Top 3 Cybersecurity Threats and How to Avoid Them

2020’s been a crazy year, and in the world of cybersecurity it isn’t any different.  This year we had nearly twice as many data breaches than 2019!  Below are the top 3 cybersecurity threats to small and medium sizes businesses, and what you can do to protect yourself.

  1. Phishing/Social Engineering Attacks – Coming in at #1 is Phishing/social engineering attacks. These attacks focus on tricking the human to get access rather than hacking a device.  There are a few things you can do to prevent this from happening:
    • Educating your workforce.  Security awareness programs like KnowBe4 can help your workforce not get duped into giving the bad guys your companies data.
    • Use good SPAM filtering – As you know, SPAM filters use technology to help weed out potentially bad emails before your users gets them in his/her inbox.  This won’t block all attacks, but it will keep a good portion of them from getting through to your users, which ultimately minimizes your overall exposure to malicious attacks.
  1. IoT-Based Attacks – IoT based attacks don’t make big headlines because they are quiet. They use vulnerabilities in internet-connected devices to get access to your network and many times, you don’t know they are even there.  These are devices like camera systems, doorbells, HVAC systems, smart TV’s, etc. To minimize your risk of an IoT attack you can:
    • Make sure you have a business-class firewall installed in your office. Also, make sure you have a competent network administrator behind the wheel and the firewall’s security services are enabled.
    • Don’t use default passwords, or passwords that are weak. For more tips, see a previous blog article, https://itnow.net/guide-to-strong-passwords-in-2019/
    • Secure Work-From-Home Connections. When working from home, make sure it’s done in a secure manner.  Otherwise, the bad guys could use Fluffy’s smart food bowl to potentially get access to corporate files.
    • Update IoT devices. The manufactures often discover vulnerabilities before the bad guys do, and they release the fixes in updates.
    • Use Multifactor Authentication – if available, use multi-factor authentication.  This doesn’t guarantee the device won’t be compromised, but it will make it much harder for hackers to get access to it.
  1. Ransomware – Chances are you know of someone who has been hit with ransomware.  This threat encrypts company files and holds them ransom; often times for tens of thousands of dollars. It came in at #3 on the top cybersecurity threat for 2020. Here are our recommendations to minimize ransomware’s impact on your business:
    • Use “Behavior Based Threat Detection” to protect both internet downloads and email attachment. This technology will run a file in a sandbox outside of your network and see how it behaves.  If it starts to act funny, it won’t allow you to download the file into the network.
    • Air gap your backups.  In other words, make sure your backups can’t be access or compromised from your primary network.
    • Educating your workforce on how to spot ransomware and what to do when they do see it will go a long way in protecting your network.
    • Make sure your Anti-Virus/Anti-Malware is up to date.  This won’t protect you from new strains of ransomware, but it will help stop older ones that are still circulating through the Internet.

We hope that these tips have been helpful.  If you ever find yourself with network security questions feel free to reach out to the team of experts here at i.t.NOW.