clad case for cyber resilience by looking at the current state of cybercrime. The found 4 main reasons why businesses need a cyber resilience framework:

  1. Crippling cyberattacks are on the rise. Evolving methods and sophisticated tactics make cybercrime a booming business for criminals.
  2. A distributed IT footprint brings greater risk. The onset of hybrid work opens new pathways ready to be exploited. And let’s face it, the average home WiFi doesn’t have the right kind of security.
  3. IT departments are stretched thin. Less than 2% of SMBs’ total employee base is dedicated to full-time IT staff.*
  4. Consequences of an attack remain dire. Attacks continue to reverberate past the day of a breach, with 55% of ransomware victims suffering a few days to a week of costly downtime.**

The right tools can fight back

But it’s not all bad news. Adopting the right strategy and the right tools sets you on the road to protecting your business. The headlines are scary and the stats are alarming, but they’re not prophecy. Businesses don’t have to live in fear of falling victim to cyberattacks.

From framework to action

IDC goes in depth for the steps businesses can take to adopt cyber resilience. Here’s a quick preview of the framework:

  1. Identify. You can’t protect what you haven’t first identified.
  2. Protect. Employees and their devices are cybercriminals’ first targets. Protect them and start a systematic file and backup system.
  3. Detect. Threat intelligence and experience-based detection can thwart even the most sophisticated attackers.
  4. Respond. It’s imperative to stop attackers’ advances before real harm occurs.
  5. Recover. Clean up infected devices, close backdoors and have a plan to recover damaged or out-of-commission assets.
  6. Educate. Empower your employees to form a citizen army of cybersecurity checkpoints.

Combining powers to form the best defense

IDC also suggests the best ways that businesses can take action to protect themselves. By combining the powers of outside help with in-house know how, businesses benefit from the best of two worlds.

Ready to start protecting yourself and your business? Explore how Carbonite + Webroot provide a full range of cyber resilience solutions.

Download the IDC report.

* IDC’s Worldwide Small and Medium Business Survey, 2020

** IDC, Future Enterprise Resiliency & Spending Survey Wave 6, July 2021, IDC’s 2021 Ransomware Study: Where You Are Matters!

Strengthening cyber resilience in the UK through managed service providers

The UK government has released a National Cyber Strategy to help guide the country’s strategic approach to combating the proliferation of cyber threats. As part of this strategy, the UK government is looking to expand its regulations under the Network and Information Systems (NIS) to include managed service providers (MSPs). The government’s efforts follow a string of supply chain attacks targeting SolarWinds, Microsoft Exchange Servers and the Colonial Pipeline. The UK government has highlighted a number of barriers to proper management of supply chain risks, including low risk recognition, limited visibility and insufficient expertise and tools to evaluate suppliers.

This strategic move by the UK government involves widening the scope of the NIS regulations to include MSPs. Original NIS regulations came into effect in 2018 to optimize cybersecurity offerings provided by companies within the essential services industries – water, energy, transport, healthcare and digital infrastructure. Expansion of the NIS regulations to include MSPs informs part of the UK government’s broader strategy to improve the country’s overall cyber resilience.

MSPs provide critical digital outsourcing services for IT departments and manage key business processes for many organizations. As such, MSPs play a vital role in promoting a digital-first economy. The UK government wants to ensure MSPs are fully prepared to manage ongoing cyber threats and protect the data integrity of their customers.

As the UK government moves forward with its plans, part of its proposal involves defining what an MSP does, from a commercial perspective. Under the proposed regulations, MSPs could be required to enact reasonable and proportionate security measures to protect their network and proactively manage the risks associated with services provided to customers. As of late, the NIS regulations that are being proposed could carry reporting requirements and heavy fines for those MSPs that don’t comply.

Embrace regulatory shifts with ease

We know adapting to these new and evolving requirements can be overwhelming.

Carbonite + Webroot are here to help. We offer a suite of business solutions to help keep your customers secure with reliable always-on protection, backup and recovery solutions designed to fit your needs.

Find the best solution for your business.

Social engineering: Cybercrime meets human hacking

According to the latest ISACA State of Security 2021 report, social engineering is the leading cause of compromises experienced by organizations. Findings from the Verizon 2021 Data Breach Investigations Report also point to social engineering as the most common data breach attack method.

Social engineering is a term used to describe the actions a cybercriminal takes to exploit human behavior in order to gain access to confidential information or infiltrate access to unauthorized systems and data.

What does social engineering look like?

Social engineering can take many forms. Some malicious actors might trick you into giving your password or financial information away. They may also try and convince you to provide remote access to your computer or mobile devices. Cybercriminals are looking for ways to gain your trust and take advantage of your curiosity by sending messaging that contains malicious links or downloads.

“One method of attack bad actors use quite frequently involves spoofing legitimate vendor support centers. Cybercriminals will pretend to represent these organizations by posting sponsored ads online or through promoted search results. They will offer assistance and sell expired or stolen products of the vendor they have impersonated. These cybercriminals prey on unsuspecting individuals who offer up their personal and financial information because they believe they are in contact with the real vendor,” says Tyler Moffitt, senior security analyst at Carbonite + Webroot, OpenText companies.

Some common social engineering tactics include:

  • Impersonating someone. An urgent request from a ‘friend’ or person you may know is a common tactic used by bad actors to compromise your information by attempting to gain your trust.
  • A legitimate-seeming request from a trusted source. A phisher may send an email, message or text that appears to be from a legitimate organization you interact with. According to the latest IDG report, phishing attacks are on the rise.
  • Oversharing personal information online. Some cybercriminals will gather intel through social networking sites like Twitter or Instagram and use that information to spoof various services or places you visit.

“Oversharing personal information online is especially dangerous for public figures or prominent employees. Cybercriminals conduct research online through a user’s social media channels to determine where a person visits and what activities a person participates in. Cybercriminals will then spoof their target with seemingly legitimate messages from that vendor with attractive offers. All they need is a click,” says Moffitt.

Avoid becoming a victim

To outwit social engineering attacks:

  • Slow down and remain in control. If you receive a message that conveys a sense of urgency to act, carefully consider whether you should respond.
  • Beware of what you download. Use a reputable web browser and remain conscious of what links you are accessing before clicking on them. Avoid downloading free applications that may possess remote access trojans that can compromise your device.
  • Delete any requests to provide financial information or passwords and report them as spam. Avoid responding to requests for help or offers to assist from individuals you don’t know.
  • Invest in security awareness training. Prevent your devices from becoming compromised by common attack vectors by investing in security awareness training. Testing yourself regularly with phishing campaigns can help you learn what to avoid.

As cybercriminals continue to exploit human behavior and take great strides to make their attack vectors appear harmless, it’s important to remain vigilant of how cyber threats continue to evolve.

Webroot offers a number of solutions to help you tackle these ongoing cyber threats. Experience powerful and reliable protection from Webroot that won’t slow you down. Whether it’s updating your antivirus software or learning to spot phishing traps with security awareness training, Webroot has you covered.

Find the best solution for your home or your business.

Considering cloning? Combat data bloat with file transfers instead.

If you own a computer that seems to have slowed to a crawl, you may be thinking about replacing it. But what about all the files on your old dinosaur? You may be thinking about transferring them to an external hard drive, a time-consuming and tedious process, or you may have heard of the far simpler process known as “cloning.”

Cloning is the act of creating a direct, one-to-one copy of a hard drive. Like the term suggests, cloning a computer will leave you with an identical copy of all the particular apps, files and settings on the device, which a user can then install onto a new one or keep as a backup in case something disastrous happens to the original.

Cloning is a pretty simple procedure and there are a lot of free tools to help you do it. But one problem it won’t help you solve is data bloat. Bloat is unwanted data that slows down a computer. This unwanted data can come in all types of different forms. It could be music, photos, games and apps, spreadsheets or text documents. One specific type of bloat, known as “software bloat,” occurs from successive updates to a computer program as they’re layered over one another time after time.

Generally, bloat is the result of the steady accumulation of more and more data as it’s added to your computer. Bloat eats away at the available memory on your hard drive and can lead to performance issues, most notably, slowing it down. If you’re experiencing frequent crashes, it may also be a problem with a corrupted file trying to execute.

You can’t clone the bloat away

Here’s where the problem with cloning comes in. Since a slow computer is a common reason for getting a new one, and cloning simply replicates all the data already stored on a device, it may not be the best strategy for getting existing files from an older computer onto a new one. Given that you’ve also probably updated your hardware, it won’t slam the breaks on your processing speeds immediately, but it’s an added burden right out of the gate.   

An alternative strategy is to back up your old device to the cloud and migrating files to the new one as needed. When done this way, all the old and unnecessary files you don’t think to update yourself aren’t taking up space on your shiny new laptop. When automatic cloud backup is installed, all the latest files from the initial computer exist online, ready to be pulled down to your device whenever a local copy is needed.

Transferring data piecemeal can also help identify anything problematic that’s causing a device to crash. Once isolated, it can be easier to uninstall or delete.

By storing the majority of your files in the cloud, you ensure free space remains on your hard drive log into the future. It’s less taxing on your device, and you’ll notice better performance as a result. There are also organizational benefits to having old files stored in one convenient location. If you’re combing for tax documents from previous years, for instance, you know where to grab them from your old drive. Without having to having to watch an old laptop inch along.

So, when it comes time to replace an old computer, think twice about cloning. Choosing cloud backup from Carbonite could help extend the life and improve the performance of that new device.

3 Reasons We Forget Small & Midsized Businesses are Major Targets for Ransomware

The ransomware attacks that make headlines and steer conversations among cybersecurity professionals usually involve major ransoms, huge corporations and notorious hacking groups.

Kia Motors, Accenture, Acer, JBS…these companies were some of the largest to be compromised by ransomware in 2021. These were mainly hit with well-known variants, sometimes unleashed by state-backed hacking groups. But it’s key to understand that no “Top 10” list of ransomware incidents paints an accurate – or at least comprehensive – picture of the impact ransomware played over the last year.

That’s because, small businesses and not-for-profit organizations are often hit the hardest by ransomware. Here are a couple factors to consider that might help reframe how we think about ransomware, who’s targeted and why small businesses can’t escape the gaze of ransomware groups.

  1. Attach Surface vs. Cybersecurity Resources

In our 2021 Webroot BrightCloud® Threat Report, we found overall infection rates to be rising fastest in the healthcare, non-profit and arts/entertainment/recreation industries. Schools, local governments and hospitals are some of the most commonly targeted types of institutions, accounting for some 2,400 breaches in 2020, according to the Ransomware Task Force’s (RTF) 2021 report.

We don’t typically think of these organizations as having excess budget earmarked for ransomware actors, so why are they so often targets? What makes them attractive to cybercriminals? It turns out, it’s exactly this lack of resources.

Often operating with limited IT budgets, hospitals, schools and local governments also typically run some of the most complex and difficult to secure networks. Spread out over multiple locations and responsible for hundreds or even thousands of devices – factors referred to as the “attack surface” in information security – make these institutions attractive targets. To make matters worse, a shortage of cybersecurity professionals and budget constraints mean they handle these challenges short-staffed.

As a result, public school systems, police departments and towns were among major compromises in recent years.

  • “Average” Ransomware Costs Can Be Misleading

Many security companies justifiably try to quantify the costs of ransomware year over year. While almost all agree both the number of attacks and the demanded ransoms are rising, these stats can obscure the real story.

Leaving aside the fact that they’re almost certainly underreported – businesses tend not to disclose ransomware incidents to avoid negative publicity and fines from regulatory agencies – a few high-profile incidents can drive up averages and distort the perceived cost to small businesses.

“I could never afford a $50 million ransom like the one hackers demanded of Acer,” the thinking goes, “so I must not be worth their time.” While understanding, this conclusion misrepresents the problem.

In fact, the median ransom demand in 2021, according to advanced findings from our upcoming threat report, was $70,000. Still potentially bankruptcy-inducing, this figure is within reach for a far greater number of businesses. Hence, a larger number of businesses are considered acceptable targets by criminals actors.

  • Ransomware as a Service Changed the Game

Maybe it was the case once, but malicious actors no longer have to be savvy behind a keyboard. Ransomware as a service (RaaS) is an increasingly popular business model among malicious actors where interested parties can buy ransomware “products” – malicious code meant to encrypt a target’s files – from a developer online.

According to the RTF, “In 2020, two-thirds of the ransomware attacks…were perpetrated by cyber criminals using a RaaS model.”

While supply chain attacks and major breaches of global corporations still require a good deal of technical sophistication, cracking the dentist’s office down the street no longer does. All that’s needed is a working knowledge of the dark web, a connection to a developer with loose morals and some startup capital to purchase the code.

This means casting a wider net with smaller ransomware demands threatens to ensnare more small and midsized businesses than before this business model emerged.

Securing small businesses in the crosshairs

Business owners and the MSPs that secure them can see how a set of factors are converging to increase the cybersecurity risks to businesses of all sizes. Luckily, there are a few steps, relatively easy to implement, that can help these organizations reduce their risk of falling victim to ransomware – or to limit the scope of any successful attacks.

These include:

  • Locking down Remote Desktop Protocols (RDP) – As the trends from 2021 emerge, it’s become clear that open RDP ports are the most common method of compromise among small businesses. They’re simply too easy for cybercriminals to discover and exploit, so lock them down.
  • Educate end users – The next common method of compromise is phishing attacks, independent of company size. But our research suggests that regular phishing simulations can dramatically reduce click-through rates among frontline users.
  • Install reputable cybersecurity software– What used to be the main method of defense against malware is now only a single method of defense, but it’s still a critical one.
  • Set up a strong backup and disaster recovery plan– Misconfigurations and user-enabled breaches are almost impossible to stop entirely. Having backups of critical files can reduce the pressure to pay a ransom and undermine the leverage cybercriminals have against a business.

Interested in learning more about ransomware and its effects on businesses? Download our eBook on the Hidden Cost of Ransomware.

Threat hunting: Your best defense against unknown threats

Threat actors are becoming more sophisticated, agile and relentless in their pursuit of stealing personal information for financial gain. Rapid and evolving shifts in the threat landscape require the knowledge and solutions to prepare and prevent threats that could spell disaster for organizations’ reputations and operations.

Organizations of all sizes remain at risk. Small to medium-sized businesses (SMBs) and managed service providers (MSPs) are especially vulnerable to the stealth efforts of bad actors. With fewer financial resources, a ransomware payment demand could mean the difference between staying in business and closing up shop.

Government entities are also prone to attack. In December 2021, Belgium’s Ministry of Defence experienced a cyberattack exploiting the Log4j vulnerability that paralyzed the ministry’s computer network. Within the same month, Australia’s utility company, CS Energy, experienced a ransomware attack involving the well-known ransomware Conti.

Evolving cyber threats can be unpredictable, but that doesn’t mean businesses have to tackle them alone. A robust security stack can help businesses stay protected and prepared. Establishing this level of resilience involves partnering with a provider that has human-powered threat hunting resources.

What is threat hunting?

Threat hunting involves actively searching for adversaries before an attack is carried out. Threat hunting involves the use of tools, intelligence and analytics combined with human intervention. Threat hunting centers around the proactive containment and identification of potentially damaging files before malicious vectors can cause severe damage to an organization’s operations.

What does a threat research analyst do?

“At Webroot, we focus our efforts on analyzing customer data. Our threat research analysts examine this data to determine if malicious files are present. Our analysts are constantly looking for files that possess certain characteristics that make up various types of malware. If we identify and determine that critical elements of a suspicious file are present, we classify and block them. Making determinations can be approached in different ways. One avenue of determination is carried out by creating isolated conditions to run the suspicious file to see what results it presents,” says Marcus Moreno, manager, threat research at Carbonite + Webroot, OpenText companies.

“Since our database is comprised of mass quantities of SMB and MSP data, we can continue to make determinations from a large and evolving data set. This is why SMBs and MSPs can derive value from partnering with Webroot,” adds Moreno.

Take your security stack to the next level

Cyberattacks will continue to be a concern for businesses, governments and individuals. Combatting cyber threats means adopting a cyber resilience approach. Cyber resilience is the ability to remain operational in the face of threats – whether human or maliciously-based. One important element of a solid cyber resilience strategy is to remain in a pre-emptive and proactive stance. Avoid costly ransomware payment demands, bolster customer confidence and minimize downtime for business operations by investing in a solutions provider backed by threat hunting capabilities.

Discover how Webroot’s solutions can protect your business.

Report: Phishing Attacks Sustain Historic Highs

Phishing attacks sustain historic highs

In their latest report, IDG and the pros behind Carbonite + Webroot spoke with 300 global IT professionals to learn the current state of phishing. We learned that 93% of IT executives are still concerned about phishing – and it’s no wonder, as companies averaged 28 attacks each over the previous 12 months.

Luckily, the report details how to fight back. With the right preparation and the right protection, companies can prevent all but 0.3% of attacks.

Phishing capitalizes on COVID

Phishing attacks have been part of the cybercriminal arsenal for years. But it’s only recently that phishing has flourished into the scourge it is today. That’s because cybercriminals have found success by targeting COVID-19 fears with their schemes.

In fact, phishing attacks spiked by 510% from just January – February 2020, according to the 2021 Threat Report. These increases leveled off by the summer, but phishing attacks still increased 34% from September – October 2020. Overall, 76% of executives report that phishing is still up compared to before the pandemic.

COVID-based tactics might purport to have new info on a shutdown, to share COVID stats or even suggest info from your doctor. But in each case, cybercriminals are looking to steal your information.

Who’s getting attacked?

IT departments are feeling the brunt of these attacks, with 57% of them targeted by phishing. Carbonite + Webroot Sr. Security Analyst Tyler Moffitt says, “Even if malware targets someone with lower-level access, the attack will move laterally to eventually find an IT administrator.”

He goes on to say that attackers can then linger for a week or more to find valuable data or steal a balance sheet that gives an indication of how much ransom to charge.

Because they often have important credentials, top executives and finance groups are also common targets. Public-facing customer service employees also offer easy access.

Consequences of phishing

75% of global IT executives say they’ve suffered negative consequences from phishing attacks. That includes:

  • 37% suffered downtime lasting more than a day
  • 37% suffered exposure of data
  • 32% lost productivity
  • 19% had to pay legal or regulatory fines

A layered approach to security

But it’s not all bad news. Yes, phishing is using new tactics to target businesses. But there are ways to fight back.

The report cites training as one of the most effective tools. But the frequency of training varies greatly, and 25% of those who use it don’t include phishing simulations. By using security awareness training that offers regular simulations, you can reduce phishing by up to 70%.

But even with great training, the report notes that people will still click some of the time. That’s why a multi-layered approach gives peace of mind that not all is lost if one person messes up.

No layer is 100% effective, but taken together many layers get very close. A defense in depth security posture utilizing DNS and endpoint detection as well as a sound backup strategy can give you confidence that you’re prepared to withstand even a successful phishing attack.

Ready to start protecting yourself and your business? Explore how Carbonite + Webroot provide a full range of cyber resilience solutions.

Download the IDG report.

The Benefits of Using a VPN on Your Home Network

If you’ve considered using a virtual private network (VPN) at all, it’s likely to establish a secure connection while working remotely or to connect to public networks. But privacy enthusiasts appreciate the benefits of a VPN even from the comfort of their own homes. Depending on your level of comfort with your internet service provider (ISP) – and what country you live in – setting one up for your household may be a smart bet.

Before diving into why, here is a brief refresher on what a VPN is and why they’re useful.

The VPN basics

Think of a VPN as a tunnel your internet traffic travels through to keep nosy onlookers from being able to see what you’re doing online. More literally, VPNs are tools used to encrypt network traffic and to hide a user’s IP address by masking it with a proxy one – in this case one belonging to the VPN provider.

A VPN may route your encrypted traffic through a datacenter located anywhere in the world (though it’s best when it’s nearby so the user’s experience doesn’t suffer).

Why would one want to use a VPN?

Typically, they’re used by individuals logging onto public networks as an assurance their activities won’t be monitored. In addition to maintaining privacy, this also prevents cybercriminals from stealing sensitive data from banking transfers, paying bills or conducting other sensitive transactions from places like airports or coffee shops.

Corporations may also mandate the use of VPNs for remote workers so that sensitive company data is more difficult to compromise. To protect against data breaches or other leaks, network administrators typically encourage encrypting traffic using a tool like a VPN.

Check out this post for more on why you should use a VPN on public networks.

Do you need to use a VPN at home?

 It depends on a number of factors.

It depends on where you live and how private you want to keep your web browsing habits. Physical location is a factor because, in the United States, it’s been legal since 2017 for ISPs to sell certain data they’re able to gather unless the customer explicitly opts out. Most major ISPs claim to not sell user data, especially anything that can be used to identify the user, but it’s technically not illegal.

In countries where this practice is prevented by law, users may have fewer privacy concerns regarding their ISP. In the European Union, for example, strict privacy standards laid out in the General Data Protection Regulation (GDPR) prevent even the gathering of user data by ISPs. This makes the case for a VPN at home harder to make, since most websites already encrypt data in transit and home networks are unlikely to be targeted by things like man-in-the-middle attacks.

For U.S. users, though, using a VPN at home makes good privacy sense. Despite some attempts to learn what major ISPs do with our data, they’re not always forthright with their policies. There are also no guarantees an ISP won’t suddenly change those policies regarding the sale of user data.

If you don’t want to leave the issue up to your ISP, shielding personal data with a VPN is a good choice.

Choose your VPN wisely

If you’re not careful, your VPN can end up doing the same thing you got it to avoid.

“If you’re not paying for it, you are the product,” or so the saying goes. This is especially true for many free VPN services. Free solutions often track and sell your browsing data to advertisers to generate revenue. Be sure to choose a “no-log” solution that doesn’t track your online activity for sale to third-parties.

It’s also important you choose a VPN from a vendor that:

  • Is established enough to have access to servers worldwide
  • Has a professional support team on-staff and available to assist with any issues  
  • Is easy to configure and simple to use, so you actually will!

After checking these boxes, it’s a smart choice to use a VPN at home under some circumstances.

For a proven, reliable solution, consider making Webroot® WiFi Security your VPN of choice on the go and at home.