Cyber crime against businesses is predicted to rise again in 2022. Eye-watering statistics such as more than 85% of UK organisations experience a successful attack mean businesses must ensure they are protected. We have created a guide to protect your business from the most common threats and best practices to ensure your organisation can be vigilant from increasingly sophisticated attacks.
Nearly 3 in 4 businesses experienced a phishing attack in 2020.
According to the FBI, 6.95 million new phishing and scam pages were created in 2020 – making it the most common type of cyber-attack. Phishing attacks are a technique used by cybercriminals to trick users into thinking they are communicating with a legitimate party. Using multiple social engineering techniques, the attackers try to get users to reveal sensitive information to be able to access critical information such as passwords or funds.
Spoof Emails are becoming increasingly common
Spoof email addresses like trusted organisations are commonly used by cybercriminals An attack may use a domain such as cl0udcentral.co.uk to gain trust and access to vital information. Tessian reported an employee will receive on average 14 malicious emails per year.
How to prevent Phishing Attacks
Educating your staff
Education and vigilance are key to ensuring your organisation remains on top of scammers. Keeping up to date with the latest phishing techniques is core to ensuring your business stays safe.
Enable Multi-factor authentication
Multifactor authentication is core to ensuring your business stays secure in the off chance your business does give out vital information such as a password. Multi-Factor Authentication further protects your cloud-based services and can alert you to unauthorized access requests to ensure only valid requests are granted.
Double-extortion Ransomware attacks grew by 935% in 2021 compared to 2020
According to data from Atlas VPN, ransomware grew dramatically in the first half of 2021 by 151% alone. In the UK alone, ransomware encounters totalled 14.6 million in 2021 making it one of the most common ways for cybercriminals to target users. A ransomware attack uses phishing techniques to get users to trust attached files or directed links which trigger a takeover of your device. Once the attack has begun the cybercriminals usually demand payment in crypto to unlock your computer, this is coupled with an alert timer threatening file deletion if payment is not made within a certain timeframe. Coupling this with the cost of downtime, many organisations find it very difficult to come back from these attacks. Unfortunately, those who do pay the ransom may not retrieve their files back and in most cases are targeted again for more ransom. Group IB reported a 935% increase in double extortion ransomware attacks in 2021 compared to 2020.
How to prevent ransomware attacks
It’s important to be proactive when it comes to preventing data-loss and downtime within your organisation if an attack occurs.
Backup data regularly with platforms that use advance ransomware detection.
Regular data backups are critical to ensure that data loss and loss in productivity are prevented when an attack occurs. With the right measures in place, your business should be back up within hours. Our experts recommend solutions with advanced ransomware protection.
Ensure your organisation invests in the right security solutions and aim to push for regular penetration testing.
Investing in security solutions to cover your organisation in terms of the many ways cybercriminals could attack is important. We recommend auditing your IT infrastructure regularly to ensure your security is up to date. We also recommend penetration testing (pen testing) your environment to ensure that all devices and the network are free from the latest vulnerabilities.
Monitor threat intelligence
Threat intelligence feeds provide valuable, real-time information on emerging cybersecurity threats and allows for a collaborative approach to incident response.
Cloud Central are here to help
Cloud Central is an Award-Winning cybersecurity specialist providing SMB’s with vital services and solutions to protect organisations from the latest cyber threats. Get in touch today to learn how we can support your organisation.