We were pretty disheartened to read a recent BBC article which declared that criminals are indeed winning the “cyber arms race.” Last year in the UK, for instance, there were an astounding 2.46 million cyber incidents and at least 700,000 cases of fraudulent activity reported.

According to the UK’s National Crime Agency (NCA), criminal gangs in England are currently surpassing the NCA in terms of technical capabilities. After all, these are highly sophisticated operations. In some cases, the criminal organizations even have their own call centers!

The truth is, this problem extends far beyond England’s borders. We are in a state of global cyberwarfare, where the players are a combination of nation states, state-sponsored gangs and rogue hacking groups/individuals. Global cyber war has been raging for quite some time now, costing the global economy at least $445 billion annually—and this is a low estimate. All signs indicate that the struggle is getting worse.

It’s important to realize that in this advanced state of global cyberwarfare, every endpoint—including those in your organization—is a fair target for hackers. What’s more, hackers are constantly devising sneaky new methods of deploying malware which are proving to be very effective.  

For example, here are some new types of deployment strategies you need to be aware of:

• Ransomware: In a ransomware attack, a hacker will lock access to a device or a group of files. Then, the hacker will demand a large ransom before (possibly) granting access.
• Whaling: Also known as business email compromise (BEC), a whaling attack occurs when a hacker assumes the identity of someone within an organization in order to trick unsuspecting users into wiring large sums of money.
• Bug poaching: Here, a hacker breaks into a network and compiles a report detailing classified information extracted from various areas of the business. Then, the hacker asks for a massive fee before revealing the vulnerability that allowed him or her access.

Now, here’s the chilling part: No organization is safe from hackers. Here in the U.S., we have seen hacks across every level of the government extending all the way to the White House. Likewise, some of our most powerful institutions in finance and healthcare have been hacked. Even small to medium sized businesses (SMBs) are being breached. One study shows that more than 50 percent of SMBs experienced data breaches in the past year.

Think about the following question...Where does your business fall on the cybersecurity spectrum?

Highly vulnerable: Your business does not enforce access controls for computers and mobile devices, meaning some of your users aren’t even protecting their accounts with passwords. Likewise, employees regularly work over public Wi-Fi connections, which are highly insecure. And even worse, your end users are working with unsupported—and unsafe—software like QuickTime for Windows. In short, your network is full of holes...and it’s just a matter of time before you get hacked. In fact, hackers may already be inside your network stealing information and spreading malware for a future attack.

Somewhat prepared: Your IT staff is working hard to keep your network up to date, but they are still falling short in their efforts. After all, cybersecurity is a full-time job in and of itself. And your staff has many other responsibilities besides blocking threats. Many businesses think they are staying safe, when in fact they are operating under false pretenses. They are often caught completely off guard by cybercriminals.

On red alert: Your network is fully protected with the latest security safeguards. Your end users have been briefed about the threat landscape, and know what to avoid online. Your software is patched and ready for use. Still, your network is in danger of a data breach—and your business is expending large amounts of resources trying to keep the bad guys out.

We maintain that it’s much easier to put your network in the hands of a third-party managed services provider. It’s a much more cost- and time-effective way to ensure that your business remains on red alert at all times. By partnering with an MSP like Apex Technology Services, you will gain a trusted ally in the struggle to protect your sensitive information. Apex will provide around the clock monitoring, regular maintenance and expert guidance to keep your network safe. Apex also offers cybersecurity training courses to train your employees on how to stay safe online.

While Apex cannot prevent a data breach, it can go a long way in helping to make sure that your business is protected.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.