Businesses used to be able to easily understand the threats they faced: financial liquidity, changing customer behaviour, and staff morale. However, while these threats will always exist – and still pose a significant threat to businesses to this day – cyber threats are now a factor for virtually every business. The two attacks described in this article, DoS and Phishing, are not new: however, they are still important to understand and mitigate against for all businesses.
Denial of Service attack (DoS)
A denial of service attack, or a distributed denial of service attack, is the name given to an attack which overwhelms a computer system. The most common form of DoS attack is through a coordinated effort to disrupt the service of a website, by instructing automated bots – sometimes referred to as bot nets – to target web hosting servers with repeated requests. This leads to the hosting servers becoming overwhelmed and failing for all users who are legitimately trying to access the website.
The threat of these attacks can best be mitigated through a dedicated IT support team which can respond in real time to DoS attacks. IT professionals can blacklist the threat coordinators and bots from accessing the servers, limiting any impact on the website.
Phishing attacks are among the most common cyber attacks businesses face in the modern age. They work for one very simple reason: they rely on human beings as the last line of defence.
In a phishing attack, a cybercriminal will attempt to fraudulently gain access to a computer system using social engineering or electronic manipulation. One particularly common method involves a criminal spoofing an email address, making it appear legitimate to the recipient. The email would usually include a link to a website which prompts the receiver to enter sensitive data, such as their username and password. Once the criminal has the sensitive data, the damage they can cause to a business system is immeasurable.
The best preventative against these attacks is education around cyber threats and how email spoofing works. This can be delivered most effectively through a dedicated IT support team, who will have the knowledge to share with colleagues best practices and what steps to take if they suspect a phishing attack is taking place.
Cybercrime is a big part of business. However, business leaders of companies of all sizes make many assumptions about cybercrime. Here are some of the biggest misconceptions about cybercrime. If you know the true extent of the threat, you’ll be better at defending your business.
1. Knowing a threat exists doesn’t protect you
Employees know that emails from unknown sources aren’t trustworthy. In addition, they know that they shouldn’t investigate the links in the emails to see where they lead, but that doesn’t stop 78% of employees from clicking on them.
Just because you know a threat exists, it doesn’t mean your business is protected. You need to actively pursue ways to enforce your cyber security that will protect your computer networks and servers. For instance, your business should install firewalls, anti-virus software and continuously educate staff to follow proper network security.
2. Protecting yourself is all you need to do
While protecting your computer networks is a good start, that doesn’t mean your computer networks are defended. Third parties that you work with, who might handle your data, can be a weak link, and this is where cyber criminals sometimes gain access. This was the case with Universal Music Group when a contractor left an Apache Airflow server open to attack.
Ensure when you speak to third parties, that they have the right protection in place. This should include email encryption, firewalls and other measures to protect sensitive information you both have access to.
3. Cybercriminals are really clever people
The truth is that the tools to commit cybercrime and infect your computer networks are readily available online. Those wanting to attack your business can buy the tools for very little, if anything. Plus, many of the most successful cybersecurity threats to your business are really simple, they just require a file attaching or link inserting into an email.
You should also remember that cybercriminals can be anyone. While there’s a lot of news about cybercriminals in Africa and Asia, anyone, even those in your own business, could be a cybercriminal. A study by IBM found 60% of cyber attacks are inside jobs. So, you’ve got to be vigilant.
Restrict access to data, servers and IT networks to anyone who doesn’t need access. Limiting access can be one of your strongest defences.
4. You’ll never be a target
All companies, of all sizes, have been attacked in recent years. Sony had a Denial of Service attack that prevented players to access online game areas, Facebook had a breach where information for 50 million users was stolen and NASA had employee information taken by cybercriminals.
Your business has a lot of value in it and criminals can, and will, target you at any time.
Always assume that you’re a target and adjust your cyber security initiatives with this philosophy in mind. You’ll be better prepared for what may come, than if you believe there’s no danger.
Whatever your business, cyber security is a major part of your operations. If you’re not sure about how you should protect your business’ computer network, you should outsource your IT needs. Professionals in IT support companies are experts in offering computer security services and can ensure you’re less at risk from cybercriminals.
All business owners know that IT and digital solutions play a key role in what they do now. From better communication, to email or video calls, to more sales through eCommerce stores, being online is essential for modern businesses. Unfortunately, all business owners will also know about cyber-crime and how vital staying safe online is. Data breaches or infected networks can cost huge amounts of money to fix and really harm your company’s reputation.
With this in mind, it is important to place great importance on your cyber-security arrangements. As we head into 2019, it seems likely that cyber-attacks will continue to happen and with increasing regularity. Although you may know about the most common ones like malware, here are some others to keep in mind for 2019.
We are all aware of cryptocurrencies like Bitcoin. However, malicious individuals use cryptocurrency for their own gain. One scam is to infect networked computers with software that then gets them mining for cryptocurrency. It uses the resources of the computers it infects to do this which slows them down and harms your productivity. It also allows the criminals to make money from mining these digital coins without it costing them anything. With the increasing difficulty of mining and the falling value of cryptos, hopefully this is one attack that may decline. No doubt the hackers will think up another use for your stolen cpu cycles.
They’ve been around for years, but this is something not many business owners will have heard of but may be big news in 2019. It sees hackers take control over a powerful network of computers without the user’s knowledge. They then use this massive network of machines to perform DDoS attacks, brute force attacks and steal sensitive data.
OK, this is not a new issue for 2019 but it is still set to be the major news in cyber-security. This sees hackers gain access to your servers or network of computers to lock all end-users out of them. They will only unlock the machines once you have paid a huge ransom. Naturally, this is very bad for your profits and also all the working time lost while the issue is being resolved. The sheer profitability of this kind of attack for cyber-criminals means it will continue to cause problems for years to come.
Let Nimbus CS keep you safe
The real problem for most businesses when it comes to cyber-security is having the time and expertise to keep it as tight as possible. This is especially true in large corporations where one vulnerable machine out of hundreds could be the way hackers get in. We offer comprehensive cyber-security services to help review your current IT set-up and help manage any improvements needed. Contact us today to find out more.
Ransomware is a real problem for businesses of all sizes, and unfortunately, it’s here to stay.
Computer viruses have been the scourge of businesses since the year dot and ransomware is the latest scary prospect. Ransomware attacks like WannaCry rose by 350% last year, and 81% of industry experts expect the trend to continue in this upward curve.
Imagine turning up to work one day and finding yourself locked out of every single computer in the office. In fact, imagine turning up to work and being locked of the office itself. The only way to unlock your precious information – or your front door – is to pay a hefty fee to the cybercriminals who did this to you.
It leaves a bad taste in the mouth and a gaping hole in your company finances.
Protecting against ransomware
The simplest way to protect against this sort of threat, if you don’t have the in-house resources or expertise, is to outsource your cyber security. By using an expert IT support company like Nimbus CS you can dedicate your time to running your actual business, and let us worry about hackers.
We’ll holistically analyse your organisation’s computer security capabilities, let you know where the holes are, and how to fix them. We’ll install state of the art virus and malware computer solutions and provide friendly advice along the way.
Expert IT training
We can also offer IT training courses. As an accredited partner of Microsoft, you can trust that we know what we’re doing. Once we’re done you’ll be sure that every member of your staff is comfortable using your IT systems, knows how to prevent security breaches, and importantly knows what to do if a breach, unfortunately, does occur.
Training has the added upside of increasing IT system user efficiency, allowing not only you but also your employees to get on with running the company instead of being bogged down in computer problems.
By the end of 2019, a ransomware attack will target a business every 14 seconds. If they come for you, make sure your shields are up, and your staff are clued up.
Contact Nimbus CS today to learn more about our cyber security and training packages.