Why doesn’t cyber security get the respect it deserves? On average, millions of Americans are impacted by data breaches every year, and still, many companies have not embraced a corporate culture that includes privacy and security in their core values. Cyber security surveys affirm that 92% of business desire to have a well-designed cyber security plan, but only 20% are successful in executing one. So how are these cyber criminals attacking your business? We have the answer.
It’s no surprise that hackers want money, but the mere thrill they get from entertainment may shock you. Some cyber criminals attempt to attack your enterprise for the challenge, while others are after institutional secrets for industrial and geopolitical espionage.
In 2015, Russian government-backed hackers got a hold of highly classified U.S. cyber secrets from the National Security Agency after a contractor transferred information to his home computer. Reported first by the Wall Street Journal, the theft included information on piercing foreign computer networks and protecting against cyber-attacks and is inclined to be considered one of the most significant security breaches to date and could enable Russia to bypass NSA surveillance and potentially penetrate U.S. networks.
Most hackers acquire the information they can sell or use. Stolen credit card numbers are at the bottom of the barrel these days because they are so easily accessible. Social security numbers are a main target- they are worth much more to identity thieves to commit miscellaneous crimes pretending to be someone else. Hackers can open new credit and bank accounts, commit tax fraud, access brokerage accounts, get medical treatment or even apply for various benefits. No identity theft is easily handled, but unlike a credit card that can instantly be closed, a Social Security number has a timeless shelf life.
Health records are even more worthwhile because they’re a data-rich market. In addition to enclosing Social Security numbers, they have medical history, date of birth, insurance information and perhaps the credit card used to cover co-pays. Many medical organizations have placed their focus on patient care and less on patient privacy and cyber security. They may not realize the value you of the data they collect.
Historic compromises have included small-to-medium size financial institutions, likely due to the less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities, the alert continues. The FBI expects the ubiquity of this activity to continue or possibly increase in the near future.”
- Brian Krebs, Cyber Crime Researcher
Monetary damages aren’t the only concern for business owners and cyber crimes - data theft and breaches can tarnish a company’s brand and customer reputation. No matter the industry, all business owners should be familiar with the multitudes of cyber-attacks for a better standing ground to prevent becoming a victim.
Malware is a term used to represent a variety of cyber threats like spyware, viruses, bots, trojans, and worms. It's code written with the intent to steal or destroy data on a computer or network. Malware is commonly introduced via email attachments, downloads or network vulnerabilities.
Phishing is the practice of sending emails disguised to be from trustworthy companies to lure people into revealing personal or classified information such as usernames, passwords, access links, credit cards numbers, etc. These emails often look legitimate with links to copycat websites where cyber criminals can steal any information procured.
Password attacks occur when third parties try to obtain access to computer systems or networks by cracking a user’s password. These attacks don’t usually involve any malicious software or code- instead uses the software on the attacker’s computer that’s capable of cracking passwords with information the attacker can provide.
A denial-of-service (DoS) attackers focus on disrupting the service to a network. These attacks can prevent your business from accessing emails, websites, online accounts and any other services that your business may rely upon via computer. Attackers basically seize control of multiple computers and use them to generate high volumes of traffic or data streams through your network until it becomes too overloaded to function. The targets for this common cyber crime are usually large corporations or government sectors, but anyone can become a victim of having their computer hijacked. Without a proper monitoring system in place, many victims are unaware of DoS attacks.
A data breach of any kind can hurt your business. A well executable security plan is what businesses need. Precise plans prioritize steps to be taken that defend the business network and data against most known attacks. Some steps may seem common and others beyond the capability of the average small business, but all are standards of effective cyber security.
Wanting more guidance on how you can protect your business?
Download our FREE Cyber Security Guide!