Millions of businesses in America do not realize that their network and hosts may already be compromised – Take this quick quiz to determine if you have any common vulnerabilities.
What Are The Common Attacks Against Small to Medium Size Businesses?
- Information gathering
- Denial of Service attacks / network attacks
- Email Phishing, Spear Phishing, Whaling
- Social Engineering (attacking human errors/mistakes)
- Wireless hacking – weak PSK passwords.
- Man-in-the-Middle attacks on networks, applications.
Do you have any of these symptoms?
1: Slow internet speeds for no apparent reasons
2. Mouse or key strokes lock up or freeze intermittently
3. Slow processing of applications and browser load times
4. Sudden onslaught of email scams and phishing emails
5. Devices freeze up, blue screen, or restart on their own.
6. Web sites are loading unsecured or with the HTTP(no S) warning.
Security Checklist To Start Immediately
- Ensure all devices and hosts’ operating systems are patched and up to date.
- Have anti-virus software on and updates, not that this is a big defense, but it helps, we recommend Windows defender, Malware Bytes and Comodo Internet Security, all three are free.
- Install a network security appliance (Firewall) between your gateway and LAN
- Segregate your LAN into sub-nets for different departments and by risk, include a separate dedicated sub-net for Wireless and Guest networks.
- Ensure your PSK for your wireless network is very complex and made up of symbols and characters that are not easily recognized. Be sure to set your basic wireless router security settings to: WPA2 – AES, and if possible set up Enterprise mode with an authentication server (most secure). Turn off WPS mode on all router, we recommend not using WPS to set up wireless devices, like printers.
- Limit your IoT devices in use, these devices can have application-level security risks.
- Physically lock your server room or demarc zone.
- Application-level malwares are increasing due to many applications having weaknesses and poor updates. Be wary of what applications you download on your devices and ensure they are legit and fully secured before downloading.
- Perform good backgrounds on employees, often they can be the security risk or performing reconnaissance.
- Do not use default passwords, ensure your passwords are complex and unique for routers, wireless networks, device log ins, work stations, etc.
- Enable 2-factor authentication on device and web logins for sensitive data.
- For financial transactions online, perform on the wired network behind a good firewall on an isolated sub-network, ensure your OS has a good anti-virus and firewall as well. We recommend using a IDS and IPS.
Some Ideas To Keep In Mind
- Attackers are targeting American businesses due to their security weaknesses
- Ransomware is one of the biggest attacks with the most success
- Social engineering is quickly taking the lead as human errors among employees abound regarding this attack vector.
- These threats are very real and are only increasing in complexity.
- Most businesses under $5 million do not have the resources or time to fully set up a security policy and protection plan, nor do they want to spend the funds to do so.
- Attackers are aware of the ladder fact and are utilizing it to their advantage.
Recommendations for businesses that want to outsource their network security?
contracting with a Manages Security Service Provider (MSSP) would be your best option, there will be a monthly fee for this service, but it is worth the investment, as they will connect into your entire business and monitor it for any attacks, threats, vulnerabilities and secure any possible vulnerabilities
You can also hire a penetration testing firm (ethical hackers) to test you business for weaknesses from an attackers point of view. This will reveal any apparent open doors you currently have.
Pen tests can cost quite a bit, we recommend starting out with a simple vulnerability assessment/threat assessment.