SoftwareOne logo

7.1 min to readDigital Workplace

Do you know these types of internet security threats?

Ravi Bindra
Ravi BindraCISO
A woman's finger is pointing at a colorful screen.

Did you know that the average global business experiences an attempted cyber attack once a month?

Although many attacks are thwarted by security teams, hackers and other malicious actors are ever-present and waiting for vulnerabilities within your network. And all kinds of businesses – ranging from small businesses to large enterprises – are at least somewhat susceptible to various internet security threats.

Take the University of California San Francisco (UCSF) for example. Despite investing heavily in data protection, they didn’t apply every measure across their entire network – which left their School of Medicine data vulnerable to a sizeable ransomware attack. Since they had no data backups or similar protection measures for that data, they were forced to pay $1.14 million in Bitcoin (116.4 Bitcoin at the time of the attack).

However, there were ways that the attack on UCSF could have been avoided. By taking cyber security education seriously, and investing in state-of-the-art technology, it’s possible to protect against many devastating security threats. Let’s take a closer look at how to protect your organization.

Important ways to protect against cyber attacks

Organizations need to employ a range of security tactics and solutions in order to prevent cyber security threats. Here are a few important processes and technologies that businesses should deploy and optimize to protect against a wide range of threats.

Employee training – Employee awareness should be your first line of defense against online security threats. Training your employees to be aware of common threats will help your business avoid them entirely.

Strong password policies – A surprising amount of hackers gain access to sensitive data by employing programs that generate combinations of letters, numbers, and symbols until they determine what your password is – for simple passwords, it can be a matter of minutes. A strong password policy can prevent this.

Access control – Cyber security teams should only give certain users access to certain parts of the network – for example, HR should need special approval to look through the company’s financial records. This will lower how much data can be accessed during a single breach.

Firewalls – A firewall provides a barrier that prevents the spread of malware and other unwanted communication between devices. It flags or blocks suspicious content by filtering all network communications that try to enter your device.

Endpoint detection & response (EDR) – Security software often refers to anti-malware solutions enhanced with machine learning algorithms that detect and remove malicious code. It could be a broad solution that covers many different types of malware and ransomware, or it may focus on detecting and removing spyware, viruses, botnets, and similar threats.

Monitoring – Monitoring solutions help your IT team stay aware of when strange or dangerous activity is taking place on your network. For example, if an employee is based in country A and then appears to be working from country B, something suspicious may be afoot.

Data backup – In the unfortunate case that everything goes wrong, you can be saved by regular backups. Malicious actors often lock away or delete data – with consistent data backups, you can quickly go back to business as usual with minimal data loss.

While there are other security measures and tools available for organizations, this list outlines the most common ways for cyber security professionals to resolve threats. Let’s go over how these solutions can be used in practice to confront common security threats.

Malware

Malware is a catch-all term for any kind of malicious software that can damage your computer or network. It includes viruses, worms, trojans, rootkits, and more. Since there are many types of malware, there are a lot of potential ways to confront it – and the best way to resolve a malware attack depends entirely on which type of malware is deployed on your machine.

Generally speaking, employee cyber security awareness is one way to prevent malware from ending up on company devices. When education fails, firewalls and anti-malware solutions are the next line of defense for preventing, detecting, and destroying malware. Businesses may also use network monitoring to look for signs of malware and use backups if the malware is too complex or entrenched for an anti-malware suite to remove.

Ransomware

Ransomware can enter your network using a few different avenues – it often begins with a single successful phishing attempt, although various forms of social engineering may also be employed to gain access to a high-value device. Once the attacker is in, they will find where important data is located, encrypt it, and send a message to leadership demanding that they pay for their data to be decrypted. If you don’t pay, they’ll delete it – or worse, make your most sensitive data public.

You can prevent ransomware attacks in a few different ways. The first line of defense is employee cyber security awareness. Your second line of defense is an anti-malware solution that will prevent malicious email attachments from successfully infecting your devices. If the ransomware attack succeeds despite these measures, backing up your data preemptively will make deleting it an empty threat.

Spyware

Spyware isn’t a destructive piece of malware all on its own – its primary purpose is to collect information from your company by monitoring pages visited or tracking keystrokes, for example. Users often do not know they are infected with spyware since it doesn’t present many clear signals of its presence and doesn’t pose an immediate threat. Businesses often don’t know there’s spyware on their device until that information is leveraged for nefarious purposes.

To prevent spyware from taking hold, make sure all your devices are up to date to ensure any vulnerabilities have been patched. Further, employees should be discouraged from downloading free software and receive education about how malicious email attachments can execute spyware. If spyware does manage to take hold despite these measures, a dedicated anti-spyware solution or an advanced anti-malware solution can often detect and destroy it.

Worms

Worms are often confused with viruses, but they are not the same. Unlike viruses, they infiltrate devices without tricking employees into downloading them and can freely spread from device to device via your company network, sending an identical copy of itself to multiple connected computers.

Since they replicate without the interference of another employee, they can be difficult to remove without a dedicated effort that disconnects computers from the network. It’s easier to prevent worms with tight firewall measures and by preventing employees from downloading documents that contain them.

Botnets

Botnets are like a zombie apocalypse for computers. These infections often begin through a trojan horse virus that’s sent through an email attachment, a malicious popup, or downloadable software. Botnets are often used for distributed denial of service (DDoS) attacks, but can also be used to send spam, access networks, access devices, modify data, infect other computers, and commit similar types of fraud.

Botnets are very difficult to detect - they use small amounts of computing power, can update from within your machine, and many automated anti-malware solutions aren’t able to keep pace with the most ambitious botnet masters. For these reasons, they are also difficult to eliminate.

A feasible method to eliminate them is to monitor network traffic and look out for any strange activity, especially by multiple devices at once. They can then be manually removed from infected devices or targeted by specialty software. However, your best option is to avoid them entirely by updating devices and operating systems regularly, exercising caution with downloads and email attachments, and not visiting suspicious websites.

CEO Scams

CEO fraud is a scam where cyber criminals spoof the email accounts of high-ranking individuals in your organization and try to trick an employee into taking a certain course of action. They may ask an accountant to authorize a wire transfer, ask HR to send confidential company information or even strong-arm an employee into buying gift cards using a company credit card. This may seem like a niche issue, but the FBI estimates that CEO fraud is a $26 billion scam.

To prevent it, educate your employees about phishing and whaling CEO scams. Then, put preventive policies in place. For example, the CEO should agree to video call or otherwise prove their identity to an employee when they need money or information. Otherwise, the employee should be encouraged not to send information.

Don’t be caught unaware by ransomware

In the time it took you to read this post, about 38 ransomware attempts occurred worldwide. See how a ransomware attack can affect your business and how they work in practice:

Software one logo in front of a red light.

Final thoughts

It is, in fact, very common for businesses to be targeted by cyberattacks – so businesses should do everything they can to prevent, detect, and/or eliminate threats before they become a full-scale attack. The best way to stay ahead of business risks and threats is to train all of your staff in cybersecurity awareness, leverage software that can detect or eliminate threats, and implement backup solutions for your most important data. By taking these steps, your organization will be able to deflect the majority of cybersecurity threats.

blue digital waves

Digital Workplace Security

SoftwareOne Digital Workplace Security Services add security without contributing to your staffing overhead. We operate a dedicated security operations center (SOC) that tracks data vulnerabilities globally to prevent losses due to break-ins or employee errors.

Digital Workplace Security

SoftwareOne Digital Workplace Security Services add security without contributing to your staffing overhead. We operate a dedicated security operations center (SOC) that tracks data vulnerabilities globally to prevent losses due to break-ins or employee errors.

Author

Ravi Bindra

Ravi Bindra
CISO

Ravi holds over 20 years’ experience as a cyber security evangelist, holding multiple leadership roles in the Swiss pharmaceutical industry, such as Global Head of Risk Management, Global Head of Architecture and Global Head of Security Operations.