We knew we’d have some “breachy” news to report this month — we always do — but little did we know how much! For starters, just up the boulevard from AVPS, L.A. Valley College decided to pay out $28,000 in BitCoin for a New Year’s Eve attack where ransomware captured their computers, or more specifically, the files on them.
According to a story in ComputerWorld, “the decision to capitulate and pay came after the district consulted “outside cybersecurity experts and law enforcement.” LAVC president Dr. Erika Endrijona explained ‘It was the assessment of our outside cybersecurity experts that making a payment would offer an extremely high probability of restoring access to the affected systems, while failure to pay would virtually guarantee that data would be lost.’”
The article quotes one online security expert as saying “we can expect new variants to continue entering our infrastructures in 2017 and more frequently. Security teams need to run fire drills on critical systems to determine how quickly they can return to normal business operations from backups Vs just paying the ransom and moving on. Companies need to be ready, as this threat is growing and our recourse options are very limited.”
According to a NY Times article titled Cyberwar for Sale, telling how hacking tools are now freely sold as a business product, worldwide, “on average, an American office worker sends and receives roughly 120 emails per day, a number that grows with each passing year. The ubiquity and utility of email has turned it into a fine-grained record of our day-to-day lives, rich with mundane and potentially embarrassing details, stored in a perpetual archive, accessible from anywhere on earth and protected, in some cases, by nothing more than a single password.”
Which might be why newly anointed adviser on cyber-security to the new administration, one Rudi Guliani, found that his putative “security” firm’s website… was itself vulnerable to hacking.
But as previously noted, coming this spring, SID is arriving. ! AVP Solutions will be adding new security features to our merchant services, for a small additional monthly fee, which we’ll be calling “SmartIDentity for Business” or “SID4B” (or sometimes, just “SID.”)
This feature will provide, among many other things, Business Internet Credential Monitoring with email and SMS text alerts, and “real-time” Flash alerts for immediate and emerging cyber threats. You also protect your employees and their qualifying family members from identity theft, and should an employee or qualifying family member become a victim or even suspect identity theft, a certified Recovery Advocate will manage the logistics of restoration,l take control and resolve the issues on their behalf. This is not a “do-it-yourself” kit!
Nor will you be left “doing it yourself” if your business is struck: Benefits include Services for up to two (2) Data Breach events per 12 month period (as “the threat is growing!”), along with an initial assessment to determine compliance and notification requirements based on the circumstances of the event, and a recommended response plan including timeline and notice content.
Protection also includes Fully Managed Identity Fraud Research, Remediation and Recovery services for a group of up to 5,000 Affected Consumer per Data Breach event
SID4B is a new layer of protection that would normally cost thousands of additional dollars, but beginning this spring, “SID” will be added to our own core services, for about the price of a couple of movie tickets, each month.
Keep watching this space, and the newsletter, for more information, and feel free to “breach” some questions with your AVPS rep.