Ever-worsening cybersecurity threats are a source of never-ending stress for business leaders and IT pros. Every time they see a headline about a major breach, they wonder if their defenses are strong enough. They wonder if their organization will be next.
The attack methods are so diverse and the onslaught so overwhelming that it’s impossible to fight every threat. It’s important to remember, however, that most hackers carry out low-cost attacks in high numbers. Many of these attacks are automated using tools that can be purchased at relatively low cost on the Dark Web.
Given limited time, resources and budget, you should focus on the most common types of attacks. Here are the three security threats that you should prioritize today.
Social Engineering / Phishing
Rather than attempting to get past cybersecurity controls, many hackers target the weakest link in the security chain — humans. Social engineering attacks are designed to convince users to unwittingly provide access to restricted systems.
One of the most common forms of social engineering is phishing. Phishing attacks typically use deceptive emails to trick users into clicking a malicious link, opening a malicious tile, or providing sensitive information. Today’s phishing attacks appear to be realistic notifications from your bank, the IRS or even your boss. They may ask you to verify information, review documents, find out about a failed delivery attempt or change a password. Hackers use real logos and clone legitimate websites, which automatically upload malware when the user visits or enters information.
Phishing emails are commonly used to deliver files or links infected with ransomware. A ransomware attack encrypts all the data it can find on a system or network, then demands a ransom for the decryption key. Many specifically target backups so that the victim cannot recover the data. In its Cost of a Data Breach 2022 report, IBM found that the average ransom is more than $800,000, although the total cost of recovery is much higher.
Because more organizations are declining to pay the ransom, attackers have altered their tactics. Many ransomware attacks also exfiltrate data before encrypting it, threatening exposure if the ransom isn’t paid. Of course, payment doesn’t guarantee the bad guys will live up to their end of the deal. Even if they turn over the decryption key, data is often compromised in the process.
Supply Chain Attacks
In a supply chain attack, hackers gain access to an organization’s network through a third party, such as a customer, supplier or business partner. The third party might reveal access credentials or be a victim of malware that spreads throughout the supply chain.
In a software supply chain attack, hackers embed malicious code in a company’s software, which is then distributed to customers. The attacks can spread to hundreds or even thousands of organizations. For example, the 2020 attack on SolarWinds affected more than 18,000 customers that installed the malicious software update, which installed a remote access trojan.
How to Fight Back
Defending against these attacks requires a multipronged approach consisting of four key elements:
Security awareness training. Provide engaging training that shows users how to spot phishing emails and suspicious links and attachments, and the risks of sharing sensitive information.
Strong access restrictions. Follow least privilege access principles, only granting users access to systems and data they need to do their job. Ensure that systems are protected by strong passwords. Employ multifactor authentication wherever possible.
Multilayered security. A multilayered security strategy combines various security measures, including network, system, device and application protections. It should also incorporate effective data backup as a last line of defense.
Vet your partners’ defenses. Ensure that any third parties accessing your network have certain minimum security controls in place. Find out how they monitor for attacks and if they have an incident response plan.
It’s impossible to secure your systems against all cyberattacks, but the right strategy can help prevent the most common threats. Let us help you implement tools and techniques that minimize the risk of a security breach.