Don’t Let Cyber Criminals Hijack Your Business.

A lot of you reading this probably have the same attitude Marco did a few months ago: you know cyberattacks are real but think they probably won’t happen to you. Take our word for it: they CAN happen to you. And you won’t realize how bad they can be until it’s too late.

In January, Marco was hit with a ransomware attack. It shut down our computer systems and today, months later, we are still recovering. In a ransomware attack, ransomware or an encryption Trojan gets onto your computer and encrypts your data so that you can’t read or use it. Then, the cyber criminals responsible for the attack demand a ransom to return your data to you. How much is this ransom? In the first half of 2021, the average ransom payment was $570,000. That can devastate a small business. And there’s no guaranteeing that paying will work. According to Forbes, 92% of those who pay the ransom don’t get their data back. Whether you pay or not (don’t!), losing your data does the real damage. Reports say the average cost of downtime due to a ransomware attack is 24 times higher than the average ransom amount. Shipping giant Maersk lost $200-300 million due to an attack in 2020.

Think about what can go wrong if your computer systems are suddenly down. Your staff can’t communicate via email, with each other or with customers. Your banking is compromised so you may not be able to make payroll or pay your vendors. You can’t invoice, track inventory as you make sales, print shipping labels, print product labels, and the list goes on. Even if you’re a small, one-person operation installing roofs, a computer attack like that could halt all your incoming and outgoing financials, which could quickly crush your business. 

So what can you do? Antony Pham, Chief Operating Officer of Valkyrie Technologies, suggests a number of actions you should take to help prevent attacks, including:

• Practice good password hygiene
• Use Multifactor Authentication (MFA) whenever possible
• Promptly implement software updates and patches
• Utilize mixed-generation, anti-virus software
• Implement sandbox testing and other email security measures
• Employ Data Loss Prevention (DLP) and encryption
• Get 24/7 system monitoring
• Make sure you have adequate cyber insurance and review your policy annually
• Undergo risk assessments quarterly (or at least annually)
• Establish a plan for Business Continuity and Disaster Recovery (BCDR)
• And more

Pham says the above list barely scratches the surface, so he strongly recommends starting by working with an I.T. professional who will perform a risk assessment and identify areas where you are vulnerable.

“If you’re connected to the Internet, you’re at risk,” he says. “These bad actors will scan you for months seeking a vulnerability before they attack. So, the sooner you take defensive measures, the better.”

At Marco, we are working with Valkyrie Technologies to get back on our feet as quickly as possible. But with the damage caused and supply chain issues slowing the delivery of new servers, it’s going to be months before we fully recover. Are we still manufacturing and delivering Marco-quality products? Absolutely. Are we still serving our customers with superior service? Of course. But today, we thought the best service we could provide is sharing this with you as a warning. 

Take this seriously. If you have an I.T. department, have them start a new risk assessment today. If you don’t, find an I.T. professional and schedule a meeting as soon as possible.