Published on November 29th, 2016 | by Kandace H0
Top Cyber Security Risks Every Business Should Watch Out For
Today, cybercrime is a huge threat to businesses. Unfortunately, it doesn’t seem to be slowing down any time soon. There are all types of threats to look out for, including brand new types of malware. When your company computers or information are attacked, it can be scary, overwhelming and beyond frustrating. Here are five types of cyber security risks to protect yourself against sooner rather than later.
As more and more people own mobile devices, the possibility of mobile-related threats is growing. The more a person relies on their mobile device, the more susceptible it is to an attack. Hackers use app vulnerabilities to access your data. Or, they clone mobile apps to do the same thing. Either way, hackers can then gain access to your personal data or figure out your online behaviors.
An example of this is when NowSecure found a vulnerability with the Galaxy phone by Samsung in 2015. The Galaxy’s software for the predictive text function could be hacked into via WiFi as well as cell networks. This allowed hackers to spy on anyone using this type of phone. When NowSecure discovered this, Samsung ran an update to fix the vulnerability.
Just about everyone on the planet, including business owners and employees, have two or more connected devices, according to CNBC. These connected devices give hackers a unique playground – they have more surface area to attack for any one person or company. It’s common for people to forget about the importance of security on their secondary devices. For example, they may prioritize security on the company laptop, but completely forget about it on their smartphone, even though the two devices might be connected. The fact that a lot of devices are also synced to the cloud just make them even more susceptible to attacks.
Malware is what’s responsible for stealing important business information, like login information, including passwords. Often, malware is accidentally installed by employees who don’t even realize they’re doing it. This type of data breach can cost your company a lot of money.
An example of a malware attack is when MetStar was attacked in spring of 2016. The nonprofit, which ran several hospitals in Washington and Baltimore, had to pay over $18,000 for the decryption key to gain back control of their data. Thankfully, MetStar’s IT department found the malware and kept it from spreading. This is why it’s so important to have a reliable company like Bedrock IT supplying cyber security services for your company.
Blastware and Ghostware
Modern hackers are using ghostware to keep law enforcement off their trail. As law enforcement improves its forensics, hackers are seemingly one step ahead, creating ghostware that prevents them from being found. This ghostware does what basic malware does – penetrates networks and steals information – with an extra layer: it covers its tracks so that it can’t be found or prevented in the future. Another type of modern malware is blastware, which steals information and then destroys the system when someone detects it. It’s a hugely damaging type of attack because it steals information and also ruins a company’s digital infrastructure.
Open Source Software
Businesses often use open source software, but this software is very public, meaning that hackers know exactly what its vulnerabilities are. Hackers are then able to use commands that will get past firewalls or login information. It’s very important for companies to regularly update their open source software in order to prevent against these types of attacks. Hackers have even more of a possibility of getting into your software when it hasn’t been updated because out-of-date libraries are easy to attack.
If a single business has their data stolen, it’s difficult for the business but the information taken isn’t of very high value. When data is stolen from several businesses, though, it becomes a much bigger problem. In the spring of 2014, P.F. Chang’s dealt with a serious stolen data aggregation attack when customer payment information from several restaurant locations was stolen over the course of two months.
Hackers are finding ways to attack cloud software and malware is being created with the specific intent of breaking into cloud-based infrastructure. This also means that any apps that are connected to a cloud that’s been attacked will provide an additional route for hackers into your information. Hackers can use compromised applications to access your company’s network.
Businesses should have procedures in place to help counter cyber-attacks and better protect themselves. One place to start would be to have an in-house IT team, or if you aren’t ready for that scale, contracting with IT service companies to analyze your current level of protection. This is a great way to identify any holes in your security and get solution advice from experts. Having an in-house IT team would also be great for future emergency situations that may arise.
It is also important to make sure you company has sufficient password security and all employees are trained on company cyber security procedures. This will help ensure that sensitive information is kept confidential and employees have a better knowledge cyber security.
Cyber security isn’t something that only big companies have to be wary of. Small and medium-sized companies also need to protect themselves by having help similar to the IT support in Ottawa. Unfortunately, it’s often those small companies that have weak security. When those small businesses work with big corporations, there’s an even greater risk of being attacked.