Cybersecurity is a big deal. It represents the largest security threat to modern businesses and is only getting more sophisticated each year. The dramatic increase in the number of mobile devices globally also means that businesses face an ever-expanding number of potential avenues of cyber threats.
Businesses have no choice but to take an active stance in addressing and mitigating cyber threats or else risk significant financial or reputational damage. So with the complexity of threats and the number of pathways for attacks continually increasing, what are the most significant cyber threats today and what can Australian businesses do to protect themselves against them?
Phishing essentially involves any process where someone tries to steal confidential personal information. This is usually done via email, where cyber criminals send emails containing links to bogus websites. The targets are then encouraged to enter personal details that can be used at a later date to for example access bank accounts or port their phone sim over to the attacker.
Uneducated employees are a company's biggest liability to phishing scams. Therefore, the best protection is to inform and train all staff on what phishing scams are, how they target businesses, and how they can best identify phishing attempts. Staff need to be informed to limit what they share about themselves online both personally and professionally and to avoid clicking on links or download attachments unless they are sure it is from a legitimate source.
Ransomware involves using malware to lock or disable an infected computer or network until a fee is paid. Similar to other types of computer viruses, after an initial infection the ransomware attempts to spread to any shared drives or accessible systems. If the ransomware demands are not met, the system may be permanently unavailable or the data encrypted or deleted.
Ransomware infects computers via the same pathways as other malware types such as from malicious emails, links, or websites. The most effective protection is to install anti-virus software on all systems and ensure they are up to date. Application whitelisting is another useful approach. Offline backups of important data should also be used.
A Distributed Denial of Service (DDoS) involves disabling a website or platform by overwhelming it with traffic. Unlike ransomware or other types of threats, DDoS attacks are generally aimed at disrupting the availability of systems. However, for large organisations this can quickly lead to many thousands, or even millions of dollars in business losses. And cyber criminals are also now using DDoS attacks as a means of extortion, whereby businesses are threatened with further attacks unless payments are made.
To protect against DDoS attacks, websites should operate on a different set of architecture to critical business systems. IT security patches need to be regularly applied. Ensure that a DDoS attack response plan has been formulated and is regularly tested. Finally, it's important not to respond to extortionary emails, even to refuse an extortion attempt.
4. Social Media Hacking
Hacking social media accounts may not have the same potential to cause immediate financial losses as other cyber threats but with the importance of social media today it can still cause significant damage. Hacked accounts can cause individuals or companies to lose many hard-earned followers or have their brands and reputations irrevocably damaged.
Employees need to be made aware of how to stay safe when using company or individual social media platforms as well as how to create and manage secure passwords to make sure no external parties can access their accounts.
5. Secondary Targeting
As it has become more and more difficult for cyber criminals to directly compromise larger organisations, they are increasingly turning to secondary targets to access the data they’re after. This involves using connected networks such as third-party businesses, suppliers, consumers etc. For businesses, it then becomes a case of only being as strong as your weakest link.
The extent of this type of threat largely depends on the relationships a business has with outsourced providers and their access to client networks and databases. To protect against this threat requires a thorough assessment of all provider access to your networks and databases. You need to make sure you have secure connections and that people connected to your networks are trusted and aware of this type of threat.
6. Unauthorised Cryptomining
This is a more recent threat and involves installing malware on a device to use that system’s processing power to “mine” cryptocurrencies. Mining is essentially the process of using software that runs complex mathematical problems to verify digital currency transactions.
Unauthorised cryptomining can significantly affect a business’ computing resources and drive up their energy costs.
To avoid detection, some cryptocurrency malware is designed to consume only low levels of system resources. Therefore, to defend against this threat, businesses need to rely on good cyber security practices including maintaining up to date anti-virus/malware software and firewalls.
There is no doubt that cybersecurity poses major threats to all modern businesses. Threats such as phishing can be incredibly low cost to cyber criminals but create significant costs to organisations to protect against them. Companies have no choice but to dedicate resources and expertise to ward off the threats posed by cyber-attacks or else have their operations or brand affected.
To find out more about the latest cybersecurity threats and how best to respond, XLdigital can help you with your cybersecurity specialist needs.