As discussed in Part 1, cybercriminals never stop seeking new methods to steal. It’s wise for organizations to constantly improve defenses against their attacks. Part 2 will cover Phishing & Social Engineering Attacks and Ransomware.
Phishing & Social Engineering Attacks
A form of cyber attack using social engineering, phishing is carried out by using fraudulent websites, texts, and emails. The objective is to fool a target into divulging sensitive data, including credit card information, login credentials, and online account passwords.
Research found approximately one of every 100 emails received by employees is a phishing email. Unfortunately, 30% of phishing emails will pass through security measures. It is no surprise cybercriminals rely on phishing because it is easy, fast, effective, and inexpensive.
Limiting an employee’s access to only the IT resources needed for their job will help contain damage from compromised credentials. Moreover, anti-phishing solutions able to detect fake emails containing links to fraudulent websites or requests for sensitive information should be installed. Perhaps the best prevention measure is training employees on how to recognize phishing and social engineering attacks.
Ransomware attacks against businesses rose dramatically from 2.8 million events in Q1 2018 to 9.5 million in Q1 2019, a worrying rise of almost 240%. Enterprises are increasingly being targeted more than consumers because they are typically more capable of paying ransoms and have the added incentive to recover access to sensitive data.
A ransomware attack results from a cybercriminal infiltrating a computer or network with malware designed to encrypt all available data. The victim who has been infected is then given a brutal ultimatum: pay the ransom demanded or suffer the complete loss of their data.
Preventing ransomware requires an organization to set up security around their system with strong firewalls, which will stop the upload of malware. Each employee’s computer should also feature an antivirus program that scans emails for attached ransomware. As a contingency, a backup/disaster recovery plan should also be implemented to protect crucial business data and ensure business continuity.
Alpha Engineering Business Support
Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990. For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at (410) 295-9500.