What The Wawa Data Breach Teaches Us About Cybersecurity

databreachIf you haven't heard, one of the largest companies in our area, Wawa, has announced they have experienced a massive data breach through their payment processing servers.  The event started as early as March of 2019, and it wasn't detected until December 10, 2019.  Wawa has indicated that malware affected payment card information, including debit and credit card numbers, expiration dates and cardholder names.  The breach includes the payment systems inside the store, as well as those at the gas pumps.  ATMs in Wawa were not affected.

We often hear about these large businesses experiencing data breaches, because of the sheer volume of people who will be affected.  In 2019 alone, we saw Marriott, Whitepages, Facebook, Instagram, American Medical Collection Association, Capital One and Adobe fall victim to data breaches.  And that's just a few of the thousands of businesses who were breached.  If these huge corporations were attacked, with their big IT departments and millions in technology resources, imagine the vulnerability of the small to mid-size business.  Without cybersecurity protection, it's like you're a sitting duck.

Per a study by IBM, the cost of a data breach has gone up 12% over the last five years.  The study also concluded that companies with less than 500 employees suffered losses of more than $2.5M on average.  Obviously the smaller the business, the more impactful this number becomes.  For instance, a $50M company could see upwards of 5% of its yearly revenue spent on remediation of a data breach.  That's a huge, potentially business-ending situation.  Besides lost revenue, businesses who are breached often experience distrust of the public and damage to their reputation, which is difficult to rebuild.

As a small or mid-size business, it is critical that you protect your company from data breaches.  There is no foolproof method to do so, but working with a Managed IT services provider will provide you with the best defenses.  Two major initiatives you can undertake to protect your business is to employ a data backup system and train your employees to spot cybersecurity threats before they become breaches.  Here are some tips on how to implement these data backup in your business, along with your Managed IT provider.

  • Monitor your backup process and understand the information you get from it.  The earlier your business finds a ransomware infection, the more likely it is that you can prevent significant damage to your data.  Look for anomalies in  your daily backup logs and investigate them quickly.  This may limit the damage.
  • Separate your backup from your normal operations.  When you separate your backup from your general working systems, you are ensuring that your backups are hardened against attack.  This will help to prevent ransomware from encrypting your backup data and taking out the one thing that may save you in a ransomware attack.
  • Use care when utilizing network file servers or online sharing services.  With the easy of use and “always available” nature of network file servers, they are a popular way to centralize data and make the backup process easy.  But when ransomware gets to a network file server, its security weaknesses may end up encrypting your connected drives as well, and taking out home directories too, leaving all data encrypted by the ransomware.  Companies should backup network file servers to a separate system or service and test the restore capability to make sure if ransomware strikes, backups can be initiated.
  • Consistently test your backup processes.  At the end of the day, you can backup all of the data you have all the time, but if you can’t access it quickly and count on the backup, it is essentially useless.  Make sure you’re doing backups on a frequent basis so data loss can be minimized if a ransomware attack happens.  And ALWAYS be testing your backup to make sure you’re getting out of it what you will need in a disaster.

Along with a data backup system, companies need to educate their employees on the dangers of cyber attacks and how to spot them.  Employees are always the first line of defense against a data breach.  Here are items that your employee training should cover.

  • Forms of Cybersecurity Threats. Knowing the basic forms of cybersecurity threats is imperative to an effective program.  This will include spam, phishing, malware, ransomware and social engineering. Don’t just provide them with definitions, but concrete examples of what these threats look like.  For spam, that may be a fake LinkedIn invite to connect (they carry viruses).  Phishing samples and how to tell an email is phishing is also key.
  • Password Security. With so much of our lives, both personal and professional, revolving around technology, everyone needs passwords for applications.  Often times, people utilize one or two generic passwords for all of their needs, and those passwords are easily cracked by cybercriminals.  Employee cybersecurity training should reinforce the importance of unique passwords, and how passwords are the first line of defense against cyber attacks.
  • Protection of Company Data.  All companies have policies on data protection, but just because they are on paper in your handbook doesn’t mean employees know the exist or understand them.  Employee cybersecurity training works to explain those policies and what they really mean for the company.  Ongoing training ensures employees stay current on the policies and truly understand their place in the workplace.
  • How to Identify and Report Threats.  Every good employee cybersecurity training should help employees note red flags and warnings that employees can see to sniff out threats.  Provide them with the company policy on reporting these warnings including the right person to speak with if an attack may have occurred.  Employees should be made to feel comfortable making a report, even if the report is unfounded.  Making reports shows that employees are paying attention, and that is of the utmost importance.

Keeping your business safe from cybercriminals is imperative in today's business world.  Protect your data and have a disaster recovery plan in place that is tested and works.  Train your employees on the dangers of cyber attacks and how to spot them.  No plan is foolproof, but the more steps you take to secure your business data, the better protected you will be.  Fraser's Managed IT Services group works with companies to create data backup strategies and employee cybersecurity training programs that work.  Contact us today to learn more.