Cyber crime is big business, and legitimate businesses face daily threats from these opportunists. These threats can be indiscriminate, in the case of mass emails attempting to spread malicious software to anyone who opens them, or carefully targeted and coordinated attacks against a specific business.
Criminal attacks are not going away, and these cyber-criminals only become more creative in their tactics. It’s therefore important to be aware of the most common threats and how to deal with them. The general threat categories businesses face on a regular basis, and the basic elements of data security your company should have in place to counteract them.
Malware is a broad category of software or apps which tend to install themselves furtively and then do something undesirable. For a business, the big risk is the malware secretly transfers your files or keystrokes to unknown parties. Malware can also be used to simply display intrusive advertisements, or to try to trick the user into purchasing “security” or “cleaning” software by messing with basic computer functions and displaying bogus alert.
Malware tends to slow down the computer or network once it takes hold. It very frequently adds all the computers it infects to a “botnet,” or a global network of similarly infected computers which are then used to commit denial-of-service (DDoS) attack.
Since there are many different types of malware, there is no one cure-all. Proactive protection includes training employees on security procedures in handling email attachments and web links, maintaining an active security firewall, and running regularly updated anti-malware software.
Ransomware has been one of the biggest threats to both business and personal data since 2013. This is a form of malware which encrypts every type of common file it can find on the system, such as documents and images. The criminal organizations spread it then contact with a ransom demand, asking for a fee (usually in the range of $500-1000) in return for the password to de-encrypt the files. Some of the biggest names in the
ransomware world include Cryptolocker, CryptoWall and Locky.
Once you are hit with ransomware, it is extremely difficult to recover; if you are caught unprepared it is honestly most likely best to just pay the ransom. The key to beating ransomware is in implementing a backup system which takes regular snapshots of the full system and sends them both to secure local storage and to the cloud.
Viruses, Worms And Trojans
As with ransomware, these can fall under the general heading of malware, but each have their own little quirks. For example, a virus is embedded in a legitimate computer program which is activated when opened. A worm will propagate throughout networks without having to attach itself to a specific program, and they are one of the most common tools employed in creating botnets. A trojan is a program posing as something legitimate, but once executed turns out to be malicious code.
Rogue IT professionals within an organization may take it upon themselves to install patchwork, unapproved solutions or unauthorized software to handle daily business. While these systems are not necessarily ill-intentioned, they may open your network up to attacks.
Preventing shadow IT requires regular accounting reviews of the network, improving communication between IT and the other departments, and maintaining an “open door” policy with regards to suggestions about regular network use and roadblocks regularly encountered by system users.
Our managed IT services encompass full data security as well as equipment, auditing, help desk and expense management services. Interested in learning more? Contact us and we’ll be happy to go over the ways in which we can help your business.