Cyberattacks are becoming increasingly frequent and sophisticated, causing substantial harm to individuals, businesses and government agencies. According to a recent cybersecurity report from Accenture, the global cost of cyberattacks already exceeds $3 trillion each year, and losses are on track to top $5 trillion by 2024.
The Rising Cost of a Single Cyberattack
Because the nature of cyberattacks can vary widely, from a simple data breach to a major ransomware attack, losses and recovery costs can range from thousands to millions of dollars.
In a Statista survey of IT executives, one quarter of all respondents reported a cyberattack costing between $50,000 and $100,000. And these relatively substantial losses are only the beginning.
Last year, the average data breach took 280 days of hard work to correct, and the average total cost of a large enterprise data breach rose to $1.52 million. Forty percent of that cost was lost business, while the rest was expended for remediation, including customer services, legal fees and fines from regulators.
The most costly reported incidents were ransomware attacks. A survey of 742 large company cybersecurity professionals found that 80 percent had been targeted by a ransomware attack in the past two years. Thirty-nine percent of respondents had paid a ransom. The average payment was $6.3 million for U.S. victims (Source: ZD Net).
Most importantly, 95 percent of all reported cyberattacks were found to be caused by human errors, which can be prevented by applying the proven techniques outlined in this article.
Prevention is the Best Defense
Because recovery from a cyberattack can difficult, time-consuming and costly, the best way to deal with the risk of cyberattack is prevention. In this article, we will outline the most common forms of cyberattack. We will also present some proven methods for preventing attacks, along with the steps any business can take to minimize the risk of becoming a victim.
Common Cyberattacks
Before we review the best practices that any business or individual can use to keep their computers, networks and data more secure, let’s quickly review the most common risks and cyberattack examples.
Today’s cybercriminals are most likely to launch a phishing, social engineering, malware, ransomware, denial-of-service, or man-in-the-middle attack.
Phishing Cyberattacks
Phishing is one of the most common forms of cyberattack. Phishing attacks typically involve the use of a fake email or a website that may give every appearance of being from a legitimate source, such as a bank, a money transfer service or a well-known company.
The phishing attack uses the fake email or website to trick the user into revealing personal or protected information, such as a password, credit card number, bank account number or PayPal logon details.
Among the most successful phishing attacks, Sony Pictures, Google and Facebook have all been scammed, with losses greater than $100 million suffered by each company.
Social Engineering Attacks
Social engineering attacks are a more sophisticated form of phishing, in which the attacker uses human intervention to enlist the target’s help to circumvent security controls.
First, the cybercriminal identifies a person with user access control, gathering enough information to make their interaction seem familiar and legitimate. The criminal then deceives the human target into careless behavior through which they fail to protect sensitive data or system access.
In July 2020, Twitter lost control of 130 accounts, including high-profile users such as Joe Biden, Barack Obama and Kanye West. The accounts were used to request donations, and although Twitter quickly identified and shut down the scam, the criminals collected $110,000 in minutes, and news about the breach caused Twitter stock to fall by seven percent the next day.
Malware Cyberattacks
Malware is a type of software that is designed to control or harm a computer system. Common forms of malware include viruses, worms and Trojan horses.
The cybercriminal often designs the malicious code to load surreptitiously and spread rapidly over a network, causing serious damage to data files or to the computer systems themselves.
Unlike the phishing attack, which is focused on obtaining valuable information, the object of a malware attack may be simply to harm the target organization by damaging or disrupting its computer systems, data files or network function.
In early 2020, malware was used in the Solarwinds supply chain attack, which infected the upper ranks of American business and government, including the Treasury Department and the Department of Homeland Security.
Ransomware Cyberattacks
Ransomware is a particularly vicious form of extortion, in which the attacker uses malicious software to encrypt the victim’s data and essentially hold the data hostage, demanding payment in exchange for providing the victim with the decryption key.
Ransomware attacks can be very costly, as the victim must either pay to rescue valuable data, or potentially face the total loss of customer orders, employee files, financial data and other irreplaceable business records.
In one of the worst ransomware attacks in history, Colonial Pipeline paid hackers $4.4 million in ransom for their decryption key. While they waited for their data to be restored, 20 billion gallons of oil went undelivered, at a cost of about $5 billion.
Denial of Service (DOS) Cyberattacks
Denial of service attacks are designed to disrupt or shut down the normal operation of a website, computer system or network.
In a DOS attack, the cybercriminal sends a large sequence of requests to the targeted system, causing the network to become overwhelmed with false inputs and unable to respond to legitimate requests for access.
DOS cyberattacks may have a financial objective or are in some cases simply a malicious form of vandalism, where the objective is to harm the victim.
In October 2020, Google was hit with a DOS attack that bombarded thousands of its IP addresses with fake requests, peaking at an astonishing 2.5 Tbps (terabytes per second).
Man-in-the-Middle (MitM) Cyberattacks
In a man-in-the-middle (MitM) attack, the cybercriminal intercepts communications between two authorized parties and either records valuable details or alters a legitimate communication.
MitM cyberattacks may be used to steal passwords, credit card numbers, bank account information or intellectual property.
In a notorious example of government MitM, the U.S. National Security Agency posed as Google. By intercepting traffic and spoofing Google SSL certificates, NSA acquired the ability to intercept any Google search. This activity was exposed by the leaker Edward Snowden.
Practical Ways to Prevent Cyberattacks
Enough about the risks. Let’s look at some of the ways in which a business or individual can prevent cyberattacks.
It is not necessary to become an IT expert, and none of these methods are prohibitively difficult or expensive. The only requirement is to develop the right work habits and stick to them with good discipline.
- Keep Software Up to Date
- Use Strong Passwords
- Use Multi-Factor Authentication
- Use Anti-Virus Software
- Train Employees
- Establish Firewalls
- Encrypt Sensitive Data
- Conduct Regular Audits
- Get Expert Help
- Have a Data Recovery Plan
Keep Software Up to Date
One of the simplest ways to prevent cyberattacks is to keep all computer and network software up to date.
Software and system updates from publishers will often include fixes for vulnerabilities that have been discovered by the publisher or exploited by cybercriminals.
IT administrators and individual users should regularly check for updates and install them as soon as updates become available. Updates should include operating systems, applications and especially security software.
Use Strong Passwords
A strong password is like a deadbolt on the front door of your data. One of the best ways to prevent cyberattacks is to create passwords that are long, complex and unique.
An effective password should contain a random mix of upper-case and lower-case letters, numbers and special character symbols.
Every old password is a weak password. Change all passwords regularly, and never re-use the same or similar passwords for multiple accounts or applications.
Use Multi-Factor Authentication
Multi-factor authentication (MFA) adds an extra layer of security to any organization’s login procedure. With MFA, a user must provide more than one authentication, such as a password plus a code sent to their phone, in order to gain access to a protected account.
MFA helps prevent cyberattacks and data breaches by making it much more difficult for cybercriminals to gain access to an account, because they would need to have both the password and the second authentication factor in order to break in.
Use Anti-Virus Software
Commercial anti-virus software can help protect an individual computer against files that contain malicious code. However, it is not enough to install the anti-virus software and forget about it. Let the software scan for viruses.
Because criminals are constantly coming up with new viruses and other forms of malware, it is important to: (1) regularly run scans with the anti-virus software; and (2) regularly update the anti-virus software to the latest version.
Train Employees on Cybersecurity
In many organizations, the biggest threat to security is a regular employee who accidentally or unknowingly exposes the company to a cyberattack.
Every day, thousands of otherwise smart and loyal employees inadvertently download malware, fall for phishing scams, or create weak passwords.
Many employees do not know that they should never send sensitive information over a public wi-fi networks…or open attachments on unofficial email…or click on links from unknown sources…or download unauthorized software.
To prevent these vulnerabilities, provide staff at all levels with regular training to develop a strong culture of cybersecurity, in which all hands know how to recognize scams, how to create strong passwords to protect business data, how to report a suspicious incident and how to avoid all forms of attack.
Establish Firewalls
A firewall or intrusion detection system (IDS) is a network security system that monitors incoming and outgoing network traffic based on security settings and rules.
A firewall can block unauthorized access to an organization’s network and can prevent protected data from being transmitted outside the network, alerting network administrators to the presence of potential data breaches or other threats.
The latest security software makes it easier than ever for a business or individual to set up a firewall and configure it for the best protection against cyberattack.
Encrypt Sensitive Data
One of the most powerful tools for cybersecurity is encryption. Data encryption converts plain language and regular numbers into coded strings of machine language that cannot be easily deciphered.
Encryption can be used to protect financial data, such as credit card numbers, sensitive information about employees or clients, private emails and documents, or intellectual property that the organization needs to keep secret.
By encrypting these categories of data, a business or individual can prevent cybercriminals from accessing valuable or sensitive information, even in the event of a data breach.
Conduct Regular Security Audits
Periodic security assessments are essential for identifying vulnerabilities in an organization’s security systems and ensuring that they are up-to-date and working effectively.
Security audits for cyberattack prevention should include penetration testing, vulnerability scanning and employee security skills review.
A security assessment should include testing backups through recovery from a simulated disaster, such as a data breach, denial of service or other common cyberattacks.
Use Cloud Security Solutions
For organizations that use cloud services, an extra layer of security can be achieved by using cloud access security brokers (CASBs) and security information and event management solutions (SIEMs).
CASBs can monitor and control access to cloud services, while SIEM solutions can help detect and respond to security incidents in real time. Both types of cloud services can help businesses better protect their data and systems that are active in cloud computing.
Get Expert Help
A large organization should have a security expert on the in-house IT staff. Smaller organizations should work with an outside security service to strengthen their security tools and to ensure the development user best practices.
Have a Data Recovery Plan
Last but not least…develop a data recovery plan. Regular backups are essential for preventing data loss in the event of a cyberattack.
Every business and individual user should have a strong data recovery plan that includes regular backups of all critical data. What is critical data? Any data that you would not want to re-create from scratch, because that is where a cyberattack could leave you.
A secure data recovery plan should also outline the immediate and follow-up steps to be taken in the event of a data breach.
Finally, backup data should be stored off-site at a secure location. Organizations should regularly test their backup and recovery procedures to ensure that they are working as planned.
Stay Alert and Work Together!
We have shared some of the best ways that any business or individual can keep their computers, networks and data more secure. With any of these best practices for cyberattack prevention, the key to success is vigilance.
Any single employee in an office can inadvertently leave the door open to a cyberattack; so work groups should exercise both personal discipline and team effort, watching out for each other.
Each year, cyberattacks evolve, becoming harder to detect and more costly to endure. So, the key to avoiding the risk and cost of cyber threats is prevention. To keep your valuable data safe from cyberattacks…learn the best practices…stay alert…and work together!
