It’s said that most car or home break ins are crimes of opportunity. Perhaps a window was left open, or a door unlocked? A would-be criminal would rather enter the car or home through the easiest access possible, with as little effort as possible. The same holds true for the cybercriminal who would rather take advantage of weak passwords or out-of-date antivirus software.
Keep in mind that these types of crimes don’t require much planning or effort on the part of the criminal. While media outlets reporting on cybercrimes may make it out that a cyberattack was sophisticated and smart, the true is that most cybercriminals are lazy and really don’t want to put too much effort into breaking into a network.
A smart and sophisticated cyberattack may include intelligence gathering and social engineering to access a specific network so that it can be exploited. You may get visions of a well-dressed Mission Impossible crew sitting in a server room or unmarked white van outside of your building.
Complex and researched cyberattacks do happen, perhaps not with the sharply dressed crew of criminals. But the truth is that most of the cybercriminals getting headline coverage aren’t doing anything special or amazing. Most often these cybercriminals, like all criminals, are just savvy opportunists.
By establishing and adhering to network security best practices, you will be able to better secure your company’s data. You’ll make hacking your network much less appealing and much more work for the opportunistic cybercriminal.
Did you know that you don’t need to be a programming genius to be a cybercriminal? The Dark Web contains access to what is known as ransomware-as-a-service. There are services that offer online support to help would-be-hackers gain access to networks. Ransomware-as-a-service is almost effortless for cybercriminals to set up. Then all they need to do is sit back as their tools explore the web for any unlocked digital windows or doors.
Locking your digital windows and doors
There are some straightforward online security basics to keep in mind as you think about locking down your network.
- Despite awareness campaigns, phishing emails stand tall as the most used vehicle of ransomware infection. Educate every person in your organization about what to look for, and how to avoid falling into the phishing net. All it takes is an email being sent out, very low on the effort scale. Hackers need to just sit back and wait for someone to fall for the trap they’ve set. You’re doing all of the work when you’re sharing your private data with them.
- Back up all of your data. With a backup copy of your data, you’ll be able to restore your systems without needing to pay a ransom or risk losing the data. While some hackers may be interested in ransoming access to your data, others may just be malicious and delete it.
- Make sure you are practicing good password habits. Avoid using anniversary dates or birthdays, along with skipping pets and kid names. Be sure that every member of your organization knows how important it is to avoid using the same password for both their personal and their work logins. These are all lazy password habits that many of us have fallen into. Hackers take advantage of our laziness, to gain access to accounts and devices.
- Make sure that both the hardware and software that you are running has the most up-to-date security updates and patches. Quite often, successful cyberattacks exploit known security holes that have not yet been patched.
Perhaps the most important protection consideration is to be aware that the risk is real. No matter the size of your business, cybercriminals can and will target you if they find a way in through an unlocked window.
Have you been hacked? If your cybersecurity has been compromised, let’s talk. How did your security team handle the situation?