Common Cybersecurity Threats and How to Protect Your Business
- Published
- Jan 24, 2023
- By
- Rahul Mahna
- Topics
- Share
In 2021, hackers compromised the Colonial Pipeline. It was one of the first large-scale hacks on American infrastructure and showed just how serious a cyberattack could be. But what many may not realize is that the hackers pulled it off with a stolen password.
There seems to be a misconception among many businesses that cybersecurity threats are always sophisticated attacks. While some are, a large portion happens with simple vulnerabilities such as stolen credentials. Often just maintaining basic security practices can go a long way.
Hackers prefer to target businesses above all. What are some of the threats to business data? In this guide, we'll many of the common cybersecurity threats, and how you can prevent them.
The Most Common of All Cybersecurity Threats: Stolen Credentials
You guessed it. Stealing an employee's username and password is often the most effective method for hackers to infiltrate your network. It allows them to access valuable business data without raising the alarm.
But how do they get those credentials in the first place? In most cases, they can do so with a brute-force dictionary attack.
Dictionary Attacks
The problem with passwords is that a computer can guess them with ease, even if the password isn't known. It's especially easy if the password is a word or phrase. Hackers use a program that does all the guesswork for them.
Many people use passwords that are personal to them. They used the name of a loved one, their favorite TV show or their birth year. Hackers can then gather your data points to guess your password.
And hackers can do this very, very fast. An eight-character password--even with a mix of characters and no phrases--takes only eight hours to guess. So even if your password is complex, being short can make you vulnerable.
So, if you want your passwords to be robust, try the following:
- Never use words or phrases, even ones that only have meaning to you;
- Use long, complex passwords with lots of different characters;
- Use a password manager to keep track of these long passwords; and
- Use two-factor authentication to keep your account secure.
Phishing Attacks
If hackers can't use a computer to guess your password, they still have options. One is to use a phishing attack.
A phishing attack is when a hacker pretends to be a trustworthy authority over you. They send an email to you, perhaps saying they're part of the IT team for your organization. On the surface, the email appears legitimate.
In this email, they may ask you to give them personal information. They might say, for example, that your account is compromised. To fix the issue, they need your password.
Many, many people fall for phishing attacks every year. It's important to understand that your organization will NEVER ask for your password or any personal information. If they do, you should send an email (not a direct reply) and inquire about security issues.
Most filters can catch phishing emails, but some do manage to slip through. The best method for stopping phishing emails is training. Organizations should train their employees on how to identify phishing emails.
Phishing emails often have very similar characteristics:
- The sender tells you there is a serious issue you need to resolve;
- You did not ask for an email concerning this issue;
- They create a sense of urgency, saying that you need to resolve it now;
- They ask you to click on a link or download a suspicious file.
If you receive a phishing email, it's important to report it to your managed IT team.
Ransomware Attack
The next biggest threat is by far ransomware. Ransomware has exploded in recent years and continues to rise. In 2023 experts estimate that ransomware damages will exceed $30 billion across the globe.
Ransomware is perhaps one of the most costly and brutal cyberattacks. As the name implies, this is when a hacker holds your data for ransom.
First, they will compromise your network by some means. Once they're in, they encrypt all your business data. Encryption standards are strong, meaning no one can access your data without the hacker's password.
Once your data is encrypted, the hacker will usually demand that you pay a ransom within a certain period. Fail to pay it, and they'll delete your data. Or, they upload or sell it on the darknet for a price.
In many cases, ransomware locks you out of your system. And the ransom is never cheap, either. The average payout for ransomware hovers around $6 million.
Not only is this a lot of money to pay, but you can't trust a thief. If a hacker is willing to take your data, you have no way of knowing if they'll keep their word.
After a ransomware attack, it's often necessary to wipe all devices and reset all passwords. The damage to businesses in lost revenue can be catastrophic. And depending on your local law, you may be penalized for not keeping the data protected with the proper standards.
How to Protect Against Ransomware
There is no one-size-fits-all approach to protecting yourself against ransomware. It all depends on how the hacker gains access to your network. The government offers some suggestions on how to prevent it:
- Updating and patching all software;
- Maintaining security best practices:
- Keeping air-gapped backups in the event data is stolen;
- Exercising caution with any email attachments; and
- Using robust anti-virus
Oftentimes ransomware can occur where you least expect it. Hiring an IT team to perform a cyber assessment can make you aware of the issues your network has.
How a company reacts to a breach will decide how much damage it does. Many companies have a proactive approach so they can react quickly as the breach is happening. Developing a robust breach response can make all the difference in recovering after a ransomware attack.
Malware Attacks
Malware is all too common in our cyber world. In layman's terms, malware is a piece of malicious code that makes a computer do something it shouldn't. It is usually a file disguised as something normal that makes its way into a system by unauthorized means.
Once malware is in your network, it carries out whatever the hacker wants. It can steal passwords, initiate ransomware encryption and much, much more.
Thankfully, most malware doesn't make it inside your network. Anti-virus software, email filters and firewalls keep it out.
The reason malware continues to make it into our systems though is that hackers scramble the data. Rebuilding the virus makes it so your system can't recognize that it's malware in the first place. Malware will forever be a risk to all systems, everywhere.
Once malware begins to work on your system, it's very difficult to stop its effects. Sophisticated quarantining systems can isolate it, but in many cases, it requires wiping and resetting devices.
Worst of all, malware spreads. It hops from one device to another. Given enough time, malware can proliferate through an entire network.
Malware can be incredibly small, too. Stuxnet, a computer worm, ground an Iranian nuclear facility to a halt at just 500 kilobytes. That's less than the average photo size on your phone.
How to Protect Against Malware
Many of the same methods that apply to protecting from malware also apply to protecting from ransomware or phishing. Good security practices as a whole, again, is the ticket here. Here are some ways to prevent malware attacks:
- Keep up-to-date virus definitions;
- Update and patch all systems on time;
- Avoid downloading suspicious files from emails; and
- Use strong firewalls that limit suspicious activity.
The important thing with malware is to stay up-to-date. What often happens is that security organizations discover new malware daily. To protect other devices, they distribute updates or malware definitions. So, in addition to other good security practices, stay up-to-date. Enable daily or weekly updates. Don't be tempted to delay an update just because it's a bit inconvenient.
Malware can enter your business through a wide variety of avenues. Having robust web security and software is your best bet to protect against most types of malware.
How to Further Protect Your Business
We've covered some of the most common attack vectors. While the world of cybersecurity is always changing, simple security practice always goes a long way. Let's discuss ways that your business can protect itself.
Education
Organizations often don't recognize how valuable education can be. The weakest link is always going to be your employees; if they lack knowledge about possible threats, it will be to your detriment.
Educate them on how to set strong passwords. Teach them procedures and protocols designed to keep data safe, and not to disclose it to unauthorized parties.
Train them on how to identify phishing attacks. Some organizations even test their employees by sending fake phishing emails. Employees that do not report the email and click on the link often get mandatory extra training.
Use Strong Account Authentication Methods
We discussed how vulnerable passwords can be. In addition to using stronger passwords, there is a lot you can do on this front.
Train your employees to use a password manager. This allows them to access secure, long, complex passwords with a single password. They won't forget their passwords this way, and they won't use risky, short passwords either.
Further, make two-factor authentication a requirement. This is where you use a one-time password (OTP) every time you log in. You can get this password as a text or email, or from an authenticator app.
Consider using physical security keys or two-factor authentication devices. These are the most secure ways that you can enter your account.
Update, Update, Update
This point cannot be overstated. You need to update your devices as soon as updates are available.
Updates aren't just to get new features or a new user interface (UI). Most updates patch known security vulnerabilities. Without these updates, your computer is vulnerable to whatever viruses are floating around out there.
Most devices will update automatically with minimal intervention. If they require you to restart, then restart them. It may present a minor inconvenience, but a breach later will be so much worse.
Make Lots of Backups
Backups are essential in the online world. Cybersecurity workers like to say that if you don't have at least three backups, then your business data doesn't exist. Having multiple backups gives you peace of mind that you are ready for anything.
Backing up, like updating, is a process you can easily automate. You can set a backup to occur every day or every week. Many organizations have smaller daily backups, with larger weekly backups.
It's important not just to keep many different backups, but to keep some offline. This is known as air-gapping. An air gap is when a device is not connected to the internet and is therefore safe from hacking.
Keeping an air-gapped device separate from your network is essential during a ransomware attack--or any attack, for that matter. You can get up and running again even if your data is stolen or encrypted.
Outsource to a Managed IT Team
Cybersecurity is a tricky business as it is. It's a complicated discipline, and there are so many different fields. Some cybersecurity workers need years of experience, certifications, and credentials to do the job they do.
Assembling your own IT team is not as easy as it seems. It's impossible to know if you're getting the best people. Setting up a security operations center (SoC) and paying for the equipment can be a considerable investment.
The best alternative is to hire managed IT services. Outsourcing your IT is the best of both worlds. When you do this, you get:
- 24/7 support; Top-of-the-line professional experience and certification;
- Advanced security solutions;
- Best security practices;
- Comprehensive options for all situations and systems.
Managed IT is the best way to get professional service and reduce the headache yourself.
Secure Your Organization
Cybersecurity threats abound in our modern era where computers run everything. Organizations need to be aware of how hackers attack their targets and prepare themselves against these threats. Being aware of cybersecurity issues and having a strong program in place is paramount to operating successful.
What's on Your Mind?
Start a conversation with Rahul
Receive the latest business insights, analysis, and perspectives from EisnerAmper professionals.