Cyber attacks have been on the rise, affecting companies all over the world. The Internet of Things (IoT) has connected more devices than ever to the Web, and the COVID-19 pandemic has caused a major shift towards remote working. Therefore, hackers and cyber criminals are finding it easier to find gaps in security – simply because more connections mean more opportunities
According to Varonis, the vast majority (95%) of breaches are the result of errors made by people within an organisation: phishing attacks cause losses of around $17,700 each minute; and a mere 5% of a business’s folders, on average, are protected as fully as they should be.
Myriad cyber crimes are committed daily. They include phishing/vishing/smishing, non-payment/non-delivery, extortion, personal data breach, identity theft, spoofing, misrepresentation, and confidence/romance fraud.
Out of all of these threats, phishing/vishing/smishing were the most pervasive in 2020, when a whopping 241,342 Americans were affected by these scams.
Since 2018, each year has seen an increase in the number of businesses that were victims of ransomware. And 2021 saw the highest percentage of companies suffering this type of attack.
While 55.1% of businesses were affected by ransomware in 2018, 68.5% became victims of this type of cyber crime in 2021.
Ransomware has become one of the biggest malware threats, affecting a variety of industries.
Government entities are at the top of the list of industries impacted by ransomware. When it comes to the number of publicised attacks worldwide in 2021, the public sector experienced 47 ransomware attacks. Education, healthcare, services, technology, manufacturing, retail, and finance were also affected.
There are various types of ransomware attacks, such as phishing emails, poor user practices, lack of cybersecurity training, weak passwords or bad access management, open RDP access, clickbait, malicious websites, and lost/stolen user credentials.
In 2020, a survey found that phishing emails were the most common type of ransomware attack (54%), followed by poor user practices/gullibility (27%) and lack of cybersecurity training (26%).
Scammers try to trick people by sending emails in which they impersonate well-known brands. These phishing emails appear legitimate but they are used to steal personal information.
Some businesses have been impersonated more than others. In 2020, Google and Amazon were the top two most impersonated brands, followed by WhatsApp, Facebook, and Microsoft.
2020 saw a rise in financial losses as a result of cyber crime. In addition to the usual threats, the COVID-19 pandemic gave scammers new opportunities to trick people into giving away their personal information or money.
In 2020 alone, Americans suffered $4.2 billion in losses as a result of internet crime. Compare that to the losses of 2019, which totaled $3.5 billion. And back in 2012, the amount was $525.4 million.
Coming up with a hard-to-crack password might be a bit annoying, but it is worth the effort. The simple act of adding uppercase letters, numbers, and symbols can make it harder for computers to crack a password and let hackers steal your data.
A password containing eight lowercase letters could be cracked instantly, and the same is true of a password containing six characters that include at least one uppercase letter plus a number and a symbol. The hardest type of password to crack would be one containing 12 characters with at least one uppercase letter and a number and a symbol—it would take a computer 34,000 years to figure it out.
| Lowercase letters only | At least one uppercase letter | At least one uppercase letter + number | At least one uppercase letter + number + symbol | |
|---|---|---|---|---|
| 1 | Instantly | Instantly | Not Applicable | Not Applicable |
| 2 | Instantly | Instantly | Instantly | Not Applicable |
| 3 | Instantly | Instantly | Instantly | Instantly |
| 4 | Instantly | Instantly | Instantly | Instantly |
| 5 | Instantly | Instantly | Instantly | Instantly |
| 6 | Instantly | Instantly | Instantly | Instantly |
| 7 | Instantly | Instantly | 1 min | 6 min |
| 8 | Instantly | 22 mins | 1 hr | 8 hrs |
| 9 | 2 mins | 19 hrs | 3 days | 3 wks |
| 10 | 1 hr | 1 mth | 7 mths | 5 yrs |
| 11 | 1 day | 5 yrs | 41 yrs | 400 yrs |
| 12 | 3 wks | 300 yrs | 2,000 yrs | 34,000 yrs |
Source: Security.org
Understanding the threat of cyber attacks, and being aware of how common they have become, can be unnerving to any business owner. But the good news is there are ways to combat these threats and reduce your odds of becoming a victim of cyber criminals.
By taking some preventive steps, you can work towards securing every department within your organisation, whilst helping to keep your remote workers’ data as secure as possible.
Backup and recovery are two different things, but they are equally important. Having a secure way to create copies and back up your data can help ensure you’ll be able to access it quickly and easily whenever necessary.
On the other hand, disaster recovery is the method you’ll use to restore your data in a way that minimises downtime and losses.
Show your staff how to create and maintain strong passwords, as well as how to identify cyber threats like phishing attacks.
Whether they are using your office computers or working remotely, this knowledge can help prevent data breaches.
Utilise a private Wi-Fi connection and firewall, along with security software to detect and eliminate threats.
Also, consider using a VPN for additional security, and keep all devices up-to-date.
Bottom line: there is a lot of work that needs to be done to protect a business from cyber attacks, but with the right strategy, exposure to cyber attacks can be drastically reduced.