Getting ahead of cybercrime: Part 2

Running a small business or accounting practice can be demanding, especially as your business and employee numbers grow. Operating in the cloud can make things easier, and we know how much you appreciate the time and cost savings that come with it.

While you’re busy working hard and enjoying those benefits, it’s easy to overlook the safety precautions necessary to keep everything running smoothly and securely.

Businesses using unsecured technology are an attractive target for cybercriminals. This results in real-world impacts for businesses like yours. Not only can you directly lose money through fraudulent payments or ransoms, there can be additional losses due to recovery costs, legal fees, government fines, as well as damage to your reputation.

According to Verizon’s 2021 report on data breaches: “The median for incidents with an impact was US$21,659, with 95% of incidents falling between US$826 and US$653,587.”

Our previous article introduced ‘Imposters’ as the first of three ‘areas of concern’ to focus on. Today, we’re going to talk about the threat posed by ‘Attackers’.

Although it’s impossible to predict when a cybercrime attack might occur, you can reduce the chances of being targeted, and minimise damages if there’s an incident. 

Read on for more information, along with links to useful resources, stats from Verizon’s 2021 report and defensive advice for businesses of all sizes and budgets.

Defend against ‘Attackers’

Company devices, accounts and data can be at risk from a direct cybercrime attack by cybercriminals seeking out any vulnerabilities in your technology. These can be the result of lax security maintenance, or the by-product of another cybercrime incident such as phishing.

Cybercriminals can exploit your vulnerabilities to cause significant damage and steal valuable information.

The key to prevention is knowing what attack methods are used, and how to close down the vulnerabilities that make them possible.

Malware 

• This is malicious software that has the ability to infect just about any type of device.
• Malware can take many different forms, and have a variety of symptoms and impacts.
• Some types will significantly slow down your device, and trigger constant pop-up ads and warnings.
• Other types of malware are harder to detect. They might look like a legitimate file or program that sits silently in the background monitoring your activity.
• There are many ways a device can be infected. Phishing emails often contain links that download malware. It can also be spread between devices via your network or USB storage.
• Out-of-date devices and software can have security flaws that can make you a target for malware and amplify the damage.

Ransomware 

• This is a nasty variant of malware that’s becoming more common, increasing to 10% of breaches identified by Verizon this year. 
• Ransomware quickly spreads across your network to infect any connected devices.
• Once infected, those devices will be locked behind strong encryption, making them completely unusable. 
• Unfortunately, there’s not much an IT professional can do to help you remove ransomware once it’s taken hold.
• The cybercriminal will demand a ransom payment to unlock your devices. If you refuse to pay, they’ll likely erase everything they control, including your data.
• Affected businesses have lost tens of thousands, if not millions, of dollars.

Protect yourself:

Run anti-malware software on company devices to automatically detect and remove any suspicious files. It’s also important to keep your devices and software up-to-date so they’re covered by the latest security fixes. Turning on ‘automatic updates’ wherever possible makes this easy. 

Phishing education also reduces the chance of someone clicking a malicious link and downloading malware or ransomware in the first place.

While these security measures are effective, the constantly evolving threat means that it’s not possible to be 100% immune against cybercrime attacks. Most agencies, including the FBI, do not recommend making ransomware payments, as there’s no guarantee that the cybercriminal will honour the deal.

That’s why it’s important to be prepared with back-ups of your most critical data. This can help you to quickly recover from cybercrime incidents or hardware failures. Take a look at this guide to backups for businesses.

Account takeovers

• A cybercriminal can gain unauthorised access to online accounts that your business and staff rely on. 
• They’re able to steal company credentials through phishing and malware, or by using tools designed to guess and hack weak passwords. It’s also possible to buy lists of stolen credentials off the ‘dark web’.
• Once a cybercriminal gains access to a company account, you no longer have control of it (or any associated services and data).
• Compromised email accounts are particularly dangerous, since they’re often a gateway to resetting passwords or confirming identity for other accounts.
• A cybercriminal can also use access to your inbox to modify legitimate invoices and facilitate fraudulent payments. We talked about this in the Business email compromise (BEC) section of our previous article.
• Losing control of your online storage, financial services, or device management accounts can be catastrophic. So it’s important to secure all cloud services critical to your business. 

Protect yourself:

Fortunately, the steps to reduce your risk of account takeover are fairly straightforward. Make sure the passwords on company accounts are strong and unique to avoid being guessed or hacked. If a cybercriminal finds a working password for one of your accounts, they’ll test it against other well known services ??– so reusing passwords leaves you vulnerable to multiple account takeovers. 

There are organisations that keep track of account credentials that have been exposed in global data breaches. You can use a website like Haveibeenpwned to check whether your company credentials might already be at risk. 

It can be difficult to juggle multiple passwords by memory alone, so look at using a Password manager. This software can create strong passwords for all your accounts, sync them to multiple devices, and allow you to quickly log in without typing anything. This is by far the easiest and most secure way to handle passwords in your organisation.

We highly recommend enabling Multi-factor authentication (MFA) on company email accounts, and any other critical services. MFA acts as a safety-net against unauthorised access, even if the password has been compromised. The extra step of MFA might seem a little inconvenient, but it’s incredibly difficult for cybercriminals to bypass. Modern MFA apps like Xero Verify make it as easy as possible for you to authenticate with a simple button tap.

What next?

Attackers have the ability to cause a variety of expensive and complicated problems for your business. Verizon found that 61% of global data breaches involved unauthorised use of credential data, while also highlighting a yearly increase in ransomware attacks.

To reduce your risk in the first place, make sure company devices and software are regularly updated to fix vulnerabilities. Also, train employees not to click on phishing links, and how to use strong passwords and MFA to keep company accounts secure.

Implementing cybersecurity measures can protect your systems if an attack does happen. Anti-malware software can defend against suspicious files, while password managers and MFA are able to keep company credentials secure. 

Keep in mind that even the best security strategies and defences can’t provide 100% guarantees against increasingly sophisticated attacks. That’s why it’s critical to be prepared with backups of your devices and data, and know how to get in touch with your local cybersecurity agency to report an incident.

For more information, check out the free guides we’ve linked to in this article and share them with your employees. 

Keep an eye out for our final article in this series all about the valuable data held by your business. 

If you found this guide useful, check out part 1 and part 3 of this series. We’d also recommend completing our free, self-paced security course, Manage cloud security for your business. You’ll learn even more about keeping your business secure online.