What’s your cyber security IQ?
Most business owners know a little about cyber security: Use strong passwords, don’t use the same one for multiple sites, and don’t click on links in emails from senders you don’t know. But cyber attacks are getting more sophisticated every day, and it can be challenging to keep up.
To improve your cyber security IQ, here’s the latest on the continuously evolving cyber security schemes designed to compromise your business.
Phishing
Phishing is a way for cyber criminals to gain access to your computer network. Hackers send an email that looks legitimate and ask the recipient to either click on a link or perform some other action. Once the link is clicked, malware is deployed to your system.
Phishing is not new, but it’s seeing a resurgence in popularity. Global consultancy CGI’s Security Operations Center reported a 30,000% increase in phishing attacks related to COVID-19 scams.
When many companies sent their employees home to work, cyber criminals saw an opportunity to exploit the situation, and they jumped on it. The widespread use of virtual private networks (VPNs) has exposed their vulnerabilities. While phishing attacks have become more targeted, there has also been an increase in mass spam email campaigns which prey on easy targets.
Related: Protect your company with a human firewall
Ransomware
Ransomware is a kind of malware that holds a company’s data hostage. The hacker demands payment from the victim company to regain access to their own data. In addition to being the most expensive kind of cyber attack, a ransomware attack can shut a company down until they can get their data back.
Ransomware continues to be profitable for cyber criminals and has seen an uptick as a result of the COVID-19 pandemic and the increase in the number of people working from home. According to a report from Hiscox and Kivu, a leading global cyber security firm, ransomware demands increased 40% across the US in 2019, compared to 2018, and have increased 470% since 2016. Ransom demands have also increased 200% in size – to an average of over $230,000 – in the first half of 2020 compared to the same period a year ago.
Doxing
Doxing is when cyber criminals steal the data of a ransomware victim and threaten to sell it on the dark web if a ransom is not paid. This can be a double-dipping opportunity for hackers. Companies who are targeted often find that their data ends up on the dark web even if they pay the ransom.
Doxing attacks have also become more targeted, as the criminals who carry out these attacks are becoming increasingly sophisticated. As they target specific companies, these hackers know the value of the data they are hijacking and they price their ransom demands accordingly.
Defending against cyber attacks
Now that you know what the latest threats look like, the next step is to defend against them.
Related: Is your business prepared for a cyber attack?
A cyber preparedness plan starts with preventing an attack before it happens. This means educating your employees, whether they’re working from home or are back in the office. Training employees to spot a phishing email is crucial. Many companies test their employees by sending out emails that resemble a phishing email to see who responds. This helps to identify if employees need more training on preventing an intrusion into your system. Creating a back-up strategy for your data also remains an important risk management tool. In 2019, the total claims cost for an insured without a back-up strategy was 3.5 times higher than it was for an insured who had one.
The next step is to detect an attack as soon as possible after it occurs.This can limit the amount of data that is lost and may help you get all your data back from a back-up, eliminating the question of whether or not to pay a ransom.
If you are attacked and thieves access your data, you’ll want to mitigate the damage. Having a plan in place and having cyber insurance will reduce the financial impact of a hack or a data breach on your company’s bottom line.
Staying on top of emerging cyber threats can seem like a full time job, but it’s critically important to keeping your company safe.
Related Articles
A cyber security expert answers your ransomware questions
What is ransomware? Who is vulnerable? And most importantly, how can you protect your small business from the havoc it can wreak?
We sat down with Meghan Hannes, Head of Cyber and Tech Errors and Omissions for Hiscox USA. Meghan has been underwriting and managing cyber security and privacy-related risk since 2004. She is a noted author, speaker, and award-winning product head in the cyber insurance space.
Remote working increases cyber risk for small businesses
The pandemic has changed the way we do business in many ways. One of the most remarkable changes – and one that may become permanent for many businesses – is remote working. While this has been an advantage, the increase in cyber attacks since more people have been working from home is not a coincidence
Read More
The most common accounting mistakes made by small businesses and how to avoid them
Whether you’re a new or experienced small business owner, financial responsibilities—including accounting—can take a while to get the hang of. There are so many moving parts to keep track of, not to mention a lot of math to do, which makes mistakes almost inevitable. That’s why many companies bring on an accountant as soon as they can. But if that isn’t an option for you just yet, don’t worry. We’ll cover some of the most common accounting mistakes made by small businesses and how to avoid them, so you can protect your business.
Read MoreWe provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.