It seems every week there is news of yet another business falling victim to a cyber-attack. You might find yourself asking “why would I need to know about cyber-attacks, my IT support handle that?”
Business leaders need to understand the severity, makeup and mitigation methods of cyber-attacks so you can ask your managed service provider if they are protecting your business from cyber threats.
Phishing is one of the most common cyber-security breach scenarios to take place. Phishing attacks come in the form of an email landing in the victim’s inbox, appearing to be from a genuine sender but sent by a hacker. These emails will attach a link, file, or attempt to get the victim to provide them sensitive information, such as card details, over email. There are technological and user-training mitigation methods to circumvent a phishing attack.
A cyber-aware IT support provider will be able to advise you on their options for phishing mitigation. These options can include:
Malware is an umbrella term for any kind of malicious software. Malware is used to gain unauthorised access to a system or the network the machine is on. Once the malware has an in it will provide a backdoor for the hackers to steal and or damage data on the network or machine.
It is common for malware to enter a business via email. Hackers sending malware can fire the malicious package to a whole directory of email addresses or they can target their messages to one address in a business.
Often a targeted attack is focused on a senior member of staff, CEO, Managing director etc. Another vector that hackers can exploit is personnel with access to sensitive data, think Finance staff, HR. Targeting personnel with a high level of privilege to sensitive information gives the malware the same level of access. Therefore it is very important to keep these harmful programs out.
Malware is one of the greatest threats to a business. Your business must be protected from malware. It might be easy to fall into compliancy believing your IT Service provider is on top of your malware defences. While it is common for MSPs to have an anti-virus offering it is important to understand what that is and if it is active on your network.
Ransomware is a type of malicious software that is designed to encapsulate the victim’s data behind a paywall. The files will be encrypted and will only be decrypted when the ransom is paid, though it is common for the files to be lost even after the ransom is paid.
The threat of ransomware is ever-growing. Many cyber-security experts estimate that a ransomware attack occurs every 11 seconds. Let's examine an example of ransomware and what can be done by a Managed Service Provider to mitigate and take precautions against the threat of ransomware.
https://youtu.be/PAryvhdQGwEWhat has happened in the video above is a textbook and regularly occurring event that can cripple if not destroy an SME. While governments and large police organisations work to disable the roots of such programs and their creators, steps must be taken by organisations to protect their businesses from these threats.
Working with a Managed Service Provider they should be able to provide you with an efficient, monitored backup solution for your business. This will protect your business in this situation with it having an up-to-date copy of all your business files you can circumvent the threat of encrypted files by having them copied to a secure location.
Not quite. The best course of action is to not need a backup solution. By implementing many of the solutions mentioned earlier in this blog such as security awareness training, SPF authentication, anti-virus and mail filtering you can prevent the ransomware from touching the network, to begin with.
This blog was written by our trusted partner, Concise Technologies. As well as helping you with your Cyber Essentials certification, Concise Technologies provide innovative and cost-effective IT and Telecoms network support and services across Cheshire and the North West.
Click to Open Code Editor