Quick Intelligence Blog

A Sophos study found that 44% of retail organisations were hit by a ransomware attack in 2020, and more than half of those affected (54%) said cyber criminals had succeeded in encrypting their data.

The Internet of Things (IoT) refers to the literally billions of devices vs. people that are connected to the Internet in some fashion. Rather than laptops and desktops being used by people, IOT devices are typically purpose-build devices that are performing a specific function. IoT refers to the myriad of new smart home devices like the Google Nest, Amazon’s Alexa and also your Smart TV that is connected to the Internet so you can run Netflix or Disney+ right from the TV without any set top boxes. Every one of those devices (TVs, refrigerators and other smart appliances, smart home devices like light switches, garage door openers, front door cameras, the list goes on) has an Internet address and can talk to the Internet, just like you do when you’re on your laptop or home PC surfing.

Just about everything you do online requires a password. Passwords make sense in that you don’t want someone to access, say, your bank account. But what is the best way to create a strong password?

MDR is an acronym for Managed Detection and Response. You will also hear people talk about EDR, (Endpoint Detection & Response), and XDR, (Extended/Anything Detection & Response). MDR, EDR and XDR are designed to act as an early warning system, letting you know in real time if something bad is happening against your network or systems. In some cases, MDR, EDR and XDR can be configured to automatically respond on your behalf.

When you opened your business, you knew you needed some basic insurance, like fire and theft, but have you thought about cyber insurance? Wikipedia defines cyber insurance as, “a specialty lines insurance product intended to protect businesses, and individuals providing services for such businesses, from Internet-based risks, and more generally from risks relating to information technology infrastructure, information privacy, information governance liability, and activities related thereto.”

You may have heard about companies who take to shaming employees who have unintentionally caused a cyber incident at work. While it’s true that all it takes is one wrong click by a staff member, shaming staff isn’t the way to better cyber security.

Ransomware is malicious software designed to make your computer inaccessible by encrypting all of the files and holding them hostage for a substantial ransom. If your computer is connected to a network, it will usually try to spread to any other computers on the network and infect their files too. Recently, Colonial Pipeline and JBS Foods suffered ransomware attacks that affected production and forced those companies to pay a huge ransom.

What are phishing attacks? Phishing attacks are a social engineering method to either fraudulently obtain your information or to trick you into downloading malware. The goal of the phisher is to compromise your network or data. Phishing attacks work because they disguise their communication or web pages as being from a trusted source, making you believe the request is real and prompting you to take an action like clicking on a bad link or giving up information.

Ransomware isn’t a new threat to business. It has been around for a long while, but lately it seems we are bombarded with news stories about ransomware. Two recent ones of note have been the cyber attacks on Colonial Pipeline and JBS Meats. In both cases they agreed to pay the ransom. So, why is this a problem?

Many people believe that cyber security is an expensive luxury item that only large enterprises can afford. They think that as a small enterprise “we don't have anything of value anyone would want to steal?” or that “we are too small and unimportant to be targeted by cyber criminals.”