Update: We now know that the FBI recovered just over half of the ransom Colonial Pipeline paid to suspected Russian hackers, but not adhering to standard security practices is still at the heart of these hacks.
by Don Nokes, President | Imagine running into the store and leaving your car unlocked. When you return it is locked, and your key does not work. But look, … there is a note on your windshield, and It says, “if you want the keys to your car back, buy $1,000 in bitcoin and send it to me.”
So far, hackers have not targeted our cars and this analogy merely illustrates the experience that more and more businesses are having with computer systems. Initially, the hackers would simply encrypt your data so it could not be read without the encryption key. Then, they would retain that key until you paid up.
Now, in a new twist, they take a copy of your data. So if you’ve taken steps to recover your data without needing to deal with the hackers, they now threaten to expose your data. They also use that same threat to push you to pay the ransom quickly.
Specific to the Colonial pipeline experience, there was a closed system controlled by locally based technicians. Once COVID hit, the Colonial Pipeline employees worked from their homes exposing the internal network to the internet. Without multi-factor authentication or other security tools in place, the Colonial Pipeline infrastructure became vulnerable.
Sloppy Protocols Cost More Than Professional Prevention
If you or your organization have not been a victim of this crime, you have either made the executive decision to invest in preventative security measures like penetration testing, or without security protocols, you have just been lucky.
While it may seem that the only thing to do is throw your hands up and wait for your turn to become a victim, there are some very important things you can do without breaking the bank.
Our cybersecurity team follows the best practices for small business security as outlined by the National Institute of Standards and Technology. We then customize your security based on your business operations and infrastructure. We’re militant about regularly updating all your security offerings so there’s no getting sloppy. No one can absolutely guarantee that your systems will not get hacked but, as we saw with the Colonial Pipeline disaster, sloppy security protocols can wind up costing significantly more than professional prevention.
Reach Out For Our IT Playbook to Self-Assess
At NetCenergy, we approach IT through a business lens. Our 30-page IT Playbook is full of information to help you self-assess your existing IT systems and evaluate your level of risk. Send me an email and I’ll forward a copy to you. And, if you are not following strict security protocols — including regular user training of anyone with credentials to access your network — reach out to our team at NetCenergy to review your situation.
Nick Eckman joined NetCenergy in 2016 from an international gaming company. Nick’s experience with supervising and implementing secure, fiber and copper wire infrastructure services provides our clients with a team of highly trained and experienced technicians. In addition to the skills required to manage our infrastructure services department, Nick brings a very experienced and focused approach to project management and is a stickler for accurate documentation for every project designed and built by his team.
Peter Lachapelle joined NetCenergy in 2015 and is responsible for leading all of NetCenergy’s operations and accounting functions. Each department within NetCenergy reports through Lachapelle. He brings his years of experience to maintain a pragmatic, efficient, client-focused team at NetCenergy. Lachapelle joined NetCenergy after completing a 27-year career with a Rhode Island, federally-charted bank which culminated in his senior management position as COO and CFO for the bank.
Peter Nelson has 25+ years of technology and management experience and has been with NetCenergy since inception. Peter serves as the VP of Engineering at NetCenergy. His role consists of managing the engineering staff, driving the companies technology strategy, and ensuring NetCenergy keeps up to date on new technologies and solutions.
As a Founding Partner, Dan is a result oriented individual who is always focusing on what is best for his client. He understands that business applications empower an organization and that technology must support those critical business applications. Dan’s technology career started in 1990 at EMC Corporation. Through the years, he has represented technology and consulting services for several organizations until 2003, when he and Don Nokes founded NetCenergy.
As President of NetCenergy, Don is responsible for ensuring client satisfaction, overseeing overall performance, and for providing direction to the organization. Prior to co-founding the firm with Dan Charland, Don held senior leadership positions with IT service firms ranging in size from $3 Billion to $10 Million in annual sales.
With decades of hands-on HR experience, Margery Ahearn is our Director of Human Resources, overseeing all hiring of new positions for NetCenergy with a careful eye on sourcing technology savvy engineers and skilled office-based professionals who fit our company culture, understand our commitment to our clients, and bring their time and talents to our team. Margery has both a BA and MBA in Business Administration from Southern New Hampshire University.