Cyber-attacks unfortunately becoming more and more common and not making cybersecurity a priority, or not taking it seriously enough, is a big mistake for any business. In many cases the very same network that houses AV data is where sensitive employee and customer data is stored. Ignoring the risks is no longer an option.
A robust approach to cybersecurity is necessary to keep all your data safe. With more and more decision-making around AV expenditures coming from the IT department, it is important to select an AV expert that understands and recognises security as paramount.
It’s not just IT departments who need to be concerned with security. Cybersecurity is a serious issue and all employees right throughout your organisation should adhere to company policies.
For the cybercriminal it’s all about getting their hands on that juicy data. So, what kind of data do you need to think about protecting??
- HR data
- Financial data
- Proprietary information (related to product development)
- Customer sensitive data like IP addresses, bank account information, or MAC addresses
- Employee personal information
The type data listed above is particularly vulnerable, and hackers will continue prodding and probing trying to find the weakest link in the data storage chain, so, you’ll need to tighten up any possible vulnerabilities in your networks.
What type of cyber-attacks should you be prepared for? Here’s the lowdown on the most common types of attack from 2018….
Phishing is something we hear about in the news more and more these days. It’s where cyber-criminals try to gain access to your data, by pretending to be a legitimate person making an inquiry from a known and trusted source, or by creating a fake website that looks like a real business.
It’s been around for quite a while now, and the methods hackers use have become more and more sophisticated and sneaky over the years.
Denial of Service
A denial-of-service (DoS) is a type of attack where the hackers attempt to stop legitimate users from gaining access to a website or service. DoS attacks were definitely on the rise in 2018. So, what exactly is a DoS attack???
In a DoS attack, the cyber-hackers send extremely high levels of messages asking for the network or server to authenticate requests that have an invalid return address. The network/server won’t be able to locate the return address of the attacker when sending the authentication approval, this causes the server to wait before closing its connection.
When the server closes the connection, the attacker sends more authentication messages with invalid return addresses. This will create a cycle that clogs the server and potentially crashes the it altogether – ultimately brining a website or service down.
When the attack does not result in outright theft, but rather a threat of releasing data or crashing services for money this is known as ransomware. The virus can gain access to systems via phishing or a direct visit to a website infected with the malware.
Very recently the Luas site was hacked with the hacker demanding a bitcoin in payment – if the money was paid they said they wouldn’t release customer data. Thousands of people viewed the message below placed on the Luas homepage by the hacker. These attacks can damage the good reputation of a business.In a lot of cases the root causes are the same and steps can be put in place to solve the problem:
- Poor passwords – Web Based Email Attacks.
- Missing Patches.
- Vulnerabilities – Out of Date Software.
- Out of Anti-Virus Software.
- Lack of Monitoring.
Security and AV
It is important to have a discussion with your AV provider around security and to highlight areas of concern. You should clarify the goals you have in mind for your AV systems, the potential implications for security, and how your AV devices will be managed going forward.
You’ll need to make sure that your AV systems are continuously updated and maintained, and security access is only granted to authorised users.
Be proactive and try to pinpoint any potential vulnerabilities and improve cybersecurity knowledge throughout your staff.
Many organisations have a lack of understanding and awareness into their own security and how safe their security systems actually are. Too often cybersecurity gets pushed back towards the IT department or network managers.
Companies need to imbed cybersecurity at the core of their business as a breach in security can be devastating.
Demonstrating good security practices shows your clients and customers that you are responsible and appreciate the importance and the sensitivity of the data that you are responsible for.