Ransomware was listed as the top security threat in the United States during the pandemic, but it isn't the only threat a business needs to guard against. Phishing, social engineering, and general bad employee cyber hygiene contribute to becoming a rife target for cyberattacks.
How can a hacker get control of my business?
Ransomware is a form of malware that is created to lock down your company's data and tools so that a bad actor can demand a ransom to release control back to your company. Kaspersky, one of the world's leading cybersecurity firms, defines ransomware as: "extortion software that can lock your computer and then demand a ransom for its release."
However, it's only the final step the attacker takes in the strategy employed to win the information necessary for the ransomware to be put in place. To have enough leverage to lock down enough services to demand a ransom, hackers generally look to lock down as many of your company's tools and services as possible. The usual steps of a cyberattack are:
1. Phishing Emails
By now, hopefully, everyone is familiar with phishing emails. These are emails that are designed to look like they are from specific services (e.g. Google or Microsoft). They usually either ask for passwords or get you to click on a link that will download malware to your computer to gather your passwords. They are often so well-designed that IT professionals will find themselves falling prey to them.
Often, attackers will use information obtained by phishing to collect names and passwords from other services. If, for example, your Google account is compromised, a bad actor can use your Gmail to reset passwords from other services - particularly if you have not enabled multi-factor authentication on all of your services.
Phishing emails are one of the most accessible attack vectors to protect from with frequent employee training, good onboarding practices which teach employees how to avoid phishing, and extra email security measures.
2. Social Engineering
An attacker can also obtain usernames and passwords through a process called social engineering, which is frequently used in addition to phishing emails. The attacker employs real-world rather than digital methods to manipulate and get information out of key employees through this process.
Phone calls and even in-person visits to ingratiate themselves are frequent ploys. A bad actor may present themselves as a job applicant, a potential client, or a contractor. The top way to guard against social engineering is to never give out personal information to people you don't work with regularly - including names of your children, pets, where you were born, or any other information that could help a bad actor guess your passwords.
3. Brute-force attacks
This is the classic presentation of a cyberattack that most people think of when they picture a hacker slouching over a keyboard in a hoodie trying to break into a digital system. In a brute-force attack, a hacker uses various means to "guess" vital login information. Interestingly, they are much harder to pull off than obtaining information from phishing emails and social engineering - at the moment. AI and machine learning may bring these old-school attack methods back in force, and as such, your firm needs extra layers of protection to guard against them.
What can you do to better protect your business?
In a recent Ask Me Anything (AMA) on Reddit, members of IST.org's Ransomware Task Force were asked, "What are the top 5 things corporations, business entities, and people can do that they currently don't to better protect themselves from cyber attacks and ransomware?"
Their answers were:
- Multi-factor authentication (MFA)
- Patching
- Endpoint protection and monitoring
- Scanning of remote infrastructure
- Threat hunting for attackers
The first two things are things that businesses can quickly implement in-house; multi-factor authentication for all logins and installing security patches for website services, software solutions, and apps at regular, frequent intervals. The last three may require the use of outside assistance or technology solutions.
How can UpCurve Cloud help?
UpCurve Cloud has developed a cybersecurity plan in partnership with Google that allows you to lock down and monitor everything to do with your Google Workspace domain. As a bonus, having our plan in place will also bring you into compliance with many federal and state regulations on data privacy and protection. Contact us today to find out more.
Contact Us to Learn More about Transforming Your Business