Cyber attacks during the holiday season: what is your contingency plan?

cyber attack

This holiday season has been somewhat soured for thousands, if not millions of people in Florida, Louisiana and California, due to a series of cyber attacks which hit both large cities and small towns across the country.

Government telephone systems, internet servers, and online payment systems became inoperable in Pensacola (Florida) on December, 7. New Orleans declared a state of emergency early in the morning of December, 13 due to infected city servers. In Galt (Sacramento area) CA, email and telephone systems went down on December, 16. And on December, 17, the entire Sheriff’s office of St. Lucie County (Florida) became silent for many hours, for the same reasons.

Information on the group(s) behind these attacks and whether the ransoms were claimed and paid is still rather contradictory. Though this is not what bothered thousands of citizens in the affected areas. Many public offices, including police departments and hospitals, became totally dysfunctional for at least several hours, sometimes days, and this was the source of major worries. Needless to say, hours of idle time and the necessary data recovery after the fact incurs millions of taxpayer dollars.

The saddest part about these ransom attacks is that there is no surefire way to prevent them. Criminals likely gained access and compromised these systems long before any actual attack was made, making those responsible untraceable. Viruses mutate all the time, phishing methods are only becoming more sophisticated. In other words, there is no way you can fully exclude the probability of a ransomware attack on your office BUT you can at least take preemptive measures to compensate for future potential losses and minimize the aftereffects on your time and finances.

 

Let’s brush up what can be done to stay safe:

 

PASSWORD PROTECTION

Let’s review the basic rules:

  • Do not use the same password for all your profiles and accounts
  • Do not use your last name/maiden name/birthday as your password
  • Do not leave passwords written down on sticky notes hanging on your monitor
  • Change passwords at least once every 3-5 months
  • Change passwords on your laptop and mobile devices if you were using Wi-Fi spots in unfamiliar areas or exotic countries.

SOFTWARE WITH OFFLINE MODE

Imagine a situation where your business goes completely offline, whether due to cyber attacks or heavy snowfalls and electricity shorting out. This does not necessarily mean your business should be put on hold. Today, many advanced software systems have offline modes for operation:

G Suite allows for document preparation under offline mode.

Most urban map apps come standard with offline mode (a lifesaver if you work in delivery) and

SignNow’s offline mode offers nearly full functionality, including placement of your own signature but excluding signature collection from recipients (which would require at least a low-speed connection).

 

AVOID EMAILING UNLESS ABSOLUTELY NECESSARY

Corporate inboxes are a major source of viruses and malware these days. In many cases, spam filters fail to do their job, and it’s easy for people to accidentally click on malicious links. It only takes a second for an entire office to be taken down. Luckily, professional business software today easily substitutes emailing.

CRM and ERP systems can help you with data exchange inside your office. Skype, Zoom and other messengers and virtual meeting rooms help with external communications.

What about emailing attachments? Well, there are at least two alternative ways to dealing with contracts and other important documents without email:

  • You can send signing links via messengers and/or place embedded signing links directly on your site/social network page
  • If you are preparing documents directly in Google Drive, you can actually send them for approval and e-signing using this add-on for Google. It adds just one more button to Google Documents’ upper panel, allowing you to send a document for signing directly from the document page itself.

VIRTUAL DRIVE INSTEAD OF HARD DRIVE

Counteraction measures in case of cyber attacks always begin with one thing – all computers and other office equipment within the infected system have to be taken offline. If this happens in your office, what will you do?

You can work from home.

You can grab your laptop and visit a friend nearby.

You can try to work using your phone or tablet (assuming your local mobile internet provider is not down either).

All of these options would require document storage in the cloud. Today, the choice of virtual storages today is truly enormous, from the familiar-to-all Google Drive and Dropbox, to the more sophisticated (and thus more expensive) Oracle and Sync.com.

We actually recommend having two cloud storages synced, just in case. Even the most securely protected cloud storage can experience outages. So, to always have a Plan B, check your cloud storage’s  integration options in advance.

In the case of SignNow specifically, we can recommend syncing your storage with Dropbox, Box, or Google Drive.

An ounce of prevention is worth a pound of cure, as they say. 

Protect your virtual business assets before a cyber attack, not after.