AS we have seen from the recent ransomware attack on the HSE, cyber-attacks have become increasingly common across industries, throughout the world. However, if you do a quick Google search, you will see this is not an isolated incident. It’s also not just global corporate giants that fall victim to these types of attacks. Studies have shown that almost half of cyber-attacks target small businesses and 91% of all cyber-attacks start with a fraudulent or phishing email.
As businesses of all sizes continue to operate remotely or using a hybrid model, there is an increased chance of your business falling victim to a cyber-attack. These types of breaches can lead to data being stolen or encrypted, funds being misappropriated and disabled computers leaving employees unable to work. After seeing the disruptive long-term effects of cyber-attacks such as the one on the HSE, it is understandable that SMEs would have concerns about how to manage their digital security. From identification to prevention, here are some ways you can defend your organisation against a similar attack.
Identifying the threat Early warning signs are crucial when it comes to cyber-attacks. Many of these attacks start with suspicious emails presenting in inboxes. Some emails may contain a link that when clicked allow for the hackers to gain access to the entire system. Once they have entered, hackers may look to contact clients, suppliers, or internal teams to seek confidential information. If employees or clients begin receiving requests for unauthorised payments or information they would not usually be involved with, this could indicate a hacker has gained access to the system.
It is not just through emails where signs of a cyber-attack may be identified. Before, during, or after a cyber-attack other issue may arise such as:
User accounts locking frequently. This may indicate that hackers are trying to brute force a login to the system. Unusual activity on admin accounts such as logins at odd hours may also be an indicator that a company’s system has been infiltrated.
Experiencing increasingly slow network or internet connectivity may indicate that data is being copied to an external location. If this is coupled with anti-virus warnings it would be a key indicator that your business is currently experiencing a cyber-attack.
How to protect your systems While you might know how to identify potential signs of cyber-attacks it still leaves the question as to what steps you can take to protect your business. Prevention is the best form of defence when it comes to cyber-attacks.
Firstly, make sure your staff know to never provide details for any unauthorised payments or password requests. If you are unsure, contact the sender directly to see if this email has come directly from them. If you begin noticing unusual logins, make note of the times. If you are suspicious of the ongoing activity within your system, contact your IT provider immediately for assistance.
Key protective measures:
1. Educate all your employees e.g. holding phishing simulation training 2. Carry out a cybersecurity review on your IT systems to identify any potential areas of concern where hackers may gain access 3. Invest in traditional malware protection products and consider investing in behavioral-based malware protection to protect against “Zero Day” attacks 4. Ensure you have a robust backup and Disaster Recovery plan in place and that it is regularly tested 5. Make sure your IT systems are locked down, patched, and managed securely 6. Go through a Cyber Essentials Certification and get your business certified While it can be difficult to protect against these types of attacks, it is possible to educate your staff so they are aware of what to do and what not to do, and to ensure your systems are configured correctly and as protected as possible. By doing so, your business should mitigate the worst of the effects if your system is compromised.
Contact firstname.lastname@example.org for more on how to mitigate cybersecurity risks.