When was the last time you heard about a major hack or serious data breach? They happen all the time, and most companies are woefully unprepared to deal with them. What's more, many companies aren't even doing much to prevent data breaches. Remember a couple of years ago when Target was the subject of a data breach? That was the result of a contractor installing malware on printers.
Cybersecurity threats fall into two categories that often work in tandem: insiders and outsiders.
- 90% of espionage threats capture trade secrets
- 89% of all data breaches in 2015 were motivated by finance or espionage
What is an outsider cyberattack threat?
Outsider threats are those that come from outside of the organization. They can be from hacktivists, other countries, white hat hackers or even your competition.
Outsider threats include:
- Hackers at competitions trying to expose vulnerabilities for a prize or reward
- Foreign governments trying to gain access to a defense contractor to learn about the latest military technology in development
- Cybercriminals trying to access financial info for financial gain
What is an insider cyberattack threat?
Insider threats come from those within an organization, including contractors like the ones who compromised Target. They can be once-loyal employees who have hit hard times or a business partner who wants to take what they can and split.
Insider threats include:
- An employee selling information to the competition for financial gain
- A business partner being blackmailed by another organization
- A contractor giving information to your competition out of spite
Insiders and outsiders often work together
Whether an outsider wages a spear-phishing attack to compromise your organization or your competition sends someone in to pose as a new employee to gain access, there is often collaboration between individuals inside and outside of an organization.
This can include:
- Espionage: This is the practice of spying on a business to obtain confidential information about its operations. Espionage may include any of these acts, trespassing onto a competitor's property or accessing their files without permission, posing as an outside worker to learn company trade secrets and confidential information.
- CEO phishing attacks: CEO phishing attacks refers to a situation where cybercriminals impersonate the CEO. CEOs have access to sensitive information in a company. They may also have access to important company property, making them a target of cyberattacks. In this scam, someone impersonates the CEO, asking employees to transfer funds from accounts, send confidential human resource information or revealing sensitive information.
- Using malware carried in on a USB drive to compromise systems: Malware includes viruses, worms, trojans, hybrids, and spyware that steals, encrypts, alters or deletes company data.
- Password attacks: Cybercriminals will often try to crack users' passwords either by guessing commonly used passwords or through a dictionary attack. All employees must ensure that they have strong passwords as well as an account lockout policy, that locks out a user after a certain number of wrong attempts.
- IP spoofing: Another common tactic is when an attacker tries to convince a system that it is communicating with a trusted entity and, therefore, to provide access. The attacker provides an IP address known to the system as opposed to its actual IP address.
How can you prevent cyberattacks?
Training your employees in good security hygiene is the most important step you can take in securing your company's data, but that won't prevent all attacks. Companies should be vigilant about keeping up with the latest trends of cyberattacks so they are aware of where the threats are coming from. Basic security measures include:
- Strong passwords
- Segmented networks
- Encryption of sensitive data
Even if you don't think there is anything worth stealing from your organization, chances are you are still under attack. Hackers are opportunists, lying in wait for the perfect time to strike. Maybe you haven't released any info on that new development you will announce next spring, but hackers could already be monitoring your activity. An ounce of prevention is worth a pound of cure, as the old saying goes, so why not do a little security checkup anyway?
It's also important to have a plan in place in case of an attack. Do you have a way to reach customers if they are affected? Do you plan to fix the problem before making an announcement? Having these details hammered out beforehand can simplify your response in a crisis.
You must ensure your organization has policies and training in place to prevent data breaches before hackers get through. This includes:
- Training employees on security hygiene
- Having a BYOD (bring your own device) policy
- Segment your Wi-Fi network so employees who want to use it for their devices can do so without compromising the rest of the network
- Use multilevel access authorizations, only allowing those who need it access to the most sensitive information in your organization
- Monitor your network for anything out of the ordinary
- Use encryption to protect the most sensitive data
Information security begins at (your) home (network)
Rather than just installing antivirus software, crossing your fingers, and hoping for the best, take a more proactive approach to securing your company's data. You may not think there's a threat, but already someone is trying to get in.