The Dark Side of The Interwebs
Updated: Jul 10, 2020
The cyber world is home to many wonderful things. Including all of us. Our businesses, bills, family, even our jobs have found a comfy place to call home. The best part? You never have to leave your home to visit there. Before you call it utopia consider this:
You just put all of your data in the hands of the interwebs in the name of convenience. But at what cost? For some, it costs them everything. Internet outlaws are hiding everywhere and if you're not careful you become a victim.
Cyber attacks are becoming a sign of the times that affect everyone. Take a look at some statistics provided by Varonis that might surprise you:
64% of Americans have never checked to see if they were affected by a data breach. (Varonis)
Hackers attack every 39 seconds, on average 2,244 times a day. (University of Maryland)
In 2017, 147.9 million consumers were affected by the Equifax Breach. (Equifax)
43% of breach victims were small businesses. (Verizon)
82% of employers report a shortage of cybersecurity skills. (ISSA)
Damage related to cybercrime is projected to hit $6 trillion annually by 2021. (Cybersecurity Ventures)
Security breaches have increased by 11% since 2018 and 67% since 2014. (Accenture)
What exactly is a cyber attack?
Cyber attacks come in many forms and are always evolving. Chances are by the time you're finished reading this there will fifteen new attacks to watch out for. But for now here's a look at the more common types of cyber attacks hackers use:
This type of attack usually begins after an unaware user clicks on a malware infected link or email attachment. Malware is a broad term used to describe malicious and harmful software, more specifically, malware consists of any of the following:
Ransomware- malware designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.
Spyware- collects information from a computing system without your consent such as keystrokes, screenshots, credentials, various personal data
Phishing- an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques
Viruses- program that spreads by first infecting files or the system areas of a computer or network router's hard drive and then making copies of itself
Worms- worms often spread from computer to computer and take up valuable memory and network bandwidth, which can cause a computer to stop responding
Man-in-the-middle Attack (MitM)
This type of attack is also known as an "eavesdropping attack". A hacker will interrupt the network traffic of a two-party transaction to steal data. There are two commonly used points of entry for this type of attack:
Unsecured Wi-Fi network, (e.g. public Wi-Fi with no password)
Malware infected device that an attacker can then use to install software that will process victim's information remotely
Denial-of-service Attack (DDoS)
This type of attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber attack.
A distributed denial-of-service (DDoS) attack occurs when multiple machines are operating together to attack one target. Attackers often leverage the use of a botnet (a group of hijacked internet-connected devices to carry out large scale attacks) to take advantage of security vulnerabilities or device weaknesses to control numerous devices using command and control software. Once in control, an attacker can command their botnet to conduct DDoS on a target. In this case, the infected devices are also victims of the attack.
DDoS attacks have increased in magnitude as more and more devices come online through the Internet of Things (IoT) (seeSecuring the Internet of Things). IoT devices often use default passwords and do not have sound security postures, making them vulnerable to compromise and exploitation. Infection of IoT devices often goes unnoticed by users, and an attacker could easily compromise hundreds of thousands of these devices to conduct a high-scale attack without the device owners’ knowledge.
Structured Query Language (SQL) injection is an attack technique that attempts to subvert the relationship between a webpage and its supporting database, typically in order to trick the database into executing malicious code.
This type of attack usually involves a combination of over-elevated permissions, unsanitized/untyped user input, and/or true software (database) vulnerabilities. Since SQL injection is possible even when no traditional software vulnerabilities exist, mitigation is often much more complicated than simply applying a security patch.
A zero day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched. An exploit that attacks a zero-day vulnerability is called a zero-day exploit.
A zero day exploit occurs when an attacker takes advantage of a publicly disclosed or undisclosed vulnerability prior to vendor acknowledgment or patch release. Vulnerable systems pose a much higher risk and are often targeted by cyber criminals.
If you're a business owner chances are you use the internet to transact. Which means you could be target. If you're not properly mitigating cyber crime it could be devastating for your business. But how do you protect yourself?
Cybersecurity is essential!
The FCC website lists these cybersecurity tips for small businesses:
1. Train employees in security principles
Establish basic security practices and policies for employees, such as requiring strong passwords, and establish appropriate Internet use guidelines that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data.
2. Protect information, computers, and networks from cyber attacks
Keep clean machines: having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Set antivirus software to run a scan after each update. Install other key software updates as soon as they are available.
3. Provide firewall security for your Internet connection
A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure the operating system's firewall is enabled or install free firewall software available online. If employees work from home, ensure that their home system(s) are protected by a firewall.
4. Create a mobile device action plan
Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password-protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment.
5. Make backup copies of important business data and information
Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite or in the cloud.
6. Control physical access to your computers and create user accounts for each employee
Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel.
7. Secure your Wi-Fi networks
If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden. To hide your Wi-Fi network, set up your wireless access point or router, so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.
8. Employ best practices on payment cards
Work with banks or processors to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations pursuant to agreements with your bank or processor. Isolate payment systems from other, less secure programs and don't use the same computer to process payments and surf the Internet.
9. Limit employee access to data and information, limit authority to install software
Do not provide any one employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install any software without permission.
10. Passwords and authentication
Require employees to use unique passwords and change passwords every three months. Consider implementing multi-factor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multi-factor authentication for your account.
No matter how efficient you think your network security is you could still be at risk. Cyber criminals are developing new attacks everyday. Before you panic, talk to your insurance agent and ask them about cyber insurance.
What is cyber insurance?
Cyber insurance is designed to help you mitigate losses incurred due to cyber attacks. Coverage for this type policy will depend on your cybersecurity. The more protected you are, the more coverage options available. So its absolutely crucial that you do everything you can to protect your data. Inadequate protection could mean a denial of coverage and unpaid claims.
Talk to your agent today about setting up a risk management plan for your business!