In the new digital age, internet scams and fraud, as well as data loss or theft, are a huge risk and can have serious consequences for users and businesses. Some of the personal information stored on computers becomes difficult to replace or could offer groups of hackers the opportunity to steal your digital identity and your money.
In addition, at a business level the risks increase, since the identity of your customers and suppliers, the financial information related to your company's operations, as well as patents and sensitive information regarding products and campaigns are at stake. All this has a source; the greatest facilitator of cyberattacks is human behavior.
Keep in mind that even the latest and strongest cybersecurity platforms cannot protect anyone from “opening the door and letting hackers in.” Cyberattacks can take a wide variety of forms, ranging from compromising personal information to taking control of computers and demanding ransom.
The reason these attacks spread so quickly is that they are often difficult to detect and there is not a culture of cybersecurity. To prevent these situations, you must first understand cyberthreats and how cyberattacks occur.
Both social engineering and different types of software (viruses and worms) use deception to get others to provide data or download a file that places code on the computer and thus steal information. Any of these situations could be described as a cyberattack, so what does a cyberattack look like?
It is important to be cautious because an attack can appear in the most innocent or the most complex way. For example, it could be a message that appears to come from a legitimate business or credit card company; they are usually marked urgent and include a link to "click."
However, if you look closely at the email, you can find clues that will let you know if it is real or not. One tip is to hover over the link (but don't click on it), then look at the web address that appears above the link or in the bottom left corner of your screen. Does that link look real, or does it contain names that aren't associated with the bank? By answering this question, you will have a clear idea of the legitimacy of the message.
Steps to prevent an attack
Attacks occur more and more, but the good news is that there are ways to prevent them. Here we share a series of steps that, in addition to helping you, allow you to generate a culture of cybersecurity:
- Do not allow anyone who is not explicitly invited to enter the system. This can be accomplished by:
- Protecting computers by using anti-malware and applying updates.
- Using only company-approved software.
- Personal awareness:
- Be very careful with the emails you receive.
- Always look for essential data, such as the name of the person/company that sent the email.
- Be very careful when clicking on a link or downloading files.
- Malware infiltration. To prevent a hacker from infiltrating through malware:
- Never insert anything into the computer before making sure it's a clean device.
- Scan the device for viruses.
- Do not allow third parties to enter data on your device.
- Physical protection. Just like using a door, computers must also be physically protected. You can do this by:
- Using 2-step authentication.
- Setting long passwords of at least 8 characters. The longer a password, the more difficult it is to crack.
- Not using the same password for all your equipment and services.
- Covering the laptop camera.
- Use guest networks for external staff.
- Do not connect personal devices to corporate networks without informing the appropriate parties.
- Be careful what you share online.
- In the event of an incident, there are three steps that you should take immediately after realizing there's been an attack:
- Follow company procedures.
- Report immediately to supervisors.
- Never pay ransom for data.
Cyber security needs trained personnel to understand the full value of technology investments and IT procedures. Rigorous anti-malware software is very important to prevent computers and mobile devices from becoming infected. However, it is also advisable to regularly back up your data.
Remember that even if your devices have never been infected with malware, the failure of a hard drive or other component could make it difficult to access your most precious information. At that point, you'll be glad you backed up your data.
Having a technology partner with the necessary experience and consulting experts will help you achieve your business goals. We invite you to visit: https://www.kionetworks.com/es-mx/
Conteh, Nabie & Schmick, Paul. ResearchGate (2016). Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks: https://www.researchgate.net/publication/294421084_Cybersecurityrisks_vulnerabilities_and_countermeasures_to_prevent_social_engineering_attacks, accessed November 2019.