In today’s world the more modern and the more digitized you are, the more vulnerable you are. Thus, high dependence on digital services and networked infrastructure makes organization’s more vulnerable than other businesses that do not use Internet services in everyday operations. Cybersecurity threats are growing in frequency, diversity and complexity. It’s imperative that organizational leadership and senior management give the required manpower, training, and tools to mitigate cyber threats. Without support and buy-in from upper and middle management, an organization may expose itself to any number of cyber threats.
It does not come as a surprise to see an exponential increase in cyber crimes in lieu of the Coronavirus Pandemic. It was recorded by the reputable Finetech News, the pandemic was directly correlated to:
238% rise in attacks on banks
Attacks targeting home workers rose five-fold in six weeks after the beginning of lockdown
Visits to hacker websites and forums rose 66% in March 2020
Ransomware attacks rose 148% in March 2020
Average ransomware payment rose 33% to $111,605, compared to Q4 2019
The pandemic gave hackers more targets with less resistance. Most workers did not have the proper safeguards to protect them from malicious attacks; unsecured lines of communications, non-encrypted emails and passwords, no antivirus, and much more left remote workers vulnerable. Organizations must safeguard their assets by staying up to date with the latest news and updates on cyber threats and implementing the necessary precautions.
Types of Threats
Ransomware Attacks
Ransomware attacks are controlled and executed by skilled hackers for financial gain, political reasons, trade secrets, or even pure espionage. The goal of the hacker is to have organizations or a person pay a lump sum to retrieve their information. The organization or person is locked out of their system until the deed is paid. How to combat this threat?
The one thing every organization and person should do is have a backup source to store their information and data. For organizations, it is crucial to have a business contingency plan. If an attack occurs, the organization can resume its daily business operations without much downtime. Another thing for organizations to consider is to have a hot or cold site {more on hot and cold sites in future articles} for emergency outages of any sort.
Social Engineering
Social engineering involves human interaction which often involves deceiving people into giving up sensitive information; the hacker will pose as an employee or client. Common tactics such as phishing, spear-phishing, pretexting, lies pretending to need sensitive information or personal information from victims to perform a certain act. The objective for these criminal-minded individuals is the same as the ransomware attacks: monetary gains and private information. How to combat this threat?
Network detection paired with a Security Information & Event Management (SIEM) can help reduce the threat. Organizations must have designated personnel to monitor the network 24/7. Remember, a hack or intrusion can happen at any time. It is the responsibility of the I.T. team or Cybersecurity team to be ready at all times. Another tactic is to train individuals on how to spot phishing and other malicious threats. Most hacks involve human error - clicking on unknown emails, going to unknown websites that are not secure, and much more.
What happens During a Cyber Attack?
Historically, cyber attacks on computer networks have favored the attacker over the organization at the center of the attack, often resulting in loss of data and compromising an organization’s ability to maintain control of it’s network operations. Detecting malicious software in monitored, secure environments has proved quite challenging, generally delaying the full understanding of what was compromised. In the first few hours of an attack the hacker most likely will impact the operational effectiveness of network operations of the organization. This may in turn cause contract delays as well as a halt in general productivity. Manpower is then spread thin, as a majority of the organization will be focusing all operations on combating the hackers intentions. The short-term effects without proper mitigation will quickly sour and become long-term issues, such as financial loss, decreased credibility, loss of jobs, etc. As for the employees that endure cyber attacks, researchers have found these employees to suffer from depression & other mental illnesses after the attack is carried out. Cyber attacks are all encompassing, no matter if the organization is left alone - that is why preventing such occurrences should be the top priority of any organization.
Tips for Protecting Yourself & Your Organization
Use Strong passwords
Regularly update software
Manage social media settings
Use VPNs
Educate yourself & others
About the Author
Thomas Taylor | Cybersecurity Specialist
Thomas has a unique background in information security & IT management. He has developed and implemented various policies and procedures, for several fortune 500 companies. He continues to expand his cybersecurity portfolio by investing his efforts in the latest cyber prevention methods as well as educating clients on the risks of not having a secure system in place.
Reference(s)
How to prevent cyber attacks: Top ways to protect yourself. Maryville Online. (2021, March 30). https://online.maryville.edu/blog/how-to-prevent-cyber-attacks/.
Lamberty, J. M. (2016, September). Short-term cyber-attacks with long-term effects and degradation of supply chain capability. Homeland Security Digital Library. https://www.hsdl.org/.
The 2020 Cybersecurity stats you need to know. Fintech News. (2020, February 16). https://www.fintechnews.org/the-2020-cybersecurity-stats-you-need-to-know/.