Cyber security impacts each and every one of us—in our businesses and in our personal lives. It even effects the biggest and most reputable organizations, with the greatest resources to protect themselves, from Anthem and Mattel, to Home Depot and LinkedIn, to so many others.
It matters because our reputations are built on trust—our customers, employees, vendors, friends and family trust us with their sensitive information—and a cyber security threat can compromise that. Also, in many cases as business owners, we’re required by law to protect sensitive information.
Since protection starts with awareness, here are today’s most common cyber security threats:
Spam
- Unwanted advertising
- More an annoyance than a threat
Hacking
- Thieves break into your computer system to find and take valuable data (through a firewall or by identifying weak passwords)
- Traditional defenses don’t slow down sophisticated hackers
- Many won’t even realize they were hacked
Social Engineering
- The most successful way to hack an organization
- Relies on the fact that we want to help people
- Can be as simple as holding the door open and letting someone in the building
- Can be someone calling you and asking questions about the company and your job
Phishing
- A type of social engineering
- Thieves use official-looking emails to trick you into providing information
- They send out email blasts and play the odds that someone will “bite”
Spear Phishing
- Highly targeted attacks
- Thieves use information garnered through social engineering and research to trick us
- Emails directly ask for sensitive information, like passwords and forms, or money
Viruses/Malware
- Spread through human interaction (like opening an infected file or application)
- Includes spyware designed to spy on your activities and capture sensitive data
- Also includes “trojan horses” that appear useful but hide sinister activity (like a free screensaver that works but installs a virus)
Scareware
- Pop-up security warnings saying you have a virus
- Virus doesn’t exist until you pay for and download the scareware (disguised as anti-virus software)
Ransomware
- Extortion campaigns
- Malicious software blocks access to computer systems or data files until a sum of money is paid
Now that you know what to look for, here are some actions to take to further protect yourself and your business:
Patch your software to protect against viruses
- Windows 10, for example, does a great job of this and will force you to reboot to install new patches
Don’t install unknown software…ever
- It’s easy to accidentally download the wrong software and install malware
Protect your social networks
- Anything you post about yourself or your business can be used to build a profile
- Remember, targeted attacks often work because emails are tailored to appear real
Don’t write down your passwords
- They can be easily stolen
Lock your computer screens
- Simultaneously press Key + L for Windows or Control + Shift + Eject for Mac
Confirm the message
- If you receive an email from a peer, customer or friend with a request, confirm before sending anything
Consider bad spelling and grammar a red flag
- Often, English isn’t the first language of cyber attackers
- Also, an offer for something that’s too good to be true or requests money is a red flag