Do you know how serious is not being prepared to face cyberattacks and the damage that it can cause to a business? Yes, cybersecurity risks are even more dangerous and we cannot close our eyes to it anymore.
Currently, cybersecurity incidents affect businesses of every size and are frequently spread in the media, causing not only financial loss but also discrediting the image of the companies involved.
Knowing the security challenges imposed on us, we will introduce the most common cybersecurity risks your business needs to prevent and what to do to avoid such attacks.
Which cybersecurity risks are most common?
In a simple way, cybersecurity risks are criminal attempts of damaging, stealing or destroying data. Compromising websites, servers or interrupting a whole technology system infrastructure.
Attackers aim to take advantage of vulnerabilities in systems and one of the most common ways to do that is to install a software to change the original data from a computer or server. As a consequence, information is stolen and accesses are excluded.
And yes, cybersecurity threats are likely to affect companies in any segment and of any size. Therefore, it is necessary to be prepared for every type of attack that may happen, from the most simple to the most sophisticated ones.
If you have already seen an antivirus alert popping up on your screen or if you have clicked on a file attached to a suspicious email, you may have already had a Malware problem.
Hackers use Malwares to hack personal and business computers as it is, generally, a really effective way to achieve their criminal intention.
The word Malware represents many types of harmful files, once they get into your computer, they can cause many issues, such as:
- Take control over your computer.
- Monitor your steps and the keys typed.
- Silently send every confidential data from your computer or LAN to the intruder’s database.
Intruders use a variety of methods to install a Malware in your computer. However, it requires the user to execute a certain action to complete its installation.
That action can be done by clicking on a link to download a file or opening an attached file that seems harmless, a Word or a PDF file, for instance. In fact, behind those files, there is a hidden Malware executable program.
When an intruder wants you to install Malware or provide confidential information, they usually adopt Phishing tactics. They pretend to be someone else and lead you to execute an action that you normally would not execute.
In a Phishing attack, an intruder can send you an email as if they were someone reliable, such as your boss or a company you do business with.
The email will seem legitimate and require urgency. Some examples are emails saying: “A fraudulent activity has been detected in your account”. In the email, there will be an attached file or a link to be clicked. As soon as you open the malicious attachment, Malware will be installed in your computer.
Phishing attacks may be difficult to interrupt or notice immediately, as they are related to human curiosity and impulses.
Usually, by clicking the link, it may redirect you to a reliable looking website which requires your login to access an important file. Actually, that page is used as a trap to collect your credentials when you try to login.
To avoid Phishing attempts, it is essential to comprehend that, besides attachments and links, checking the sender is also important.
Ransomware is a form of Malware which encrypts data from a technological system after they are infected. The greatest issue is that it demands the payment of a ransom in order to obtain a code and decrypt the system. An anonymous address and virtual currency, such as Bitcoin, are commonly used for the transaction.
Most of the cybersecurity attacks in the latest years have been Ransomware attacks. WannaCry was one of the most famous cases, a Ransomware from 2017 that paralyzed important public organizations around the world, mainly in Europe.
4) Reusing Credentials
Currently, users commonly possess a wide variety of logins and passwords that it is tempting to reuse their access credentials.
In this way, although the best security guidelines recommend you to have exclusive passwords to each app or website, many people still reuse their passwords.
As a matter of fact, intruders love it. Once they collect usernames and passwords through a breach from a website or service, they know that using these same credentials on other websites they will likely be able to login.
It means that no matter how tempting it is to reuse your email, bank account, and favorite social network credentials, at some point they may be hacked. Consequently, providing easy access to your email and bank account.
Being aware of the problem and mitigating its risk will drastically improve your security level.
5) Password attack
A password attack, as the name suggests, happens when an intruder tries to guess or break a user’s password.
There are many different techniques for that, the brute force of trial and error is included in some of them.
The most common ones are related to: Password Spraying, in which many login attempts in various websites are made, and the Keylogger Attack, in which the keys typed by users are detected in an attempt to identify their passwords. Not to mention that intruders will frequently try Phishing techniques to collect a password from a user.
4 cases of companies that suffered cyberattacks
Now that you know the main risks out there, check some examples from companies that fell victim to cyberattacks and had to deal with major losses.
We have separated 4 cases in which different types of attack were implemented, causing serious problems for different companies and organizations.
Grupo Fleury in 2021
Did you know that reported cyberattacks against Brazilian companies have increased 220% in the first semester of 2021 in comparison with the same period in 2020?
Data based on the study: Estudo com informações sobre Ataques Cibernéticos ocorridos no 1S21 (First semester of 2021), by the grupo Mz.
This research was made through data collect by the searching tool on the CVM website. (Securities Commission, an agency ruled by the Treasury Department.)
Besides electric utility companies, which suffered the most from the attacks, the health sector was the second most affected, with 5 reports. All of them were made by the Grupo Fleury, a Medical Laboratory company.
According to the press notes, the systems were down after attempts of external attack. In June of 2021, there was a notice on the company’s website about the system’s unavailability.
CMA CGM, the fourth biggest container transportation company in the world.
A recent example of Malware attack happened in September of 2020 with the CMA CGM, the fourth biggest container transportation company in the world.
The company suffered a cyberattack directly into its servers, causing a data breach.
That occurred when Malware was used to attack the peripheral system of the company. The business website remained unavailable for at least 2 days and the clients were redirected to alternative channels from the company.
Ransomware in Brazilian Public Organizations
In the beginning of May, 2017, 70 countries reported attacks from WannaCry. In Brazil, the Brazilian Government Agency for Law Enforcement, TJSP (Justice Court of São Paulo State), INSS (Brazilian Social Security Institute) and many others have suffered from this attack.
It was a typical Ransomware attack: they encrypted files from the machines and after, asked sums of money to decrypt them.
At that time, the attack was made in vulnerable computers which operated with Windows Server 2003 lacking the latest update package.
The most devastating cyberattack in history
The cyberattack named NotPetya, which also happened in 2017, is known as one of the most devastating attacks around the world.
When compared to WannaCry, there is a clear difference. While WannaCry encrypted access to files, NotPetya completely blocked the access to the computer. The machine infected by this virus immediately lost access to the Windows operating system.
While WannaCry made public organizations lose access to files containing the population’s data, for example, NotPetya was able to block access to the operating system and completely prevent the victim from using the computer.
It seems that Russian hackers used hacked servers from the Linkos Group, a Ukrainian accountability company, to send this attack code. However, it crossed Ukrainian borders and also affected great global organizations.
- A.P. Møller-Maersk, the biggest maritime transport company in the world.
- Merck, North-American pharmaceutical company.
- TNT Express, European subsidiary of FedEx.
- Saint-Gobain, French construction company.
- Mondelez, food company.
- Reckitt Benckiser, consumer goods company.
In each of these cases, thousands of computer data has been erased, resulting in a loss of millions of dollars due to compromised business or investment in cybersecurity.
In total, the White House estimated the cost due to NotPetya at 10 billion dollars.
How to make sure your server is safe?
It is of utmost importance that companies take all the necessary measures to keep their servers, data, systems, and users safe from the threat of cyberattacks.
This means, for example, keeping softwares up to date using safe procedures such as cryptography and authentication.
Therefore, it is necessary to follow good updating and safety policies to know whether your server is safe or not.
Besides that, there are simple recommendations that might help in avoiding cyber risks, for instance:
- Do not open attached files or click on email from unknown senders. If you do so, inform the IT department immediately as they can make sure any Malware was not activated and spread.
- Avoid sharing usernames, passwords, birth date, financial data or other confidential information through email or phone calls.
- Create strong passwords for any authentication and do not use the same passwords for many accounts.
These are only basic steps. To have a complete and reliable structure against such attacks, you have to make use of specific solutions.
How to prevent a hacker attack?
As we have seen, the best way to protect your company from different cyber risks is to invest in security practices and understand the advantages of cybersecurity.
From small practices like installing and scanning your systems using reliable antivirus software, backing up company data and setting stronger passwords, to big changes like moving to the cloud and having a security service provider, there are plenty of options for which companies can choose.
Here we will detail the main ways to prevent your business.
External attack surface management
The EASM (External attack surface management), is an emergent category in cybersecurity.
It allows organizations to identify risks and vulnerabilities coming from internet-facing assets and your own system.
Gartner, the global leader in research and consulting, has developed this report: Critical Insights for External Attack Surface Management.
According to this report:
“EASM should be part of a broader vulnerability and threat management effort aimed at discovering and managing internal- and external-facing assets and their potential vulnerabilities.”
Source: Emerging Technologies: Critical Insights for External Attack Surface Management – Published 19 March 2021 – By Analyst(s): Ruggero Contu, Elizabeth Kim, Mark Wah.
Educate your team about the personal data breach protocol
Your employees must be aware of the policies related to data breach in your company.
Consider restricting data access according to their position. You must also offer constant training to employees about how to prepare for a data breach or better, avoid one.
Taking the right precautions and measures, your company will be better prepared for a successful recovery. In case anything happens, adopt safety verifications more regularly in order to reduce the probability of a future incident to happen.
Migrate to cloud
Currently, companies need defense architecture in many layers that are able to not only detect and avoid cyberattacks as soon as possible, but also scale to avoid large-scale threats. And that is exactly what cloud safety solutions offer.
In cloud technology, data is stored in remote servers, managed by your cloud solutions provider.
To know how to take this important step and keep cybersecurity risks away from your operations, check right now the solutions Sky.One has to offer. All of them are going to help your company to migrate and ensure the highest level of security.