Cyberattacks are sneaky, but your cybersecurity plan should be solid
Communications is an important deterrent
One minute your business is humming along. Productive. Profitable.
In an instant, all of the work can be shattered by something completely outside of your control. Or even worse, a cyberattacker can secretly sneak in and steal critical data for your customers and your employees.
For CEOs and Chief Information Officers, staying on top of the latest strategies and cybersecurity tactics is something that can’t be ignored. It also can’t be handed off to a staff member or vendor and forgotten.
As part of our program to enhance the power of many, the team at CFO Strategic Partners recently reviewed some best practices for cybersecurity. One of the key takeaways from all cyberattacks is that security procedures must be communicated again and again to all employees as cyberattacks continue to get more sophisticated.
With cybersecurity, it’s important to minimize all vulnerabilities and try to protect all hardware, company information and software from malicious activities. However, it’s extremely difficult to be aware of and protect yourself against the various types of cyberattacks.
Last year, the WannaCry ransomware cyberattack alone hit more than 230,000 computers. This affected hospitals and major companies, such as FedEx and Nissan.
Below, we’ll outline some of the most common attacks and prevention methods you can take.
- Email Attachment Attacks. Be wary of your emails because even one coming from a seemingly legitimate source may send you an attachment that’s unsafe. The emails many times look legitimate, but they’ll usually be unexpected or unsolicited. The danger in this type of attack is the attachment itself, where if you double click on it, the attached program or code is executed.To protect yourself, there are a few actions you can take. Only open attachments from known sources, send suspicious attachments to IT to scan, and implement a program to scan for harmful attachments in emails.
- Email Phishing Attacks. These attacks aim to get you to login to a “spoofed” website to give the attacker your login information. This email will also come to you from what looks like a legitimate source, and most will open a spoofed version of a major website and ask you to login.Paying attention to web addresses (http:// vs. https://) is one of the best ways to protect yourself against this type of attack. HTTPS is more secure because all communications between the website and browser are encrypted. Requiring dual authorizations on wires and reporting suspected successful phishing attempts immediately to IT can also help minimize damage.
- Email Spoofing Attacks. This is one of the most sneaky types of cyberattacks because the email looks like it comes from internal company sources. The goal of the attack is to get the employee to trust the email and perform an action without questioningThese can be difficult to prevent, but the best ways to lower the risk is to know the information on the company website, use a different email convention for C-level executives, and never violate company internal controls or security policies. Also, pay attention to the email address that sent the email and get to know your coworkers to help spot issues.
- Web Page Attacks. There are various types of web page attacks, including spoofing, malicious pop-ups and embedded code. Malicious pop-ups can involve advertisements that execute malicious code or pop-ups meant to look like there’s an issue with your computer. The most dangerous type of malicious pop-up, however, is a translucent layer over a legitimate site that executes a code (ex: an invisible button in a pop-up that sits over an actual button on a real site).Being conscious of the sites your visiting on work computers is the best way to help prevent these web page attacks. If there’s a system warning popping up on your computer, verify the issue with the IT department instead of trying to figure it out yourself because it may be a cyberattack.
Unfortunately, as technology advances so does the scope of cyberattacks. It’s important to review your cybersecurity measures and make sure they’re up to date.
At CFO Strategic Partners, we understand the importance of protecting your company’s information and preventing malicious cyberattacks. One employee accidentally giving into the cyberattack can put your entire company at risk.