Hack-proofing your digital assets can make you feel a lot like Hercules fighting the Hydra: cut off one threat, and two more appear to take its place. Data breaches, phishing attempts and social engineering attacks are so prevalent and so persistent, it takes some serious vigilance to keep these boogie men at bay.
While no approach can offer complete protection from cybersecurity events, some types of attacks should definitely take precedence in your IT security efforts. In particular, threat actors are drawn to attacks that exploit individual employees, whether through ignorance, trickery or collusion.
Regardless of how they occur, cybersecurity events can cost you big time: about $1.3 million on average for enterprises or $117,000 for smaller companies, according to Kaspersky Laboratories. That’s a pretty good reason to be on your guard. Here are the types of attacks you’ll want to watch out for.
Socially engineered malware
Socially engineered malware is the broader name for a category of attacks that includes ransomware, one of the most pernicious types. A threat actor hijacks a trusted website, convincing site users to download a virus usually disguised as a necessary application. Once installed, that virus may encrypt or delete system files, damage hardware or allow access to sensitive information.
Ransomware is one of the more popular manifestations of this kind of attack, so called because of the extortion involved. During a ransomware event, a cryptovirus is installed, encrypting critical data. Once encrypted, the threat actor demands a specific amount of money in exchange for the safe return of your data. Often, businesses are so frightened of losing sensitive information that they pay these exorbitant ransoms.
Nearly six out of ten companies say they’ve dealt with a ransomware event in the last two months—so if you haven’t, consider yourself lucky. Luck doesn’t make for an ironclad IT security policy, of course, but fortunately, there are ways you can protect your business.
The first rule of ransomware is never agree to pay a ransom. The reason? There’s no guarantee hackers will stick to their word once payment is delivered. And cooperating with your ransomer may make you more vulnerable to future attacks (hackers talk to each other, after all, and will share that you’re an easy mark).
A refusal to pay ransom will carry even more weight if you implement regular system backups. Backups are your number-one defense against ransomware, since you can easily revert to a backup to restore encrypted data. IT services providers can automate backups every 24 hours so that you won’t even lose much work if you have to restore. Take that, hackers!
The next kind of attack to watch out for are password phishing attempts. This is a common technique employed by hackers, usually in order to launch more damaging attacks, such as a data breach or ransomware. In fact, 91% of cybersecurity events start with a phishing attack.
Phishing attacks begin with an email or website visit in which victims are asked to enter sensitive information, such as their bank login or cloud access credentials. Once given access, hackers have free rein to steal data and use it to whatever end they choose: transferring funds to themselves, stealing customer credit card information and selling it on the black market—the possibilities for villainy are endless.
Phishing attacks succeed precisely because of their sophistication: threat actors may personally target specific users, scanning social media accounts for unique details that allow them to create very realistic emails. And you don’t have to be web novice to fall for them; Equifax famously tweeted a fake link to its site, essentially doing the hacker’s work for them.
The only real way to prevent phishing attacks is through employee education. Teach employees to be critical about emails they receive, even if they appear to be from legitimate sources. Have them hover on links before clicking to reveal the destination and scan for flaws, such as typos or differences in logo design. Your IT services provider should help you put together an employee training curriculum along these lines and may even lead training sessions for you. Phishing attempts, consider yourself vanquished!
Starting to see a pattern here? Employee naivete, carelessness and, in the case of insider threats, brash criminal behavior, means your staff members are one of your biggest IT vulnerabilities.
Although it may be hard to think about your employees turning against you, insider attacks happen all the time, for all sorts of reasons. It could be corporate espionage, like the case between Uber and Waymo, where a former Waymo engineer stole hundreds of files of trade secrets and gave them to Uber, his new employer. It may be self-interest, as was the case when engineer Jason Needham broke into his previous employer’s networks to steal diagrams, project proposals and documents to use to further his own (newly founded) business. Or it might even be an old-fashioned case of a disgruntled employee—like when ex-IT admin Christopher Victor Grupe deleted key files, changed passwords and generally wreaked havoc on Canadian Pacific Railway systems.
Insider threats are so insidious, in fact, that Information Security Forum estimates that 54% of security issues originate from intentional insider behavior. You’ll never completely eliminate those threats; however, you can do some work to minimize them. Be sure to vet employees before giving them high-level access or administrative privileges. And make sure to remove access when said employee leaves or if they happen to be put on suspension. These commonsense protections will make a world of difference.
Distributed denial of service (DDoS)
Distributed denial of service: the very words strike terror into the hearts of IT admins. Here, a malicious actor attempts to overwhelm your network or server by sending in lots of traffic at once.
DDoS attacks work a lot like a Hollywood zombie flick: a computer on your network is infected with malware, and the infection spreads to other devices. Once infected, those computers become an army of zombies, unknowingly sending request after request to a target server or network. These “botnets” generate floods of traffic, jamming your networks and servers until they ultimately go down.
According to research from Verisign, DDoS attacks are responsible for about a third of all network and server downtime, which makes them a pretty formidable foe. However, an IT services provider should be able to help. They can assist in quickly identifying DDoS attacks and implementing technical measures to protect you, such as adding extra bandwidth or installing network filters to drop fraudulent data packets. And they can help shut down DDoS events when they occur, diverting traffic to a DDoS mitigation service, where it can be scrubbed free of threats.
All in all, in the behemoth landscape of cybersecurity, your IT services provider may be your best ally. Through training, mitigation and protective measures, your IT services provider can help you thwart hackers and stop them in their tracks.
To learn more about the types of security measures you need to implement, check out our Essential Cybersecurity Checklist for Businesses. Use it to fend off the worst security gremlins and save the day—or at least your digital assets!