Cybersecurity is an increasing concern for organizations and consumers alike. In April of 2020, FBI cybersecurity reported seeing a 300-400% increase in cyberthreat complaints per day* and many are citing the COVID-19 pandemic (and subsequent work from home policies) as a contributing factor to massive increases in cyberattacks**. The most common cyberattacks involve cybercriminals who obtain usernames and passwords to gain access to your network or who secretly infiltrate individual computers or whole networks to install malicious software (malware) to steal or corrupt data.
While Cybersecurity is not Prominent’s area of expertise, we wanted to put some basic information out there to give you easy steps to take and inspire you to take those steps.
Most Common Cyberattacks and Best Practices for Prevention
Malicious Emails / Phishing
The majority of cyberattacks begin with emails. Some are sent by cybercriminals with malware programs attached. These emails may be an attempt at phishing (or, more specifically, “spear phishing”). In spear phishing attacks, cybercriminals send emails to targeted individuals, but make the email appear as if it is coming from someone they know. These emails then direct the receiver to a website that requires the receiver to enter their credentials to continue. Once the credentials have been entered, the cybercriminals may be able to access your information on legitimate websites, your network, or your email account.
Preventing a person from unknowingly sharing their account information with cybercriminals requires training users to be able to identify malicious emails. Malicious emails can be identified by looking for:
- Misspelled sender name, company, or domain (e.g. gmail.biz instead of gmail.com)
- Links in the email that are very complicated or contain a lot of special characters
- Content you are not expecting or is not too good to be true
Never open attachments you were not expecting or that are attached to a suspicious email.
Malware Threats
The goal of cybercriminals is often to install software on your computer or network that can steal or damage your sensitive information. They can accomplish this in many ways, but it often begins with tricking a user into installing malware that compromises secure systems. Protect any computer you use, at home or at work, with malware detection/prevention programs. Then, always scan email attachments, even from people you know, with these programs before opening them.
It is also important to use strong passwords for all systems and software which contain sensitive information. Strong passwords are typically longer and involve letters, numbers and symbols, or can be entire phrases that are easy for you to remember but very difficult for intruders to crack. Because they are harder to guess, they prevent or slow down cyberattacks. Password generators and password managers can also be helpful for creating strong passwords, remembering them, and knowing where to apply them. Use KeePass, LastPass or another password manager to create and store complex passwords. Passwords should also expire routinely to force users to keep them new and fresh.
Two-factor authentication (2FA) is another powerful preventative measure against cyberthreats. 2FA requires users to engage a second (typically hardware) device – such as your smartphone or a key fob – to gain access to sensitive resources, in addition to a username and password. For example, Google was able to completely eliminate account takeover from phishing attempts by requiring all users to use a Yubikey. Without this physical key, cybercriminals cannot log into Google systems, completely preventing unwanted impersonation. Since that time, Google has produced with their own device called a Titan Key.
Worms and Ransomware
Software worms are designed to infect files and multiply themselves in a computer network. Ransomware – and its latest incarnation, the cryptoworm – is malware that blocks access to your systems or data, allowing cybercriminals to demand payment to remove that block.
In addition to precautions already discussed, it is important to create frequent backups and to store them offline to protect against these threats. If your computer or internal network has direct access to the backup files and your computer becomes infected, these backups could be altered or destroyed. Leverage systems like S3 Glacier to store detached backups, but make sure there are no mounted connections to these files within your primary network.
Finally, if you don't already have a cybersecurity insurance policy in place, it may be worth your time to look into what these policies offer and if one could be right for you. Generally, cyber liability policies provide coverage in the event of a network security failure leading to privacy violations, cyber extortion (by ransomware), or other forms of data breach. Policies may also include compensation for business interruption. There are many different kinds of policies, so make sure you research your options carefully and speak to a professional before investing in one.
Summary
No doubt, these cyberthreats will continue to mount as our world shrinks and becomes more connected. Do not assume these threats are only for others. Although it may take some time, it’s worth the effort to investigate which solutions may be right for you and your business. Small investments in devices like Yubikeys, stronger password policies, and enterprise-wide installations of malware defense software can pay enormous dividends in protecting your home and your company in the digital age.