SMBs

Evasive Scripts: What They Are, and What We’re Doing About Them

“What’s an evasive attack? At a very basic level, it’s exactly what it sounds like; it’s a cyberattack that’s designed to hide from you,” says Grayson Milbourne, Security Intelligence Director at Webroot, an OpenText company. Based on Grayson’s initial explanation,...

DoH Is Here to Stay: Why Businesses Should Embrace It

While the proliferation of encrypted DNS is being driven by consumer privacy, businesses will want to take notice. Encrypted DNS – also known as DNS over HTTPS, or DoH – obscures internet traffic from bad actors. But it also has the potential to decrease visibility...

Old Habits vs. New Normal in the Time of Coronavirus

It didn’t take long for COVID-19 to completely alter the way we work. Businesses that succeed in this rapidly changing environment will be the ones that adapt with the same velocity. In our second installment from The Future of Work series, you’ll hear from Webroot...

Hack, Crash, Storm, Spill: Pick Your Poison

Reading Time: ~ 5 min.

Don’t expect cybercriminals to go easy during a hurricane. Quite the opposite, in fact. Just like they’ve used the coronavirus pandemic to launch COVID-related malware scams, hackers will capitalize on the names and news coverage of hurricanes to disguise attacks. That’s why now is a good time to review your cyber security posture and your overall cyber resilience strategy. We talked with Carbonite VP of Product Management Jamie Zajac about how to anticipate the types of adverse events that catch a lot of people and businesses off guard. With the right protection in place, you can maintain access to data during a hurricane – and all year round. You can start by knowing what to expect.

Get woke to data loss

When most people think of data loss, they think major disasters, like headline-generating storms and floods. Of course, it’s important to anticipate highly impactful outages. But these are far more rare than other causes of data loss. “It’s everyday scenarios that are really common. Like leaving a laptop on an airplane, dropping a phone in the river, or accidentally deleting a folder and having the recycle bin policies expire,” Zajac says.

Another cause of data loss is hardware failure. “Hardware has become more reliable,” Zajac says, “but you never know when a hard drive will fail, a computer will be dropped or a motherboard will crash.”

Since hardware has a finite lifespan, failure is inevitable. When you’re considering how to protect devices that store important data, Zajac recommends looking for a few key features:

  • Continuous backup (so you’re capturing changes as you make them)
  • Online file recovery (so you don’t have to wait to buy a new computer)
  • Cloud failover for critical servers or disaster recovery as a service (DRaaS)

An ounce of prevention

Whether it’s a lack of awareness, the complexity of systems or the perceived difficulty of deploying protection, too many people and businesses fail to protect themselves ahead of time. “We often don’t think to make cyber security and data protection a priority until it’s too late,” Zajac says. “For consumers and business alike, we see a ton of inquiries about how to get data off a hard drive that wasn’t backed up. That is way more time-consuming, expensive, error-prone and ineffective than having a full cyber resilience and protection plan in place.”

“It’s never worth the risk of being hacked,” Zajac says. “I’ve seen businesses struggle and even close when they lose data, or their brands suffer because hackers have stolen their data. As compliance requirements and privacy requirements evolve, more and more small businesses face these risks.”

Hurricane checklist

Hurricane season is prime time for system outages. But it’s also a useful reminder to prepare for the unexpected. Here are three key steps you can take to form a strategy for dealing with annually occurring threats, according to Zajac.

  1. Anticipate your office being unavailable – Like the physical disruptions we’ve experienced with the COVID-19 pandemic, anticipate IT infrastructure becoming unavailable. Can you run systems in the cloud? Can you access a cloud backup quickly? DRaaS is a great solution for businesses susceptible to hurricanes.
  2. Back up everything, not just some things – Many people realize too late that they only chose to back up critical systems, and that one of those “second-tier” systems is also necessary to run the business. It’s better to have everything backed up than to be missing something. You can often save costs by tiering your backups or having different recovery objectives for different systems. But don’t skip backing up some systems.
  3. Test your backups – Know whether you can recover systems within the time required.

When it comes to hurricanes and weather-related risks, specific security-related concerns should also be considered. “It’s important to train people on the protocols for when they need to work remotely,” Zajac says. “Generally speaking, you should be training users on security best practices, whether they are remote or in the office. But people are more distracted and thus susceptible to phishing and social engineering when they are remote.”

If people need to work from cloud workstations, personal devices or laptops, make sure they have a security suite, such as cloud-based anti-virus and anti-phishing protection. Make sure you have security software that doesn’t require people to be in the office. For example, if you are relying on your firewall to block malicious websites, it won’t help employees who are off the network. Use DNS protection with roaming device security for these scenarios.

An all-of-the-above approach

Murphy’s Law dictates that you’ll probably experience the data breach you’re not prepared for. Any form of data loss can have bad effects. So, if you’re too narrowly focused on just one threat, consider all the potential adverse events you could experience.

“Hackers are a constant threat and can have really big impacts in terms of data loss, productivity loss, compliance requirements, regulatory fines, brand damage and more,” Zajac says. “A coffee spill is a constant threat,” she warns, “but the damage is typically isolated. You still don’t want to rely on someone re-creating all of your work if a coffee spill or other localized damage even occurs, especially if it is the CEO’s laptop.” Zajac continues, “A hurricane is a rare and often well-predicted event, but the impact can be catastrophic. You can’t wait for a hurricane to build a plan.”

The good news is that a competent IT consultant can help you build a strategy, and a good vendor can protect you against many of these adverse events in one fell swoop.

Setting expectations

There’s no backup without recovery. But how do you know if your recovery process is sufficient? It should align with the objectives you establish before disaster strikes.

“On an endpoint, you can typically get very fast file backup and recovery so that you only lose minutes of data and all files are available online in a web interface for fast access,” Zajac says. “For servers, you need to tier systems into mission-critical applications and use a very low RPO solution, such as DRaaS. Non-mission critical infrastructure can withstand a few hours or days to get running again.” Zajac suggests doing an impact analysis. If a given system is offline, how much will it cost your business?

Cloud considerations

It’s not just devices that are worth protecting. Today, both personal and business users leverage the public cloud, like Microsoft 365 and Azure, for much of their storage and computing needs. A lot of people make the mistake of thinking cloud data is protected by the vendor. But this is not the case.

“Microsoft cannot tell the difference between accidental data loss and legitimate file deletions because the content is no longer relevant. It’s up to users and company admins to make this determination,” Zajac says. “Microsoft 365 credential attacks are on the rise. It’s only a matter of time before someone creates or spreads ransomware to Microsoft 365 native data. That won’t be a good day for anyone who doesn’t have a backup in place.”

Next steps

Never let a good catastrophe, or the threat of one, go to waste. Use this hurricane season to make sure you have a robust cyber security and resilience plan. And not just for hurricanes, but for all the ways you can lose access to data.

The Changing Face of Phishing: How One of the Most Common Attacks is Evolving

Reading Time: ~ 3 min.

Most people are familiar with phishing attacks. After all, they’re one of the most common forms of data breach around.

At their most basic, phishing attacks are attempts to steal confidential information by pretending to be an authorized person or organization. Standard phishing is not targeted. It relies on achieving a few successes out of hundreds or thousands of attempts. But because it’s so cheap to pull off, both in terms of effort invested and cost to conduct, even one person taking the bait make a campaign worth a malicious actor’s time.

But phishing has evolved. “Standard” phishing as we commonly think of it is now only a subsection of tactics carried out to achieve the same end: to swipe confidential information from an unsuspecting target in order to extract something of value.

To better be on guard across the diverse group of tactics that fall under the umbrella of phishing, users should be familiar with the ways these attacks are conducted.

We’ll cover a few here, but to learn more, download the 11 Types of Phishing Attack eBook.

Spear Phishing

If standard phishing is akin to trawling the High Seas to catch users indiscriminately, spear phishers are out for the trophy catch. Where most phishing attacks cast a wide net, hoping to entice as many users as possible to take the bait, spear phishing involves heavy research of pre-defined, high-dollar target—like a CEO, founder, or public persona—often relying on publicly available information for a more convincing ruse. When the target is sizeable enough, the CEO of a large, publicly traded company say, spear phishing is sometimes called ‘whaling.’

Smishing

SMS-enabled phishing uses text messaging to delivering malicious links, often in the form of short codes to obscure the ultimate destination of a link, to ensnare smartphone users in their scams. The term is a portmanteau of SMS and phishing, and it’s an attractive method for cybercriminals because oh the high engagement rates for texts. According to some sources, SMS open rates are around 98% compared to 20% for email. Messages are often are often disguised as sweepstakes winnings, flash sales, coupon codes, and requests for charitable or political contributions.

Business Email Compromise (BEC)

One of the most expensive threats facing businesses today, business email compromise involves a phony email, usually claiming to be someone from within or associated with a target’s company, requesting a payment or purchase be made (often of gift cards). A “confidence game” according to the FBI, BEC attempts are often accompanied by a sense of high urgency to discourage critical thinking. Of the $3.5 billion the FBI estimates businesses lost to cybercrime in 2019, nearly half ($1.7 billion) was blamed on business email compromise.

Search Engine Phishing

In this type of attack, cyber criminals wait for you to come to them. Search engine phishing injects fraudulent sites, often in the form of paid ads, into results for popular search terms. These ads often promise amazing deals, career advancement opportunities, or low interest rates for loans. Remember, if it seems too good to be true, it probably is. Often, the only difference between the scam result and the one you’re looking for is a .com that should be a .org or a .org that should be a .gov. Be on the lookout for strange endings to URLs. It may be just a country-specific domain, but they can also be hiding something more sinister.

Protecting Yourself from Phishing Attacks

Protecting yourself from phishing attacks starts with knowing what’s out there. But while staying vigilant will keep most attackers at bay, no one can be 100% secure on their own. That’s why it’s important to use an antivirus that relies on up to date threat intelligence that can block these threats in real time as they are clicked. Also, it is imperative for businesses to train their users on the types of phishing attacks employees could fall for.

For more types of phishing attacks, real-world examples, and more tips for keeping yourself or your business safe from such attacks, download the 11 Types of Phishing Attack eBook.

There Are Savings to be Had in Cybersecurity. Just Not Where You Might Think.

Reading Time: ~ 4 min.

Prior to the outbreak of the novel coronavirus, Webroot’s annual Threat Report highlighted a 640% increase in active phishing sites on the web. However difficult it may be to believe (or easy, depending on your outlook), things have gotten even worse since.  

From fake anti-malware sites named for the virus (Really. See below.), to phony tracker apps that actually stalk users, to Netflix and Disney+ phishing scams that steal login data by taking advantage of a coronavirus-induced “streaming boom,” cybercriminals are getting crafty with COVID-19.

Threat analysts at Webroot have been tracking the rise in registered domain names with names including “covid,” corona,” and “coronavirus” since the outbreak began, noting that 2 percent of the more than 20 thousand newly registered domains containing those terms are malicious in nature. Files marked malicious that included the word “Zoom” grew more than 2,000 percent.

All these threats have arisen concurrently with an economic downturn that’s brought about fear, uncertainty, and the need to cut costs. Depending on the shape the recovery takes, we could be living with these unfortunate realities for some time. That means cybersecurity spending will inevitably be considered for the chopping block within many organizations. This is a bad idea for the reasons listed above and a great many more.

What’s needed, instead, is a greater investment in cybersecurity. As the World Economic Forum stated in an article entitled “Why cybersecurity matters more than ever during the coronavirus pandemic,” cybercrime flourishes during times of fear and uncertainty. We’re also spending more time online and relying on digital productivity tools as much as ever.

“Pressure will mount on business leaders to take action to cut costs and security spend may be highlighted for reduction,” say’s Webroot Sr. Director of Product Nick Emanuel. “However, the economics here are clear—cybercriminals are not cutting their budgets and are waiting to exploit weaknesses.”

And if organizations decide to preserve their remote workforces in order to promote employee safety and cut facility costs, as many tech companies are already doing, the cybersecurity landscape could be altered permanently.

“With the unprecedented shift from office to work from anywhere, it’s crucial that businesses review their remote working policies for data protection, as well as security, and be prepared for the variety of different work environments,” said Emanuel.

Cybersecurity in a Strange New World

So, what can you do to enhance cybersecurity for your business or clients? Rather than dropping products or sacrificing protection, develop a laser focus on these four principles:

  1. Automation—Companies must consider how AI and machine learning can assist with cybersecurity tasks. Adoption of these technologies is already high, but understanding remains low. When used effectively, they can reduce the need for high-paying, talent-scarce positions, freeing up the talent you do have to think strategically about larger business issues. Automated backup for businesses also reduces workload and guards against data loss, which can be costly in terms of loss productivity and potential fines.
  • Education—Phishing is still the largest single source of data breaches, according to the latest Verizon Data Breach Investigation Report. Again, this is a quick way for malicious actors to install ransomware or to gain access to sensitive information, leading to downtime and fines. Luckily, users can be taught with some reliability to spot phishing attacks. Webroot’s research has found that, with ongoing training with a phishing simulator, click rates for phishing attacks can be reduced by more than 85%.
  • Insurance—Data breaches are existential threats for many small and mid-sized businesses (SMBs). According to IBM, data breaches for organization between 500 and 1,000 cost an average of $2.65 million. Normally, organizations would hedge against such astronomical threats. Cybersecurity shouldn’t be any different. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) recommends cybersecurity insurance both as a means of promoting additional protection in exchange for more coverage and encouraging best practices for better premium rates.
  • Investment—Finally, businesses should invest wisely in their cyber resilience. This can be thought of as a holistic approach to cyber wellness that allows an organization to remain on its feet, even in the face of serious threats. Data security and data protection are essential components of cyber resilience. Data security entails endpoint security, sure, but also DNS filtering and security training for protection at the network and user levels. Data protection entails automated, encrypted backup and recovery for endpoints and servers to defend against ransomware, hardware failure, and device loss or theft. Together, these elements of cyber resilience reduce the likelihood of any one cyber setback being catastrophic for your business or clients.

MSPs and SMBs, rather than cutting costs by sacrificing their cybersecurity, should look to enhance it. While some of these steps may seem aimed at companies in a growth phase, they can actually improve the bottom line over the long run. After all, the costs of preparation pale in comparison to the cost of a breach.

Old Habits vs. New Normal in the Time of Coronavirus

Reading Time: ~ 3 min.

It didn’t take long for COVID-19 to completely alter the way we work. Businesses that succeed in this rapidly changing environment will be the ones that adapt with the same velocity. In our second installment from The Future of Work series, you’ll hear from Webroot Product Marketing Director George Anderson, who shares his perspective on how businesses will need to adapt and evolve to stay on course during and after the global coronavirus pandemic.

How has COVID-19 changed cybersecurity and cyber resilience planning? What will be the most important steps to take moving forward?

In some ways not at all. We were already existing in a fairly perimeter-less network world. There was already a hybrid between on- and off-network staff, and reviewing where data was being worked upon, accessed and secured, and asking how data was being processed and secured during its journey. Many businesses data was already split between user devices and the cloud.

Confidentiality, integrity and availability in the case of cyber-attacks or other forms of potential data loss need to be clearly understood as before, and any weaknesses addressed. The imperative is to have a safe data cloud in place both in terms of security and recovery.

The steps to take include:

  • Setting up regular and if practical continuous risk assessment to get visibility of data risks
  • Understanding where the greatest risks and weaknesses exist in people, process and technology
  • Investing and allocating appropriate budget to address where the greatest data loss and compromises could and would now occur

What could the future look like after the coronavirus? Specifically, what will change in IT and business?

Not everyone will want to choose to continue working from home. While the savings in closing offices down are attractive to businesses, they are not necessarily the same for an employee whose home environment is not conducive to work. These employees may seek alternative employment to remove the burden of working from home if an office option is not available. IT has already, for the most part, moved to the cloud where it can, and remained on-prem where it needs to be because of security, compliance and control. The main IT imperatives will be factors like secure 5G and faster communications for better collaboration.

In business, people buy from people. And face-to-face interaction is the norm. While this will reduce in the near-term, in the long run, peoples’ wellness depends on social interaction. Businesses that ignore that will not thrive. However, businesses are generally going to be more open to remote working roles and a lot better positioned to recruit staff for remote work, without them necessarily being close to physical offices.

IT investments will shift in the coming months, what will take precedence for companies as they go back to ‘business as usual’?

The pandemic will make companies look, in broader terms, at the all the risks to their business. And they’ll use IT where practical to put protections and assistance in place. More holistic Disaster Recovery springs to mind as benefiting from this pandemic, as does better backup of user desktops that particularly among MSPs and SMBS has not been a priority in the past.

What advice do you have for SMBs who will need time and a renewed economy to recover?

There will be many opportunities as the economy comes back and many holes where competitors and others have failed. An approach that is flexible and can react to those opportunities is essential. So, look to business arrangements in IT, Finance, HR and other key areas that will let you maximize your ability to take advantage of new opportunities. If you have not looked to an MSP to help you in the past then now is the time to look at how experts in remote management an remote working like an MSP can help?

For a step by step guide on how to improve business cyber resilience click here.

The Future of Work: Being Successful in the COVID Era and Beyond

Reading Time: ~ 3 min.

Working from home is no longer something some of us can get away with some of the time. It’s become essential for our health and safety. So, what does the future of work look like in a post-COVID world?

We asked some of our cybersecurity and tech experts for their insights, which we’ll be presenting in a series entitled The Future of Work. In this installment, we’ll cover the qualities that will separate companies able to make smooth transitions to new ways of working from those that can’t. Plus, we’ll examine the effects the pandemic and our response to it have on workplace culture.

What are hallmarks of organizations that will successfully navigate our new workplace realities?

The COVID-19 crisis has forced employers to more fully consider the broader humanity of their employees. With parents becoming teachers and caretakers for ill, often elderly loved ones, greater levels of empathy are required of management. Now, with a lagging world economy and even experts unsure of what shape the current recession will take, financial stress will likely be added to the long list of anxieties facing the modern workforce.

As remote work continues to be a norm in industries like tech, boundaries between home and work life will continue to be murky. This, says Webroot product marketing manager George Anderson, presents opportunities for effective leaders to stand out from their peers.

“Leadership matters now more than ever,” says Anderson, “and being truthful matters even more. Your staff is worried, and platitudes won’t help. They need real communication based on real facts explaining why a company is making certain decisions. Being empathetic, sharing in employee concerns, involving and demonstrating how you value your staff—whether at executive or managerial level—will impact loyalty, dedication, and future business performance.”

Forbes notes that a more empathetic work culture is a silver lining arising from the pandemic that won’t be easily undone. We now know not just our coworkers’ personalities, but also their home office setups, their pets, children, and even their bookshelves. That fuller understanding of the person behind the position will hopefully lead to an enduring human-centric shift in the workplace. 

Long-term, how will office culture change? What policies should change once everyone is physically back at work?

Relatedly, office cultures are likely to change in irreversible ways. Even as we return to physical offices, large events like company all-hands meetings may be attended virtually from personal workspaces, and large team lunches may become rarities. Companies may even choose to alternate days in and out of the office to keep the overall office population lower.

“People will become more comfortable with video calling, screen sharing, and online collaboration,” predicts Anderson, “even between colleagues present in the same office. Boundaries will become blurred and we will find new ways to stay in touch and maintain our human connections by leveraging advanced collaboration solutions in new but secure ways.”

Personal hygiene will also undoubtedly become a bigger aspect of physical office culture. In its guidelines for safely returning to work, the CDC recommends installing a workplace coordinator charged with implementing hygiene best practices office wide. Suggested measures include increasing the number of hand sanitizing stations available to workers, relaxing sick leave policies to discourage ill workers from coming to the office, modernizing ventilation systems, and even daily temperature checks upon entering the building.

“Some of these hygiene measures will be single events, not the future of office work,” notes Anderson. “Others will have more long-term impacts on the way we work together.”

Given the visible impact some measures will have around the office, it will be impossible for them to not affect culture. Because routines like temperature checks may be considered intrusive, it’s important the reasoning behind them be communicated clearly and often. Stressing a culture of cleanliness as a means of keeping all workers healthy and safe can enforce a common bond.

Cybersecurity remains imperative

Cyber resilience isn’t the only aspect of overall business resilience being tested by COVID-19, but it’s a significant one. The cyber threats facing today’s remote workforces differ in key ways from those faced in the past, so its important companies reevaluate their cyber defense strategies. To do our part to help, we’re extending free trials on select business products to 60 days for a limited time. Visit our free trials page or contact us for more information.

Why Your Cyber Resilience Plan Doesn’t Include Windows 7

Reading Time: ~ 2 min.

Our 2020 Threat Report shows increasing risks for businesses and consumers still running Windows 7, which ceased updates, support and patches earlier this year. This creates security gaps that hackers are all too eager to exploit. In fact, according to the report, malware targeting Windows 7 increased by 125%. And 10% of consumers and 25% of business PCs are still using it.

Webroot Security Analyst Tyler Moffitt points out that a violation due to a data breach could cost a business $50 per customer per record. “For one Excel spreadsheet with 100 lines of records, that would be $50,000.” Compare that with the cost of a new workstation that comes pre-installed with Windows 10 at around $500, and you quickly realize the cost savings that comes with offloading your historic OS. 

Windows 10 also has the added advantage of running automatic updates, which reduces the likelihood of neglecting software patches and security updates. Continuing to run Windows 7 effectively more than doubles the risk of getting malware because hackers scan for old environments to find vulnerable targets. Making matters worse, malware will often move laterally like a worm until it finds a Windows 7 machine to easily infect. And in a time when scams are on the rise, this simple OS switch will ensure you’re not the weakest link.

While businesses are most vulnerable to Windows 7 exploits, consumers can hardly breathe easy. Of all the infections tracked in the 2020 Threat Report, the majority (62%) were on consumer devices. This does, however, create an additional risk for businesses that allow workers to connect personal devices to the corporate network. While employees work from home in greater numbers due to COVID-19, this particular security risk will remain even higher than pre-pandemic levels.

Layers are key

As Moffitt points out, no solution is 100% safe, so layering solutions helps to ensure your cyber resilience is strong. But there is one precaution that is particularly helpful in closing security gaps. And that’s security awareness training. “Ninety-five percent of all infections are the result of user error,” Moffitt says. “That means users clicking on something they shouldn’t thus infecting their computer or worse, a entire network.” Consistent training – 11 or more courses or phishing simulations over a four- to six-month period – can significantly reduce the rate at which users click on phishing simulations.

Also, by running simulations, “you get to find out how good your employees are at spotting scams,” Moffitt says. “If you keep doing them, users will get better and they will increase their efficacy as time goes on.”

Fight cyber-risks with cyber resilience

The best way to close any gaps in protection you may have is to deploy a multi-layered cyber resilience strategy, also known as defense-in-depth. The first layer is perimeter security that leverages cloud-based threat intelligence to identify advanced, polymorphic attacks. But since cyber resilience is also about getting systems restored after an attack, it’s also important to have backups that enable you to roll back the clock on a malware infection.

With so many people working from home amid the global coronavirus pandemic, it’s increasingly critical to ensure cyber resilient home environments in addition to business systems. Find out what major threats should be on your radar by reading our complete 2020 Threat Report.

Pay Attention to the Hacker Behind the Hoodie

Reading Time: ~ 3 min.

There’s a pretty common misconception among small businesses and medium-sized businesses (SMBs) that hackers only target large organizations. Unfortunately, this belief couldn’t be further from the truth. In fact, according to the most recent Verizon Data Breach Investigations Report, more than 70% of cyberattacks target small businesses. Additionally, many attacks are now shifting to target managed service providers (MSPs), specifically because breaching an MSP can give hackers access to their entire SMB customer base.

Why are hackers targeting SMBs?

Simply put— it’s easy money. First, the smaller the business is, the less likely it is to have adequate cyber defenses. Moreover, even larger SMBs typically don’t have the budgets or resources for dedicated security teams or state-of-the-art intrusion prevention. On top of that, smaller businesses often lack measures like strong security policies and cybersecurity education programs for end users, so common vulnerabilities like poorly trained users, weak passwords, lax email security, and out-of-date applications make SMBs prime targets.

What’s more: some hackers specialize in breaching specific business types or industries, refining their expertise with each new attack.

Which business types are in the cross hairs?

Realistically speaking, the majority of businesses face similar amounts of risk. However, some industries do tend to be targeted more often, such as finance or healthcare. Here are some of the business types that are currently topping hacking hit lists.

Managed Service Providers

MSPs hold a lot of valuable data for multiple customers across industries, which makes them desirable targets. Hackers use a technique known as “island hopping”, in which they jump from one business to another via stolen login credentials. MSPs and their SMB customers are both potential targets of these attacks.

Healthcare Organizations

Hospitals, physical therapy offices, pediatricians, chiropractors, and other healthcare practices are easy targets for cybercrime because they can have such chaotic day-to-day operations, and because they often lack solid security practices. In addition, medical data and research can extremely valuable. Patient records alone can sell for up to $1,000 or more on the dark web.

Government Agencies

There are many reasons that cybercriminals, particularly nation-state terrorists, might target local and national governments. In particular, small governments and local agencies generate troves of sensitive information, while large governments can be victims of nationwide disruption, either for financial gain or sheer destruction.

Financial Institutions

You probably aren’t surprised by this list item. Banks, credit unions, and other financial institutions have long been targets for hackers due to a wealth of data and money. Only a few years ago in 2018, over 25% of all malware attacks targeted banks––that’s more than any other industry. More recently, automation has further enabled cybercriminals to run advanced attacks on financial institutions at scale.

Celebrities, Politicians, and High-Profile Brands

Hacktivists, who are usually politically, economically, or socially motivated, like to seek out politicians, celebrities, and other prominent organizations as targets. They may even attempt to embarrass public figures or businesses by stealing and disseminating sensitive, proprietary, or classified data to cause public disruption, or for private financial gain via blackmail.

What are your next steps?

The only real requirement for becoming a hacking target is having something that hackers want, which means all businesses are at risk. Luckily, a few relatively straightforward tips can go a long way in keeping your business secure.

Think Like a Hacker

Cybersecurity awareness training with phishing simulations is a vital component of an effective protection strategy. In fact, Webroot’s own research found that regular training over just 4-6 months reduced clicks on phishing links by 65%. Understanding hacker practices and motivations can help you predict potential threats and thwart attacks.

Lock Down Your Business First

The right security layers can protect you from threats on all sides. If you haven’t already, check out our free Lockdown Lessons, which include a variety of guides, podcasts, and webinars designed to help MSPs and businesses stay safe from cybercrime.

Embrace Comprehensive Cyber Resilience

Being resilient in the face of cybercrime doesn’t just mean having powerful, automated endpoint threat detection in place. It also means having security layers that can protect your business and clients front and back. That includes layers like security awareness training, as well as network protection and strong backup and disaster recovery services. The best defense is prevention, and by preventing attacks and planning your recovery proactively, you’ll be ready to bounce back right away at the first sign of trouble.

Hackers have diverse means and motives, so it’s up to you to know their methods and prepare your business and customers to block advanced threats.

To get started on the road to cyber resilience, you can learn more about Webroot® Business Endpoint Protection or take a free trial here.

AI and ML in Cybersecurity: Adoption is Rising, but Confusion Remains

Reading Time: ~ 3 min.

If you’ve been working in the technology space for any length of time, you’ve undoubtedly heard about the rising importance of artificial intelligence (AI) and machine learning (ML). But what can these tools really do for you? More specifically, what kinds of benefits do they offer for cybersecurity and business operations?

If you’re not so sure, you’re not alone. As it turns out, although 96% of global IT decision-makers have adopted AI/ML-based cybersecurity tools, nearly 7 in 10 admit they’re not sure what these technologies do.

We surveyed 800 global IT decision-makers across the U.S., U.K., Japan, and Australia/New Zealand about their thoughts on AI and ML in cybersecurity. The report highlighted a number of interesting (and contradictory) findings, all of which indicated a general confusion about these tools and whether or not they make a difference for the businesses who use them. Additionally, nearly 3 out of 4 respondents (74%) agreed that, as long as their protection keeps them safe from cybercriminals, they really don’t care if it uses AI/ML.

Here’s a recap of key findings based on responses from all 4 regions.

  • 91% say they understand and research their security tools, and specifically look for ones that use AI/ML.
  • Yet 68% say that, although their tools claim to use AI/ML, they aren’t sure what that means.
  • 84% think their business has all it needs to successfully stop AI/ML-based cyberattacks.
  • But 86% believe they could be doing more to prevent cyberattacks.
  • 72% say it is very important that cybersecurity advertising mention the use of AI/ML.
  • However, 70% of respondents believe cybersecurity vendors’ marketing is intentionally deceptive about their AI/ML-based services.

AI and ML matter because automation matters

As we’ve all had to adjust to “the new normal”, IT professionals have had to tackle a variety of challenges. Not only have they had to figure out how to support a massive shift to working from home, but they also have to deal with the onslaught of opportunistic online scams and other cyberattacks that have surged amidst the chaos around COVID-19.

With all of us working to adapt to these new working conditions, it’s become clear tools that enable automation and productivity are pretty important. That’s where I want to highlight AI and ML. In addition to how AI/ML-based cybersecurity can drastically accelerate threat detection—and even predict shifts and emerging threat sources—these technologies can also make your workforce more efficient, more effective, and more confident.

While many of our survey respondents weren’t sure if AI/ML benefits their cybersecurity strategy, a solid percentage saw notable improvements in workforce efficiency after implementing these tools. Let’s go over those numbers.

  • 42% reported an increase in worker productivity
  • 39% saw increases in automated tasks
  • 39% felt they had more time for training, learning new skills, and other tasks
  • 38% felt more effective in their jobs
  • 37% reported a decrease in human error

As you can see, the benefits of AI and ML aren’t just hype, and they extend well beyond the cybersecurity gains. Real numbers around productivity, automation, time savings, and efficacy are pretty compelling at the best of times, let alone when we’re dealing with sudden and drastic shifts to the ways we conduct business. That’s why I can’t stress the importance of these technologies enough—not only in your security strategy, but across your entire toolset.

Where to learn more

Ultimately, AI and ML-based tools can help businesses of all sizes become more resilient against cyberattacks—not to mention increase automation and operational efficiencies—but it’s important to understand them better to fully reap the benefits they offer.

While there’s clearly still a lot of confusion about what these tools do, I think we’re going to see a continuation of the upward trend in AI/ML adoption. That’s why it’s important that IT decision-makers have the resources to educate themselves about the best ways to implement these tools, and also look to vendors who have the historical knowledge and expertise in the space to guide them.

“Realistically, we can’t expect to stop sophisticated attacks if more than half of IT decision makers don’t understand AI/ML-based cybersecurity tools. We need to do better. That means more training and more emphasis not only on our tools and their capabilities, but also on our teams’ ability to use them to their best advantage.”

– Hal Lonas, SVP and CTO for SMB and Consumer at OpenText.

For further details about how businesses around the world are using AI and ML, their plans for cybersecurity spending, and use cases, download a copy of the full AI/ML report.

And if you still aren’t sure about AI/ML-based cybersecurity, I encourage you to read our white paper, Demystifying AI in Cybersecurity, to gain a better understanding of the technology, myth vs. reality, and how it benefits the cybersecurity industry.

Hackers: Fact vs. Fiction

Reading Time: ~ 3 min.

Have you ever watched a movie and seen a character doing something you know how to do, and thought to yourself, “jeez, that’s totally wrong. Couldn’t they have done a little research?”

That’s exactly what hackers think when they watch movies, too. For most of us, the image that comes to mind when we hear the word “hacker” is pretty stereotypical: probably a young guy wearing a hoodie and headphones, in a basement, surrounded by fancy displays full of unintelligible code that looks like it’s straight out of the 1999 movie the Matrix, with only nefarious intentions at heart. We have that image for a reason; that’s how many films have portrayed such characters.

But, just like those times when you see a movie or TV character totally screwing up the thing you know how to do, this stereotype just isn’t accurate. Not all hackers have the same motives. In fact, not all of them are even “bad guys.” Misunderstanding leads to fear, and acting out of fear is never a good thing. If you want to stay safe from cyber-related risks in the modern world, it’s important to understand the myth vs. the reality.

Common Myths

  1. Every hacker is a criminal with evil intentions, who wants to break systems, steal information, steal money, cause destruction, commit cyber-espionage, or engage in other illegal activity online
  2. All hackers are male
  3. Hackers work alone, exclusively
  4. Hackers have to work really fast, or else they’ll get caught by the authorities
  5. There isn’t much money to be made, so hackers have to send lots of attacks to make their efforts worthwhile
  6. Hackers only go after large corporations and government systems.

The Truth about Hackers

  1. The word “hacker” really just refers to an individual who uses computers, networking, or other technology and related skills to accomplish a particular goal. That goal may not have anything to do with criminal activity, even if it involves gaining access to computer systems. In fact, some hackers use their skills for good, helping businesses and individuals become better able to prevent attacks by malicious hackers
  2. Just like their varied motivations, hackers come in all shapes and sizes. While the average self-proclaimed “hacker” is likely to be male and under 35, they can be of any gender, age, ethnicity, etc.
  3. As with most pursuits in life, hacking tends to be most productive when conducted by a team. It’s actually pretty common for hackers to be involved in larger groups or organizations. Some of them even have salaries and set holidays, just like the rest of us in the non-hacking working world, and may have customers and sales arrangements that include things like reseller portals and component rental
  4. A rushed job is a bad job, plain and simple. Hackers have the time to take a slow and methodical approach to accomplish their aims. They know they’re more likely to be successful if they research targets, do recon, and take the time to work out the best angles of approach. In contrast, victims of attacks typically have a very short amount time in which to react or recover, especially in the case of ransomware.
  5. There’s a lot of money to be made in hacking. As of the most recent Cost of a Data Breach Report, the average cost of a data breach is $3.92 million, and nearly 3 in 4 (71%) of breaches are financially motivated. In fact, the average hacker can earn up to 40 times the median wage of a software engineer.
  6. Although large corporations can be desirable targets, they often have larger security budgets and teams of security professionals dedicated to protecting the business. You might think hackers have bigger fish to fry, but small and medium-sized businesses (SMBs) are prime targets. More than 70% of cyberattacks target small businesses. In particular, more attacks are focusing on MSPs specifically because of their SMB clients. Breaching a single MSP could open up data access to their entire client base.

So what do you do?

You’re already on your way. By better understanding the true methods and motivations behind the myths, you can begin to lock down your business and protect your customers against today’s biggest threats. If you haven’t already, check out our Lockdown Lessons, which include a variety of guides, podcasts, and webinars designed to help MSPs and businesses stay safe from cybercrime.

The next step is to ensure your security stack includes a robust endpoint protection solution that uses real-time threat intelligence and machine learning to prevent emerging attacks. Learn more about Webroot® Business Endpoint Protection or take a free trial here.

World Backup Day: A Seriously Good Idea

Reading Time: ~ 3 min.

“Cold Cuts Day,” “National Anthem Day,” “What if Cats and Dogs had Opposable Thumbs Day”…

If you’ve never heard of World Backup Day, you’d be forgiven for thinking it’s another of the gimmicky “holidays” that seem to be snatching up more and more space on the calendar.

(Did you know that single quirky duo, Ruth and Tom Roy, are responsible for copyrighting more than 80 of these holidays, including Bathtub Party Day, held annually on December 5?)

Not so, though, for World Backup Day. While, according to WorldBackUpDay.com, it was founded by a few “concerned users” on the social media site reddit, the day’s dedication is a decidedly serious one.

March 31 was established as “a day for people to learn about the increasing role of data in our lives and the importance of regular backups.”

Each April Fool’s-eve, the site invites humans all over the planet to not be fools and to back up their data. In celebration of World Backup Day, we sat down with Webroot Product Marketing Director George Anderson to see how users can ensure they stay cyber resilient by adhering to good data backup practices.

For World Backup Day, what’s the one piece of advice you’d give to a small or medium-sized business? An everyday computer user, like a parent?

Losing data used to be something that happened because a hard disk failed, a device was lost or stolen, or some other unforeseen accident made a device unusable. These remain risks. But these days, it’s just as likely your data is being held for a ransom or some nasty infection has destroyed it for good.

Up-to-date backups are essential. Remember: it’s not if something will happen to your data, but when. So, prepare for the unexpected. Easily restored data backups let you be more resilient against cyber-attacks and better able to recover customer data, financial information, business-critical files, and precious memories. Anything irreplaceable should be regularly backed up without a second thought, or worse, a passive “it won’t happen to me.”

Thankfully, many of today’s backup solutions are easy-to-use and affordable. My advice is to not become the next data loss or ransomware victim. Simply invest a little into backup software and rest easy knowing you’re covered.

Why is it important that World Backup Day be celebrated year-round? How can we keep the spotlight on backup and cyber resilience?

For those with backup technology in place, World Backup Day should be a reminder of the importance digital information plays in our daily lives, and to check up on existing backups to make sure they are being properly made and that they can be easily restored.

Unfortunately, “set-and-forget” technologies like automated backup and recovery solutions are rarely revisited – until we need them to be 100 percent. So, checking regularly that they’re correctly configured and working properly is important.

For those not currently backing up their data regularly, the day should bring into focus a glaring hole in your home or business data security. Perhaps take the time to consider the impact losing your data forever would have? Then take action.

Back up is no longer a “nice-to-have” capability. In a world where our lives are increasingly digital and our data is threated at lots of different angles, backup is crucial aspect of data security.

What’s the difference between backup and cyber resilience? Should companies be putting more of an emphasis on cyber resilience?

Backup is a key component of cyber resilience, though it’s not the only one. But it does make what could be an existential event, like a total loss of business or personal data, a setback that can be recovered from.

Cyber resilience is first and foremost about detecting, protecting and preventing attacks on your data in the first place. But then, even if your attack detection, protection and prevention defenses fail, your backup and recovery solutions ensure your data isn’t lost for good.

Cyber resilience is not a choice between security and backing up your data. It’s about covering both bases, so if a serious data compromise does occur, recovery is quick and painless to the business

This World Backup Day, take the pledge:

“I solemnly swear to back up my important data and precious memories on March 31st.”

And don’t forget to make sure that both cybersecurity and backup and recovery solutions are in place for your business or home office.

5 Must-Haves When Working Outside the Office

Reading Time: ~ 3 min.

When you’re running a business, it’s important to stay connected, whether you’re in the office or not. Modern technology has made this easier than ever, ensuring you can answer emails and stay on top of tasks in hotels, coffee shops, wherever. Social media influencer and serial entrepreneur Gary Vaynerchuk has even said, “The airplane is disproportionately the place where I get the most tangible amount of work done.” 

But if you’re going to get anything done outside the office or on the road, there are a few essentials to have on hand. Here are five must-haves to make sure you are prepared and productive.

#1 Protect Your Devices and Your Data

No, this is not at the top just because you’re reading this on a security blog. Anytime you’re accessing the internet in a hotel, coffee shop, or other public space, your data and devices are at risk. While security may not be at the top of your list of concerns, a whopping 58% of data breaches happen to SMBs, and 60% of those who are attacked fold within 6 months.

This is why security, at the very least endpoint security, should be your number one consideration when working on the go. But not all endpoint security solutions are created equal.

Explore fast and effective endpoint security designed for business.

Modern endpoint security is cloud-based, lightweight (won’t slow your device down), and is powered by 24/7 threat intelligence to make sure you are protected against all known threats. In fact, some do what is known as “journaling” when they encounter an unknown threat so if it is deemed malicious, every action the malware took can be rolled back, step by step.

It’s also worth considering implementing a VPN to secure your connection to your office software and data as well as secure your communications with colleagues. Public WiFi is a favorite target of malicious attacks, including man-in-the-middle attacks, so the more you can anonymize your activity, the better.

#2 Stay Connected

When you’re on the road, there’s no guarantee that you’ll have reliable WiFi. Coffee shop WiFi can vary depending on how many people are using it, and hotel WiFi often costs money. To make sure you can always stay connected to high-quality WiFi, you’ll want to invest in a mobile WiFi device, which will work much better than using your smartphone as a hotspot. Plus, using a mobile WiFi device will help save your phone battery and will free it up for any phone calls you need to make. 

In addition, by using your own WiFi hotspot, you will avoid some of the security risks that come from using public WiFi

#3 Stay Charged

The last thing you want when working on the go is for your devices to run out of battery. Of course, you must remember to bring your basic laptop and smartphone chargers. However, you might not always have convenient access to an outlet. In which case, you’re going to want to bring a portable charger. Smartphones and laptops have different battery needs so you might want to get a portable charger for each.

Here is a list of the top portable chargers for smartphones and another for the top power banks for your laptop.

#4 Stay in the Zone

If you’re out of the office, chances are it might be more difficult to find some peace and quiet. Because of this, you’ll want to make sure you have a good set of headphones to help you get in the zone. 

If you’re choosing headphones, you’ll need to consider whether you want to go with over-the-ear or in-ear models. Over-the-ear models tend to have higher sound quality and better noise canceling features, but there are a variety of high-quality earbuds these days that may be easier to travel with. Whichever you go with, they’ll be useless without productivity-enhancing music to go along with them.

study published on the psychology of music found that those who listened to music completed their tasks more quickly and experienced better creativity. If you want to make your own playlist, it’s largely accepted that classical and other instrumental types of music work best for productivity. However, there are a variety of curated work playlists already in existence that you could use.

#5 Travel with the Right Bag

Now that you have your laptop, smartphone, chargers, portable batteries, headphones, and WiFi hotspot, you’ll need a way to carry it all around. But not just any bag will do. Since you’re traveling, you’ll want something that is compact, organized, and comfortable to carry, even if it’s heavy.

While the briefcase is a classic, it is not very efficient and can be cumbersome when also trying to carry coffee or talk on the phone. Backpacks are definitely the way to go if you want to carry everything comfortably while keeping your hands free. Just make sure to choose a bag made of durable materials with adequately wide and cushioned straps. The last thing you want in a bag is one you wince at the thought of carrying again after a long day.

Smishing Explained: What It Is and How to Prevent It

Reading Time: ~ 3 min.

Do you remember the last time you’ve interacted with a brand, political cause, or fundraising campaign via text message? Have you noticed these communications occurring more frequently as of late?

It’s no accident. Whereas marketers and communications professionals can’t count on email opens or users accepting push notifications from apps, they’re well aware that around 98% of SMS messages are read within seconds of being received

Phishing has evolved. Learn all the ways hackers are angling for your data with our 11 Types of Phishing eBook.

As with any development in how we communicate, the rise in brand-related text messaging has attracted scammers looking to profit. Hence we arrive at a funny new word in the cybersecurity lexicon, “smishing.” Mathematical minds might understand it better represented by the following equation:

SMS + Phishing = Smishing

For the rest of us, smishing is the act of using text messages to trick individuals into divulging sensitive information, visiting a risky site, or downloading a malicious app onto a smartphone. These often benign seeming messages might ask you to confirm banking details, verify account information, or subscribe to an email newsletter via a link delivered by SMS.

As with phishing emails, the end goal is to trick a user into an action that plays into the hands of cybercriminals. Shockingly, smishing campaigns often closely follow natural disasters as scammers try to prey on the charitable to divert funds into their own pockets.

Smishing vs Vishing vs Phishing

If you’re at all concerned with the latest techniques cybercriminals are using to defraud their victims, your vocabulary may be running over with terms for the newest tactics. Here’s a brief refresher to help keep them straight.

  • Smishing, as described above, uses text messages to extract the sought after information. Different smishing techniques are discussed below.
  • Vishing is when a fraudulent actor calls a victim pretending to be from a reputable organization and tries to extract personal information, such as banking or credit card information.
  • Phishing is any type of social engineering attack aimed at getting a victim to voluntarily turn over valuable information by pretending to be a legitimate source. Both smishing and vishing are variations of this tactic.

Examples of Smishing Techniques

Enterprising scammers have devised a number of methods for smishing smartphone users. Here are a few popular techniques to be aware of:

  • Sending a link that triggers the downloading of a malicious app. Clicks can trigger automatic downloads on smartphones the same way they can on desktop internet browsers. In smishing campaigns, these apps are often designed to track your keystrokes, steal your identity, cede control of your phone to hackers, or encrypt the files on your phone and hold them for ransom.
  • Linking to information-capturing forms. In the same way many email phishing campaigns aim to direct their victims to online forms where their information can be stolen, this technique uses text messages to do the same. Once a user has clicked on the link and been redirected, any information entered into the form can be read and misused by scammers.
  • Targeting users with personal information. In a variation of spear phishing, committed smishers may research a user’s social media activity in order to entice their target with highly personalized bait text messages. The end goal is the same as any phishing attack, but it’s important to know that these scammers do sometimes come armed with your personal information to give their ruse a real feel.
  • Referrals to tech support. Again, this technique is a variation on the classic tech support scam, or it could be thought of as the “vish via smish.” An SMS message will instruct the recipient to contact a customer support line via a number that’s provided. Once on the line, the scammer will try to pry information from the caller by pretending to be a legitimate customer service representative. 

How to Prevent Smishing

For all the conveniences technology has bestowed upon us, it’s also opened us up to more ways to be ripped off. But if a text message from an unknown number promising to rid you of mortgage debt (but only if you act fast) raises your suspicion, then you’re already on the right track to avoiding falling for smishing.

Here are a few other best practices for frustrating these attacks:

  • Look for all the same signs you would if you were concerned an email was a phishing attempt: 1) Check for spelling errors and grammar mistakes, 2) Visit the sender’s website itself rather than providing information in the message, and 3) Verify the sender’s telephone address to make sure it matches that of the company it purports to belong to.
  • Never provide financial or payment information on anything other than the trusted website itself.
  • Don’t click on links from unknown senders or those you do not trust
  • Be wary of “act fast,” “sign up now,” or other pushy and too-good-to-be-true offers.
  • Always type web addresses in a browser rather than clicking on the link.
  • Install a mobile-compatible antivirus on your smart devices.