Businesses, both large and small, are increasingly reliant on the internet for daily operations, creating attractive and potentially lucrative targets for cybercriminals.
With such heavy use of and reliance on computers and the internet by both large and small organizations, protecting these resources has become increasingly important. Learning about cyberattacks and how to prevent them can help you protect your company from security breaches.
Cyberattacks Compromise Your Companies
Cyberattacks include many types of attempted or successful breaches of computer security. These threats come in different forms, including phishing, viruses, Trojans, key logging, spyware, and spam. Once hackers have gained access to the computer system, they can accomplish any of several malicious goals, typically stealing information or financial assets, corrupting data, or causing operational disruption or shutdown.
Both third parties and insiders can use a variety of techniques to carry out cyberattacks. These techniques range from highly sophisticated efforts to electronically circumvent network security or overwhelm websites to more traditional intelligence gathering and social engineering aimed at gaining network access.
Cyberattacks can result directly from deliberate actions of hackers, or attacks can be unintentionally facilitated by employees—for example, if they click on a malicious link. According to historical claim data analyzed by Willis Towers Watson, 90 percent of all cyber claims stemmed from some type of employee error or behavior.
A breach in cyber security can lead to unauthorized usage through tactics such as the following:
Installing spyware that allows the hacker to track Internet activity and steal information and passwords
Deceiving recipients of phishing emails into disclosing personal information
Tricking recipients of spam email into giving hackers access to the computer system
Installing viruses that allow hackers to steal, corrupt, or delete information or even crash the entire system
Hijacking the company website and rerouting visitors to a fraudulent look-alike site and subsequently stealing personal information from clients or consumers
Cyberattacks may also be carried out in a manner that does not require gaining unauthorized access, such as denial-of-service (DoS) attacks on websites in which the site is overloaded by the attacker and legitimate users are then denied access.
Security Tips for Your Company
Cyber security should be a company-wide effort. Consider implementing the following suggestions at your organization:
Install, use and regularly update anti-virus and anti-spyware software on all computers.
Download and install software updates for your operating systems and applications as they become available.
Change the manufacturer’s default passwords on all software.
Use a firewall for your internet connection.
Regularly make backup copies of important business data.
Control who can physically access your computers and other network components.
Secure any Wi-Fi networks.
Require individual user accounts for each employee.
Limit employee access to data and information, and limit authority for software installation.
Monitor, log and analyze all attempted and successful attacks on systems and networks.
Establish a mobile device policy and keep them updated with the most current software and anti-virus programs.
Security Tips for Employees
Use strong passwords, change them periodically, and never share them with anyone. Never repeat a password across accounts.
Protect private information by not disclosing it unless necessary, and always verify the source if asked to input sensitive data for a website or email.
Don’t open suspicious links and emails; an indication that the site is safe is if the URL begins with https://.
Scan all external devices, such as USB flash drives, for viruses and malicious software (malware) before using the device.