Organisations of all sizes are waking up to the threat of data breaches. But don’t be fooled into focusing on the prospect of a hacker breaking into your systems. There are many other ways that your organisation can be compromised.
Let’s take a look at seven of the biggest cyber security threats you should be concerned about.
1. Cyber attack
Criminals target organisations in many ways, but their methods can be broadly broken down into three categories.
First, they can use exploits to access to sensitive information. This includes things like brute-force password hacks, in which hackers visit a log-in page and use a tool that generates millions of passwords to look for the correct credentials.
The second type of cyber attack uses malware to gather sensitive information or cause business disruptions.
The third type of cyber attack is social engineering, which is different enough from the other techniques to warrant its own discussion.
Ransomware is one of the fastest-growing cyber security threats, with almost 2.8 billion known unique forms. It’s a type of malware that encrypts files and blackmails the victim into handing over money to receive the decryption key.
The threat of ransomware is so severe in part because almost every organisation is vulnerable. Even if your network is resilient, the malware can be planted in phishing emails, ambushing victims when they click the attached file.
Ransomware victims often feel compelled to give in to the criminals’ demands. However, this is rarely a good idea, because you can never trust that the fraudsters will keep their word and provide the decryption key. Even if they do, you’ve made yourself a target for future attacks.
You should instead make sure you have a plan for when your organisation is infected.
You can find out more about ransomware by downloading our free guide: Ransomware – Threats and mitigation.
This green paper contains an in-depth discussion of ransomware and the different ways that it can target your organisation.
It also provides expert advice on how to protect your organisation from a ransomware attack and what to do if you fall victim.
3. Employee error
Data breaches aren’t always malicious attacks. Sometimes incidents are caused by the people you put in charge of using that data.
Employees are one of the leading causes of breaches, because they routinely make mistakes that expose sensitive information to the public.
This often happens when they send emails to the wrong people or copy recipients in the Cc field instead of the Bcc field, meaning that everyone can see who else received the message.
4. Social engineering
Social engineering is a type of attack in which criminals imitate a legitimate person or organisation. Depending on the method of attack, they’ll attempt to trick the user into:
- Handing over sensitive data;
- Downloading a malicious attachment; or
- Giving them access to a restricted space (either login details or physical access to the organisation’s premises).
The most common form of social engineering is phishing. These are spam messages – typically emails – that contain urgent requests, generally about a problem with the organisation’s service delivery or the user’s login details.
Some phishing scams contain links that direct users to a facsimile of the legitimate site, enabling the crooks to log the individual’s username and password. Others contain malicious attachments that infect the recipient’s computer with malware.
Although most phishing attacks are email messages, similar tactics are also common on social media and in text messages.
5. Unauthorised access
Social engineering isn’t the only way a someone can steal information from inside your premises. Another example involves someone visiting your office and being told to wait by someone’s desk, where they could view sensitive data.
Although you should certainly be concerned about the public gaining unauthorised access to sensitive information, employees are far more likely to be responsible for such incidents.
Organisations store all manner of sensitive information, and much of it is only meant for select employees. Take payroll information for example, which should only be accessible to those who need it for their job (typically HR and relevant line managers).
But if the organisation doesn’t implement appropriate security controls, anyone in the organisation will be able to view that information. They might do so by seeing physical documents or stumbling across it on your online portals.
6. Malicious insiders
As we’ve explained throughout this article, employees are a major security vulnerability. This doesn’t only include making mistakes that help fraudsters access sensitive information; they might actually be the crooks themselves.
Malicious insiders tend to be motivated by the same reasons as any other type of criminal:
- Revenge: An employee who feels unappreciated or who has been laid off might hit back by sabotaging the organisation.
- Financial gain: An employee desperate for money might email copies of databases to themselves to sell on the dark web.
7. Physical theft
Not all data breaches relate to digital information. Organisations should also be concerned about physical theft – namely paper records and devices that provide access to sensitive information.
If paper records aren’t properly disposed of, they can easily end up in the wrong hands. A crook might catch on that you’re throwing documents away without shredding them and loiter by the bins.
Similarly, organisations need to take care when disposing of devices like computers and USB sticks. Unless everything is completely wiped, fraudsters and dumpster divers could stumble onto a wealth of sensitive data.
Physical theft can also occur when employees leave records and devices unattended in a public place. For example, they might turn their back on their bag while on a train or in a café, giving an opportunist thief the chance to swipe its contents.
What to do when you suffer a cyber attack
When an organisation learns that it has been breached, time is of the essence. The faster it can resolve the vulnerability and begin its remediation efforts, the less damage it will face.
Organisations that respond swiftly will reduce the amount of data or systems that are affected, and will demonstrate to customers and regulators that they take information security seriously.
That’s why it’s always helpful to have experts on board when disaster strikes, and with IT Governance’s Cyber Incident Response Management consultancy service, you can be sure that you get the support you need.
Our data protection experts will detect and contain threats using a best-practice incident response programme.
Combining technological solutions with processes and procedures, we ensure that when faced with cyber threats, you face minimal delays and that your reputation stays intact.
A version of this blog was originally published on 22 October 2019.