Photo by Hillary Ehlen
Did You Know About Targeted Attacks?
What did you do? Maybe nothing, but someone has it out for your organization. This is an individual or group looking to gain on your behalf. Their motives aren’t always clear, but they can range in any level of expertise from someone who shares bad web links to someone who attacks the Department of Defense.
Myth #1: Anti-virus software is dead, and you don’t need it anymore.
While a vice president at cybersecurity company Symantec, Brian Dye said in 2014 that antivirus software was “dead.” Unfortunately, that was all people heard. What he was trying to do was illustrate a point that software alone isn’t enough to protect the typical organization, and he’s absolutely right. Protecting your data is always going to be a never-ending endeavor, and it only just begins with antivirus software.
This myth is particularly damaging to the effectiveness of antivirus software as well. Today’s antivirus uses machine learning from information reported back from each computer being protected. This allows for quick incident detection and resolution, which is key to stopping widespread outbreaks. There is a flaw in this, however: An outbreak has to occur for it to be detected, which leads to some being the sacrificial lambs who protect the rest of us.
Myth #2: My computers are fully up to date, and I run anti-virus on all our computers, so everything will be fine.
While you are taking effective measures to protect your organization, there is no such thing as “safe.” Your computers are often not the most susceptible to intrusion; your workforce is your greatest liability after patching known issues.
Most cybercrime starts as a form of social engineering to gain trust or access and then gain financially from there. This can take many forms such as a seemingly legitimate invoice that needs to be paid or selling your data to the highest bidder. Yearly cybersecurity training and alerting your employees of new threats helps combat this.
Myth #3: Cyberattacks only target large businesses because they have more to lose.
While large enterprise organizations do have to remain ever-vigilant against targeted attacks, small businesses are a far easier scam to pull off.
Small businesses often do not have the proper protection or business procedures to protect themselves from all different types of exploitations. It’s much easier to scam someone for an unnoticeable $200 than it is to take down Target or Equifax.
Myth #4: Most cybersecurity attacks are generated outside the U.S.
Where a cyberattack originates from is mostly meaningless. In fact, the first thing you want to do as a cybercriminal is hide your actual physical location. Cybercriminals are usually after two things:
1) Anything they can make money selling
2) Fame and recognition
Did You Know About Cryptolocker Viruses?
This is a particularly nasty computer worm that replicates from computer to computer and, on its way, encrypts everything it can get its hands on. Realistically, the only way back from these attacks is to restore from a good backup of your data. Some variants will hold your information hostage for a ransom. These “ransomwares” offer no guarantee of recovery of your data, though, and provide no protection against the next outbreak.