Category Archives: Non-Profit

Why Do Hackers Want My Data?

Hackers Want Your Data

By: David R. Herman – Director, Technical Services

Hacking has become so commonplace that many people have begun disregarding the potentially disastrous consequences of it. Why do hackers hack, anyway? Why are we burdened with the inconvenience and expense of firewalls, anti-virus programs, content filters, and having to sort through pages of spam selling you the next super vitamin.

As in many other facets of life – follow the money! While it’s true there are some hacking groups that use hacking as a canvas for their social messaging, bragging rights, corporate espionage and other reasons, the vast majority of ‘professional’ hacking is for personal and financial enrichment.

This article aims to help you understand what a serious effort is being made to steal and make money using YOUR data. Now is the time to ensure you are putting enough resources toward protecting your data (as opposed to glazing over and rolling your eyes every time your IT professional starts warning you about ‘those vile hackers’).

So how do hackers make money from your data? By selling it, of course!
Here are some of the most common ways hackers are profiting from your data right now:

  • Ransomware. Hackers encrypt the data on your computer or network so you cannot access it, essentially holding it ransom. Then they offer to ‘sell it back to you’ for a fee. Once you pay, they usually give you the key needed to decrypt it.

    – Motive: Financial gain through the direct sale of data back to its owner.

  • Stolen Financial Data. Credit cards, social security numbers and other identifying information can be used for immediate identity theft exploits. Hackers collect this information and then sell it on the deep web to groups skilled at using it to perpetrate identity theft. It is its own business and it’s happening 24 hours a day, 7 days a week.

    – Motive: Financial gain via short-term identity theft.

  • Stolen Data. If you’ve been to a doctor in the past few years, you’re familiar with the term ‘HIPAA guidelines.’ For providers, HIPAA causes numerous headaches as it forces practices to create special procedures, train their staff, and even invest in specialized software. As a patient, HIPAA provides you with data privacy and security provisions meant to safeguard your medical information. As medicine moves toward electronic medical records, it opens the door to medical data fraud. When a hacker obtains your medical data they can submit fraudulent claims, resulting in insurance and Medicare fraud, costing the industry billions of dollars each year ($6.2 billion according to a recent IBM/Ponemon report). Furthermore, since medical records contain personal data that is biometric and never changes, skilled groups can re-use this data for future identity theft exploits long after the data is obtained.

    While the example above is specific to the healthcare industry, it’s important to note that any industry with sensitive data about its clients is at risk, including the accounting, legal and financial industries.

    – Motive: Financial gain via short-term and long-term identity theft and insurance fraud.

These are just three of the more popular exploits we see every day. Unfortunately, there are many more, and they are ever-evolving. So, the next time you see a bright red and yellow pop-up warning stating ‘Your computer is vulnerable,’ don’t ignore it. There are full-time hackers working hard to get at your data.

Want to stay ahead of the hackers and keep your data secure? Give us a call to assess your vulnerability and secure your data.

How Confident Are You With Your Existing Backup Solution?

How reliable is your current backup system?
Would your business survive a technical disaster?
When was the last time you tested your backup system?

These are some of the questions business owners should be asking themselves on a regular basis. Here are some of the answers we’ve heard through the years:

I just bought my server; it’s new so I’m protected.
All my data is in the cloud so I don’t need to back anything up.
I have mirrored drives in my server so I’m sure I’m ok.
Or our favorite…
My IT guy says we’re backing up. So I guess we’re good. 

The fact of the matter is that most business owners do not take data backups and disaster recovery nearly as seriously as they should. IT Web suggests the total cost of data breaches will be more than $2.1 trillion by 2019. In fact, currently the number one threat to business data is Ransomware. Although anti-malware solutions provide some protection, the only guaranteed protection against Ransomware and similar threats is a well-planned and maintained backup strategy.

Backup devices come in many sizes and flavors.  The key to choosing the right backup solution comes down to your expectations.  What is your acceptable level of downtime?  The client who answers that question with “one hour or less” will find themselves with a different solution than the client who answers “a day or two.”  Of course, everything comes with a price and the lower your threshold for acceptable downtime, the higher your cost is likely to be. 

Choosing the right type of backup system for your organization can be tricky.  Some only backup locally, some go off to the cloud, while others do a combination of both.  And then there is the data retention period – how far back do you need to keep the data?  The answers to these questions may be different for companies of different sizes, industries, and needs. And thus the solutions must match these criteria.

So, what happens when your most important server crashes at the worst possible time?  Some of the appliance-based backup systems will actually let you boot up the last backup and run it right off the appliance itself.  This way, no productivity is lost while the server is being fixed.  This functionality is a life saver when you need it.

Finally, disaster recovery testing is always a forgotten step in the backup strategy. Periodic testing of your backup plan is vital to its overall success.  This is the only true way to test the system and make sure the solution is adequate for business continuity.  Too many business owners discover their backup solution has failed when they are already in the middle of a crisis, at which time it’s too late to do anything about it.

Now is the perfect time to assess your backup and disaster recovery solutions, before you need it. Let us help you identify the solution that is most appropriate for your business. Contact us today to learn more.