Companies facing cyber security issues seem to be becoming an increasingly common occurrence in the news lately.
With attacks like this, it’s important to share as much information as possible to ensure other companies don’t fall victim. Businesses can be reluctant to share this information so it’s important to share this.
In this article, we will provide some information on what the current leading cyber attacks are from our research.
Ransomware is when a malicious hacker gains access to your systems and will encrypt your data. They will then offer to release your data, usually at a price. Often if a company agrees to these terms the hacker won’t release its data. This can also lead to them being targeted again in the future.
While ransomware has been a popular tactic for cyber attacks for some time now it is fast becoming one of the leading tactics.
Many companies have been experiencing attacks like this recently. Due to the rapid digitisation of companies creating gaps in their cybersecurity.
Here are some of the steps we recommend to help tackle ransomware:
Use anti-virus software & a firewall
To help protect the security of your data it’s important to use reputable antivirus software (which helps to detect malicious applications, including ransomware) and ensure a firewall is in place. Maintaining a strong firewall can help prevent access from unauthorised users. Hardware firewalls (for businesses) are best but even a software firewall will offer protection. This will help to minimise the chance of attacks on your server.
Be extra vigilant when opening email attachments
Email is one of the most popular methods for delivering ransomware. You should avoid opening emails and attachments from sources that look unfamiliar or untrusted. Phishing spam, in particular, can fool you into clicking on a legitimate-looking link that actually contains malicious code.
Backup your critical data
Ensure you have a good backup of your files. Restoring your files from a backup can be one of the quickest ways to regain access to your data.
It’s important to consider a multi-pronged approach to backing up your data. This ensures you aren’t just relying on a single backup kept onsite. Cloud storage is a simple and cost-effective step you can take to give yourself additional resiliency in the event of having to rely on a backup.
Do not pay the ransom!
Many organisations are woefully unprepared for the impact of a ransomware attack. Paying the ransom only encourages and funds these types of cybercriminal activity. It’s important to consider that even if you pay the ransom you may not actually get all your data and files back. It’s a risky roll of the dice for sure and what’s even more worrying, a sophisticated cyber-criminal may try to extort more money out of you without releasing your data back to you!
With an increase in remote working due to the pandemic many employees can be found working from various locations.
As a result of this, some businesses are experiencing breaches due to employees not being aware of the cyber security risks working remotely poses.
Here are a few of the dangers:
If you opt to work from a cafe or any place with public wifi this can be exploited by a hacker. Often public wifi doesn’t have a password or the password is easily accessible.
This can result in your data being stolen through public wifi. So we recommend always working from private, password-protected wifi. If this can’t be avoided then you should ensure that you don’t open/send any sensitive data whilst connected to public wifi. This can help to reduce the chances of a hacker getting any data of use.
It’s easy to forget your surroundings when working remotely. Unlike working in an office you don’t know who is around you. If you’re viewing sensitive information or talking on the phone this could be recorded by anyone around you which could be used for malicious reasons. If you’re working from a public location it’s a good idea to never discuss or access any sensitive information.
When employees work from home they’ll sometimes opt to use their own personal devices such as computers, mobile phones and printers. However, these can pose a cyber security risk as they may not have the latest software updates or antivirus installed.
If employees are working from their personal devices it’s important to ensure that they always keep their devices up to date on the latest software patches and have antivirus software installed.
It’s worth noting that a popular trend in cyber attacks has been hiding malware in applications.
It’s easy to assume that mobile devices are safe from cyber attacks but this is far from the truth.
If any device has the capability to download applications or software then this is at risk of a cyber-attack. There is a current trend of hackers hiding malicious malware in these applications. The best tactic to avoid this happening is to always research the application and check the reviews before installation.
Another popular tactic recently has been phishing attacks. This is when a hacker will pose as someone you know asking for sensitive information. This is usually in the form of an email however recently there has been an increase in phishing activity on platforms such as Whatsapp.
These attacks usually start with a message from a person claiming to be someone you know. They will then state some form of urgency and ask for personal information. The best way to check if this person is who they say they are is to compare the number against the one you know is theirs. If this isn’t possible then contacting the person via a trustworthy format to confirm this is then the best option.
When you suspect a message you have received is fraudulent do not engage with the contact, delete the message and report it to the National Cyber Security Centre.
If you receive any contact that you aren’t 100% of the source we always recommend not engaging with the email and not clicking any links before you confirm the source.
With cyber threats always evolving the best defence is to stay informed. Knowing what to look out for and how to prepare will help to reduce your likelihood of a successful cyber attack.
If you would like to find out more about how we can help get in touch!
You can speak to a member of our team by either phone at 0161 464 6101 or send an email to firstname.lastname@example.org. Alternatively, you can fill out the contact form on our website and we will get back to you.