Most business executives and owners of smaller businesses have heard of or suffered from online fraud. Known as cyber-attacks, these malicious breeches prey on a company’s computer or cloud infrastructure, its employees and its clients to make illegitimate income for anonymous criminals who may live in faraway countries.
Based on the cost of these attacks, it makes sense for organizations to invest in ways to prevent breaches and reduce exposure. It is better to be safe than sorry.
The Cost of Cyber Attacks
Unfortunately, when this type of event happens, it can cause enormous economical damage as well as create hours or even days of losses due to system or website downtime. Many of these attacks may con employees or business owners to make bank transfers to fraudulent accounts or blackmail company decision-makers for money. Other attacks may illegitimately pose as a bank or other trusted institution in an attempt to obtain important private information like social security numbers, bank account details, or login credentials.
Cyber attacks can be expensive. The average cost of an attack is hard to calculate because it varies depending on the size of the company and the type of information it manages. However, according to IBM’s 2020 “Cost of a Data Breach” report, the average total cost to a company of a cyber attack is in the region of $8M. Many smaller or medium-sized businesses hear such a large number and assume that it could never happen to them. However, multiple sources also attribute the value of a cyber attack based on the number of consumer records compromised. For example, across all industries, data breaches are said to cost approximately $150 per compromised account. A small business that manages just 1,000 consumer accounts can thus be liable for $150,000. A medium-sized company with, say 10,000 consumers on its books could be on the hook for $1,500,000 after a cyber attack. Certain business-to-business companies stand to lose much more due to fraud. If, for example, a law firm that frequently handles hundreds of thousands of dollars in escrow is electronically defrauded into sending that money to a hacker instead, the cost can be catastrophic. These costs, which can easily bankrupt a small or medium-sized company, do not take into account the transactions lost due to any potential system downtime or the reputational damage the attacked company is likely to face.
It makes economic sense to invest in the time and infrastructure it takes to train and build defenses against cyber attacks. For a fraction of the cost, there are cybersecurity experts that can put measures in place to lower the probability of such attacks and lessening the impact should they occur.
Defending Against Attack
The best time to mount a defense against cybercrime is before the attack happens. Being proactive is an important part of any security strategy and education is the first step to being proactive. By knowing about the typical types of cyber attack a company and its employees can look out for certain signs, build adequate defenses and take steps to mitigate any potential damage well before an attack is made.
Types of cyber-attacks include those that occur at an organization’s firewall, those that occur at user endpoints, those that compromise an organization via email, those that rely on a company failing to adequately backup it’s data in a recoverable way and those that breach the security credentials of a website.
Ensuring that each one of these components of an organization’s IT footprint is protected requires being aware of the type of attacks that can occur at that part of the “perimeter”.
Let’s explore the types of attacks on each of these components and how best to mount a proactive defense in each area.
“It makes economic sense to invest in the time and infrastructure it takes to train and build defenses against cyber attacks.”
A firewall exists as a virtual barrier that prevents unwanted traffic to pass through to an organization’s servers or computer network. Rely on the following means to best manage a safe firewall that can prevent the latest cyber threats:
- Use advanced network configurations
- Make sure all anti-malware and anti-virus software is up to date, functional,paid and properly configured
- Consider a managed solution. There are many companies that can provide network security as a service. This allows an organization to focus on its core business knowing that their network and service.
Employees and executives of an organization use a variety of devices to access company information and communicate with clients and colleagues. Each one of those devices is an “endpoint” and if one of these phones, tablets or desktops becomes compromised then there is a chance that cyber attackers (hackers) can gain access to the organization’s data.
It is important to note that not every endpoint is a device with a screen. Target famously suffered a data breach several years ago where millions of consumers’ financial information was stolen. The endpoint the hackers used to gain access to the network was the internet-connected HVAC air conditioning system! To protect endpoints from being the source of a breach or cyberattack, organizations can:
- Create employee policies and conduct trainings that increase staff awareness of endpoint vulnerability
- Ensure that the organization’s firewall configurations are replicated in the endpoints
- Ensure that endpoint operating systems are all up to date, patched and supported
Email communications are a common way for hackers to infiltrate an organization. A hacker can pose as a client, supplier or colleague and send an email to a member of an organization’s staff asking for sensitive information. These attacks range from simple phishing scams (automated emails that target gullible individuals en mass) to highly targeted whaling scams (the term used when hackers manually target an organization’s leaders in an attempt to obtain large amounts of money). Malware and ransomware attacks often enter a company through links or attachments from scam emails. Malware infects an organization’s network with a virus that can have a number of malicious effects including using an email system to send out scam emails using an organization’s domain (eg email@example.com). Ransomware shuts down access to all of an organization’s system, then demands payment in bitcoin to release the hold on the data! Here are some ways to protect against email hackers:
- Antivirus/malware installed on the email server
- Using a different server for an organization’s email and its website
- Encryption on the server (AES) and in transit (SSL)
- Staff training on good email hygiene
- Anti-phising and anti-spam technology
Backup and Recovery
To back up the information on an organization’s server is to make a copy of the data, software and other digital assets and store it in a secure area. Recovery refers to the action of wiping clean a server’s content and reinstalling the content based on the latest backup in order to continue conducting business. Backup and recovery must work together to ensure that in the case of a cyberattack (such as the ransomware attack mentioned above), business can continue as normal. Here are some ways to ensure the best system for backup and recovery:
- Proactive detection of ransomware to ensure that the backed-up copies of an organization’s server are clean
- Storing data in multiple locations to ensure availability in case of disaster or cyber attacks on multiple areas
- Frequent test recovery points and recovery time to ensure that backups are recoverable and to know how long the business must attempt to operate without the data and server functionality being backed up
An often overlooked area of cybersecurity is website security. Hackers often attack websites with the most common web development platform, WordPress, being the most vulnerable to attack. Attackers can enter an organization’s website and steal backend data, shut down an ecommerce store, hijack a domain name or change a website’s content. In some cases, websites serve as an endpoint to an organization’s private data. Here are ways to protect WordPress and other websites from hackers:
- Use an alternative admin login page URL rather than the default URL
- Host an organization’s email and website separately
- Use dual factor authentication to access the website’s back end
- Do not list an organizations clients or list employees’ email addresses on the website
Calipso Business Development
Calipso is a full-stack development boutique that understands the connection between internet security and IT security. We work with our clients to create a cyber security plan that is affordable and effective in dealing with cyber security threats. Our first step is to work with our partners to conduct a thorough security assessment of all areas and make recommendations for remediation. Looking for an IT managed service provider to handle the day-to-day tasks of cybersecurity? We provide our clients with multiple supplier options and make recommendations based on capabilities and budget. Contact us today to discuss how we can help keep your company safe from cyber attacks on (202) 681-9263 or via our contact form.