Protect Your Business from Cybercrime: An Up-to-Date Guide to the Latest Threats
Guest article by Phoebe Griffits at Kis Finance.
How Can SMEs Protect Themselves from Cybercrime?
The internet is now one of, if not the, main outlets for businesses all over the world. It offers a wealth of opportunities, and for many it is a crucial part to the everyday running of the business. However, with this comes a large element of risk as criminals are also using it as a gateway to accessing businesses information and stealing money.
A Government report indicated that last year 45% of small businesses suffered from cyber attacks and breaches of some kind over the course of 2017. So, it is more important than ever for you to know how to protect your business from becoming a target in the future.
It is also important to remember that businesses of any size can be a target. Sometimes the way the media covers high-profile cases of large organisations and government institutions being targeted can give the false impression that these are the only ones at risk.
Some of the Most Common Cyber Threats to Businesses:
Having your company computers attacked by malware and viruses could be very harmful to your business if you’re not protected.
These are some examples of malware that would be most damaging to your business:
Viruses: A kind of self-replicating software that will eventually slow down and cripple your computer systems which will inevitably destroy or alter data held on them.
Spyware: This is one of the most dangerous ones. This software will spy on the user’s activity which will capture the information if they enter any of the business’ passwords, account information or any other private information. A ‘keylogger’ records what is types and sends it back to the criminal.
Ransomware: Ransomware is slowly becoming one of the biggest and most notorious types of malware. Ransomware locks down your computers so they are completely unusable. Then, the criminals demand that a fee is paid (in cash and more recently in Bitcoin) in order for the computers to be released.
How to Protect your Business from Malware
• Secure your Network
It has been said many times before, but firewalls and anti-malware software are the first line of defence against cyberattacks. Your business will be connected to the internet through many different sources so your firewall will need to monitor all of these connections. Also, a single installation of an antivirus software is not enough, you should invest in multiple layers of security including; antivirus, anti-malware and anti-ransomware.
• Encrypt your Data
If a hacker still manages to break through your security software, the next level of protection is encrypting your data. Encryption will encode all of your data which will make it unreadable and completely useless to the hacker. This will be especially important if your business holds personal or sensitive data on customers.
• Keep Systems Up-to-Date
The more up-to-date computer systems are the safest when it comes to being attacked by cybercriminals because they are constantly being developed and being made more secure. Last year, the ransomware attack, named WannaCry, affected systems used in the NHS. 98% of these systems were still being run on the old version of Windows 7, those systems which had been updated more recently weren’t affected by the ransomware. So, by keeping your operating systems up-to-date, you will be at a bit more of an advantage if your business is ever targeted.
• Enforce Strong Passwords
This seems like an obvious one, but all too often employees are using weak passwords that are the same for various different accounts across the business. It is important to have strong passwords that have no link to anything in the business or yourself so they can’t be guessed easily. As additional security, passwords should be changed frequently (every 3 months maximum) and they should be different for every separate account and every employee.
• Train your Staff
Human error can be one of the biggest security threats. It is very important to train every member of staff on how to detect malware and what to do when it is detected.
• Back Up Files
If the worst still happens, backups (which should also be protected with software and encrypted) will help to bring your business back to where it was before the attack so you don’t have to start again from scratch. If you backup all of your files regularly, you should be able to get your business back up and running whilst only suffering minor losses.
Receiving phishing emails is inevitable no matter who you are and what barriers you have put into place to protect your business/employees from them. They are one of the biggest online threats with fraudsters sending out millions per day.
The only way you can be protected from them is simply by having the knowledge of how to identify them.
How to Identify a Phishing Email:
• Watch Out For the Display Name
When fraudsters send out phishing emails, they spoof the display name that will appear in your inbox to make it look like it has come from someone else. If your business is being specifically targeted, the fraudsters are clever and will research into your frequent clients and suppliers and can make the email look like it has come from one of them. But don’t be fooled, it is important to ignore the display name and look at the sender’s email address. This will usually be something completely made up, containing random numbers and characters.
• Check the Spelling, Grammar and Punctuation
Emails sent from legitimate sources, especially if it is a supplier or partner, will be professional and well put together without multiple spelling and grammar mistakes (you would assume so, at least). Admittedly, phishing emails are increasingly becoming more and more sophisticated, but most of these fraudsters are from overseas countries who don’t necessarily have good English. Read the email through thoroughly to check for these mistakes.
• Urgent/Threatening Language
Fraudsters will want you to act quickly, whether they are claiming to be a client and they need your business’ bank details to pay you for a product/service, or a supplier demanding that you settle an unpaid invoice. They may give you a tight deadline and claim that if you don’t act quickly, they will stop their ‘business’ with you.
• Lack of Contact Details
Any legitimate client/partner/colleague/supplier of your business would always leave contact information in case you need to get hold of them. Phishing emails won’t contain this sort of information.
A Distributed Denial of Service (DDoS) attack is an attempt by a hacker to disrupt traffic of a server, service or network by flooding the target with an enormous amount of internet traffic which will prevent normal traffic from being able to reach it. For this to be achieved, the attacker
will infect a network of online machines with malware which will turn each one into a ‘bot’. This network, known as a ‘botnet’ will be remotely controlled by the attacker.
Once this ‘botnet’ is in place, the attacker will direct each machine to the targeted IP address which will respond by sending multiple requests to the target to access its content. With a huge amount of machines doing this action at the same time, the targeted server or network will overflow capacity resulting in a denial-of-service to other normal traffic.
Whilst most of these attacks are mainly done to cause embarrassment or a loss of earnings, they can be and have been used to disguise more serious security breaches being done elsewhere.
Tips to Protect Your Business From a DDoS Attack
• Appointing a DDoS Protection Service
An affordable and effective method to mitigate the risks of a DDoS attack is by enlisting the help of a third-party protection service. They will be able to monitor your network and watch for excessive traffic which, if they find to be distinguishable to normal traffic, can be blocked by firewalls or other technical solutions.
• Set Traffic Thresholds
You are probably aware of the amount of traffic your website gets every day, every hour or every 10 minutes (depending how you measure it). Hopefully, you would have also recorded how various events or seasons affect your traffic too. Based on these numbers, you should set a threshold which will automatically send you alerts if it detects abnormal numbers of traffic.
• Make Sure you Have Extra Bandwidth
Having extra bandwidth won’t stop a DDoS attack, but it will buy you some time before you network’s resources are overwhelmed and crash. If you have other monitors in places which detect the attack, in this extra time you can stop the attack before your network suffers.
Internal Cybercrime Threats
A lot of businesses put most of their focus into protecting their business from external threats. But, some of the biggest security breaches have come from internal sources, such as; present or past employees, partners, contractors, suppliers and anyone else who has been given access to internal systems.
These may not always be malicious attacks, many breaches have come from mistakes, or a carelessness/ignorance towards security procedures. Some of the most common malicious attacks come from rogue or ex-employees.
What Data Could Be At Risk?
• Business bank account information, numbers and log-ins.
• Personal and sensitive data about clients/customers.
• Information about your business’ products and services.
• Trade secrets.
• Financial and personal information about staff.
• Future business plans.
Methods of Attack
• Social Engineering
This is when an employee is manipulated into giving up passwords or other confidential information that only they have access to.
• Data Sharing
Data sharing is when the attacker shares any data they have with a 3rd party or the public.
• Unauthorised Downloading
This when an unauthorised person downloads company data on to a personal USB drive, or another kind of strong medium.
• Physical Theft
When the attacker physically steals company equipment such as computers and mobile devices that hold company data.
How to Prevent your Business from Inside Threats
Insider threats can come from a lot of different people in a lot of different places so it can be difficult to protect your business from everything. However, there are some simple steps you can take to lessen the risk.
• Background Checks
This probably goes without saying, but the first line of defence when it comes to employees is performing a proper background check on them before you hire them. This doesn’t have to be anything complicated, but you should at least check them out online and have a look at their social media profiles. Doing that and calling their previous employer should give you all the information you need.
• Keep an Eye on Employee Behaviour
Be suspicious if there are any big changes in an employee’s behaviour. Have they suddenly paid off debts, going on a lot of holidays, or are they staying at work late or coming in at odd hours when no one else is around?
• Limit Employees with Privileges
The fewer employees you have with privileges to access data, the easier it will be to keep that data protected. There will be fewer employees with the ability to conduct malicious actions, fewer people that can make mistakes and fewer accounts that can be hacked. When each new account is created for an employee, it should be created with the least amount of privileges possible (levels of data which can be accessed). This can then be increased when necessary.
• Monitor Users’ Actions
It’s definitely worthwhile investing in a user action monitoring software which will record user sessions. This will allow you to go back and check any action performed so you can see exactly what happened, whether it was a malicious action or a mistake.
• Make Employees Aware of the Consequences
It is very important to minimise the risk of employee mistakes as well as purposeful actions. The best way to do this is by educating them on the consequences the business will face if something were to happen and how it would affect them in return. If they know you are hot on this and monitoring users, it is much less likely that they will try to attempt something.