“How can we avoid cyber attacks?” That’s the question every organisation is asking as the threat of cyber crime continues to spiral.
It’s easy to point to solutions like anti-malware software or encrypting sensitive information, but as we explain in this blog, things are rarely that simple.
That’s because threats come in many forms, and it takes a holistic approach to deal with them all. Everyone in your organisation has their part to play, and it’s up to senior management to ensure their staff understand they way they might come under attack.
What are the biggest cyber threats?
Malware refers to ‘malicious software’, which are pieces of code that are planted on computers and networks to perform certain activities.
Types of malware include adware, which display pop-up adverts that attempt to generate revenue through clicks; spyware, which monitors the activity on an infected device; and viruses, which attach themselves to programs, script files, documents, etc. to spread as far and wide as possible.
However, one of the most notorious types of malware is ransomware.
With almost 2.8 billion known unique forms and countless attacks in the past few years, ransomware is taking the cyber crime industry by storm.
Ransomware attacks are based on a simple premise: organisations need access to their files to operate and make money. When they’re locked out of those files, a ransom payment is the most affordable way to get back to work.
However, those files are only as valuable as they are if they are the only copy. You can avoid criminals’ demands if you have a plan for when your organisation is infected.
- DDoS attacks
DDoS (distributed denial-of-service) attacks occur when criminal hackers use a network of compromised computers, known as a botnet, to spam a target site with traffic.
The site is unable to process such a high volume of requests and crashes.
DDoS attacks therefore shouldn’t be thought of as cyber attacks in the way you might think of them. They’re not designed to steal data but to disrupt the target organisation. As such, they’re normally conducted when the criminal hacker has a political or personal reason to attack.
That said, there have been instances of DDoS attacks being conducted to distract the organisation while the spammers conduct another attack, so it’s always worth assessing the damage once you’re back online.
- Social engineering
Social engineering is a type of attack in which criminals imitate a legitimate person or organisation. Depending on the method of attack, they’ll attempt to trick the user into handing over sensitive data, downloading a malicious attachment or giving them access to a restricted space (either login details or physical access to the organisation’s premises).
The most common form of social engineering is phishing. These are spam messages – typically emails – that contain urgent requests, generally about a problem with the organisation’s service delivery or the user’s login details.
Some phishing scams contain links that direct users to a facsimile of the legitimate site, enabling the crooks to log the individual’s username and password. Others contain malicious attachments that infect the recipient’s computer with malware.
Although most phishing attacks are email messages, similar tactics are also common on social media and in text messages.
- Internal error
Security threats aren’t always from cyber criminals; sometimes, the biggest risks come from the employees you put in charge of handle that data.
Employees are one of the leading causes of breaches, because they routinely make mistakes that expose sensitive information to the public.
This often happens when they send emails to the wrong people or copy recipients in the Cc field instead of the Bcc field, meaning that everyone can see who else received the message.
Free PDF download: Cyber Security and ISO 27001 – Reducing your cyber risk
Find out how else you can address the threat of data breaches with our free guide: Cyber Security and ISO 27001 – Reducing your cyber risk.
You’ll learn how ISO 27001, the international standard for information security, helps protect your organisation and why so many organisations have decided to adopt its framework.
Addressing cyber security threats
The best way to tackle these threats is to create a culture of cyber security. This is an organisation-wide commitment to data protection in which technology, policies and processes are all designed with security threats in mind.
Creating this culture isn’t easy. You’ll need a structured approach – preferably aligned with ISO 27001, the international standard for information security – that provides ongoing solutions tailored to your needs.
This includes things likes risk assessments to evaluate the severity of the threats you face and gap analysis to determine where your security processes fall short.
We also suggest that you:
- Regularly test your systems
Make sure your IT systems and solutions are up to date and protected by establishing a patch management programme to apply updates to your software and applications.
This should be paired with a technical security regime, in which you conduct vulnerability scans and penetration tests to look for weaknesses in your organisation.
- Close the skills gap
Most organisations approach cyber security backwards: they spend their budget on technologies that can prevent cyber attacks and then ask staff to incorporate the technology into their processes.
They would be much better off focusing on staff awareness. Organisations that enrol their staff on cyber security training courses will end up with more highly skilled employees who are unlikely to expose sensitive information.
- Plan for disaster
Plan for what will happen when you suffer a security breach. This includes identifying what remedial steps needs to be taken, who is responsible for each task and how you are going to communicate with employees, third parties and regulators.
Your plan should be the end-product of a risk assessment, in which you identify which threats are most likely to occur and the damage that they will cause.
If you’re looking for advice on improving your ability to handle disasters, IT Governance can help. Our Cyber Incident Response Readiness Assessment provide an impartial and detailed review of your organisation’s cyber resilience capacity.
It covers your processes, policies and procedures; whether key stakeholders in your business know how to report a suspected incident; who is responsible for escalating, containing and remediating an incident and much more.
We can also help if you suffer a security incident and need emergency support. Our team of cyber security experts are available to guide you through the response process, identifying and addressing the source of the incident and helping you get back to business as soon as possible.
You can get started by calling us on 0044 1353494464.
A version of this blog was originally published on 13 November 2019.