Recent years have seen a dramatic rise in cybercrime both globally and here in the United States. Emboldened by tumultuous global events such as the war in Ukraine and the Covid pandemic, criminals have developed inventive new ways to infiltrate corporate IT systems for their own gain, with the average cyber-attack costing US businesses $18,000 in 2022.
While attacks on smaller businesses don’t garner the same attention as those perpetrated against large corporations, around half of all cyber breaches affect businesses with fewer than 1000 employees, necessitating a range of strict cyber security protocols and technical measures.
While threat protection tools such as anti-virus software and firewalls have a vital role to play, they should be used alongside a culture of cyber security diligence, especially since the majority of data breaches remain end user initiated. In this article we’ll briefly explore some of the most commonly encountered online threats, and some of the steps your team can take to mitigate against the threats they pose.
Your employees will stumble into harm’s way if they don’t know the tricks and tactics cyber criminals use. Introducing your team to some of the most common and virulent online threats is a great place to start.
A portmanteau of “malicious” and “software,” malware refers to a various types of malicious code used by hackers to corrupt data, damage hardware and seize files, often to obtain direct financial reward. Common malware types include:
- Ransomware. Possibly the most feared type of malware in existence, ransomware typically encrypts files or blocks systems access, with restoration promised if a fee paid. Unfortunately, hackers often renege on this promise, failing to restore access or files upon receipt of their reward
- Remote access trojan (RAT). Remote access trojans grant hackers the ability to take command of target machines remotely. Such malware often goes undetected by anti-virus software and allows criminals to browse files and applications unbeknownst to the end user.
- Spyware. Spyware programs stealthily harvest data from computers using a variety of techniques and send it back to the hacker to be exploited. “Keyloggers” are a common example, which hackers use to record manually entered username/password combinations in order to compromise accounts.
- Trojan. Trojan malware takes the appearance of legitimate software in order to fool end users into actioning it. Once executed, such programs can permit hackers to steal, corrupt, damage and exploit systems in similar ways to the other malware types on this list.
- Viruses. The terms “viruses” and “malware” are often used interchangeably, which is inaccurate. Viruses refer to a subtype type of malware that is able to replicate itself and spread in order to inflict network-wide damage. Their ability to spread between computers on the same network can put far greater quantities of data at risk.
- Botnet software. Hackers use botnet software to commandeer large collections of network-connected endpoint devices in order to conduct potentially more lucrative attacks. Botnet attacks are often used as platforms for other attack types, including phishing, DDoS and password-hacking attacks.
Firewalls, anti-malware programs, email filtering and swift patch management are all critical malware countermeasures, but such technical measures aren’t infallible. Ensure your team follow online safety best practice in order to minimize the malware threat:
- Don’t execute email file attachments unless you can authenticate the sender’s identity with 100% accuracy.
- Exercise extreme caution with website pop-ups, especially those promising prizes or product discounts – if it sounds too good to be true it most likely is.
- Don’t enter account credentials unless you have a way to verify the legitimacy of a request. If in doubt, contact the party in question by communication channels you know to be legitimate.
- Only download applications and files from legitimate, credible sources, and try to limit downloads to those strictly required for work purposes.
- Avoid connecting unknown removable storage devices to work PCs and disable “autorun’ to prevent the automatic execution of files which could features disguised malware.
“Phishing” refers to a broad range of cyber-attacks centered around coercion and emotional manipulation. Phishing scammers often use emotive language and a sense of urgency to compel users to disclose sensitive information, transfer money or download malicious files.
It’s believed that up to 90% of data breaches originate from email-based phishing scams, meaning it’s essential to familiarize your team with the techniques such scammers employ. Some common examples of phishing scams include:
- Business email compromise. This increasingly common phishing scam involves the impersonation of high-ranking company executives, often using a tactic known as “email spoofing.” The transfer of money or acquiring compromising information is often the end goal of such scams.
- Spear phishing. This targeted phishing scam uses publicly available information (such as social media posts) to convince the target individual of the legitimacy of a request. Involving a degree of background research on the part of the scammer, spear phishing campaigns have a higher success rate than more basic forms of phishing.
- Smishing and Vishing. While phishing is most often associated with email, it isn’t the only communication medium utilized. “Smishing” scams are performed via text message, and “vishing” scams involve phone calls. Both use the same coercive techniques as email-based phishing: with fear, urgency and excitement deployed as emotional leverage.
Email filters are an indispensable tool in the fight against phishing scammers. Theses filters are able to intercept phishing attempts by comparing inbound mail against some of the most common hallmarks of suspicious correspondence, including known malicious domains, the presence of links in the body of the email and the pronounced use of coercive language.
It’s inevitable however that some ill-intentioned emails will escape the filter’s protection. Encourage your team to maintain vigilance when handling emails…
Encourage users to cross check the sender’s email address. Scammers trying to impersonate trusted individuals or entities often use email domains that are similar but not identical to that of the legitimate organization. Encourage users to diligently check email addresses for spelling irregularities.
Additionally, stress the need for extreme caution when a seemingly legitimate request is sent from a public domain email domain such as Gmail or Yahoo, as such emails are very unlikely to originate from a trusted organization.
Urge caution when it comes to attachments. Encourage your team to treat email attachments with a degree of suspicion. In the age of cloud storage, there is very little need to send files internally as email attachments. If an attachment-bearing email originates from outside your organization encourage employees to verify the identity of the sender prior to opening the file, particularly if the attachment was unexpected.
Be wary of emotive language. Phishing scammers want their victims to make rash, ill-advised decisions, and use emotive language to achieve this. They’ll often stress the need to take quick action in order to avoid disastrous consequences (your account has been compromised, click *here* to reset your password), or present a supposedly rare opportunity (a limited time offer or prize to be claimed) with a time-limit attached. Urge your employees to be hyper-vigilant in the face of such tactics.
Avoid clicking “reply.” Inbound mail can appear suspicious for a variety of reasons. The sender’s address may appear legitimate, but the wording and sentence structure seems out-of-character or riddled with errors. Or perhaps you’ve received an email from someone claiming to be a supplier but instead of their corporate email domain it’s been sent from a personal account. Whenever an email seems dubious in any way, encourage staff to respond using the catalogued email address held for the sender: not the “reply” button. This will help you quickly distinguish valid enquiries from the fraudsters.
Stay tuned for our next article, where we’ll explore further measures you can take to safeguard your network from cyber criminality.
Exceptional managed IT with a strong cyber security focus
Here at Office Automation Technologies, we know that in can be tough balancing data security obligations with the daily challenges of running a business. Since 1994 we’ve been helping businesses across the Denver metro area meet their data security obligations in some of the most highly regulated sectors. Contact us today to find out how we could help your business thrive with technology that’s secure, stable and conducive to your business goals.