Items To Watch For in The Cybersecurity Space
Key Points:
- Cybercriminals remain in the tech loop, with elevated and increased attacks for April.
- In France, the French Hospital Group confirmed that it suffered a severe malware attack, which forced it to disconnect all of its facilities from the internet.
- Such an incident emphasizes why businesses should implement and update their cybersecurity measures to prevent attackers from accessing their sensitive information.
In April 2022, ransomware came on with a vengeance — targeting medium and small businesses. The most worrisome observation was how critical infrastructure and supply chain vulnerability were targeted and exploited by attackers more than ever.
The most alarming incidence was the French Hospital Group malware attack.
The Core of French Hospital Group Attack in Northern France
The French Hospital Group has over 6,000 employees in multiple locations. A group of attackers targeted it with ransomware and stole 26 gigabytes of sensitive information.
The attackers executed repeat attacks — exfiltrating data — which left the hospital desperate and disconnected all their facilities from the internet. The incident emphasizes why your business should implement and update cybersecurity measures to keep hackers away from your business.
Vishing Possibility — A Cyber Menace That Many Businesses Overlook
During an attack like the one in the French hospital, many people conclude that the root course was online, so they disconnect from the internet. However, there is a possibility some of the attacks stem from vishing which is quickly becoming prevalent.
With vishing, the cyber criminal calls you, trying to get you to give them login credentials using social engineering.
There are groups of criminals that are targeting credit unions using vishing. The attackers make a phone call and pretend to be somebody from a company they know does business with that credit union to get them to reveal their credentials.
The attackers say they have forgotten their credentials and ask the union to reset them and tell them. Unfortunately, many still fall into that trap. People in your business need to be more cautious so that you don’t become victims of cyber attacks.
The Best Way to Protect Your Business From Being A Cyber Attack Victim
There are plenty your organization can do to protect itself from cyber attacks, but the best move is to do at least annual cybersecurity awareness training for their end-users. Cyber training instills suspicion when dealing with phone calls and emails.
The best way to protect your business is to raise awareness of people using your business’ technology.
The Need For Cyber Cleaning
Apart from executing cybersecurity awareness, you need to do cyber cleaning in your organization.
The reality is that most people are pretty sloppy — not necessarily at work but at home when it comes to protecting ourselves and our families.
For instance, over 70% of people use the same password for multiple accounts. Once a hacker breaks into their account, they can easily access other accounts since they test the password across thousands of online sites to see how many of those sites they can get into.
Another example is that 23% of people don’t use anti-malware. If you’re on a Windows PC, it comes with Defender, which is good enough for home users, but you need more for a business.
Other statistics say that 55% of people lack ID theft protection. Many people won’t know if their identity is compromised. Just like some systems monitor your credit score, you need to ensure you can monitor what happens with your ID.
Ways To Prevent Your Business from Becoming a Cyber Attack Victim
There are several measures you can take to prevent successful cyber attacks. The measures include:
1. Strengthening your login credentials
Most people try to remember their password, so they go for something simple that’s not easy to forget. However, you need to use longer, stronger passwords with a minimum of 12 characters since they are difficult to break.
Use a password manager to store your passwords.
Alternatively, you can use a passphrase. Use a phrase that you can easily remember, such as “My daughter’s name is Lee.” You can include some capital letters and substitute other letters with special characters to have a secure password.
Another way to strengthen your credential is using multifactor authentication (MFA), which makes it nearly impossible for other people to hack into your account.
2. Clean Your Machine
Everyone accumulates a lot of flotsam every day. Some files in your devices are unnecessary and slow the performance of your system.
Use a tool like CCleaner to clear temporary files and cookies that your PC downloads.
3. Eliminate Unused Apps
Most people have around 80 apps on their smartphones, but only use ten a day. You need to understand that these apps collect personal even if you aren’t using them.
You need to get rid of applications you aren’t using, or even applications on your PC that you’re not using.
4. Review Your Online Accounts
Review your online accounts such as:
- Social media account
- eCommerce sites
- Blogs you subscribe to
- Newsletters
These accounts track you and what you’re doing online. The fewer the online accounts you have, the less exposed you’re.
If you were subscribed to a newsletter a year ago and find yourself deleting their emails, it might be time to unsubscribe.
Eliminate social media platforms you no longer use and delete pictures and videos that don’t reflect who you’re now. Make your social media sites private to just the people that you connect with, don’t leave it to the public.
5. Update Your System
58% of breaches stem from missing patches in operating systems or Apps. Ensure you set all your system on auto-update to have the latest patches.
6. Back Up Your System
If you don’t have an auto backup set up, take some time to back up all the important files in your business. Backing up your business data ensures business continuity even in a ransomware attack.
7. Dispose of Devices Safely
You need to safely dispose of your devices because 40% of old devices contain Personal Identifiable Information (PII).
You don’t want to take it to get e-wasted without deleting or removing all that information because if it lands in the wrong hands, the attacker might use it against you.
Alvarez Technology Group Will Help Your Business Protect Itself Against Cyber Attacks
Don’t wait until something happens. Prepare yourself and put your business in a better position to protect itself against attacks and reputation damage.
Contact us today to start a dialogue to address threats, raise awareness, and implement training.
