2018 had its fair share of cyber-attacks with well-known brands being hit such as British Airways, Facebook and Google+ as well as nearly 300 attacks on universities. In the months leading up to Christmas it seemed as if it was dying down, however, experts have said 2019 is to be a big year for cyber threats. Cyber-crime is on the rise and small businesses have said to be the target of 65,000 attempted attacks per day.
Interested in finding out about cyber security? Take a look at our FREE White Paper >>
As it stands, cyber-attacks are classed as one of the top threats to organisations causing reputational damage, legal issues and additionally impacting their financial situation. The costs can be immense and time plays a big part in this due to the more days it takes to resolve attack, the more expensive it can get. An IBM study in 2018 highlighted there was a 6.4 increase from the 2017 report and found that the average cost of a data breach globally was $3.86 million, so we can only expect this to rise again in 2019.
Cyber-crime comes in all shapes and sizes, therefore it’s important to know the differences between them so that you can help best protect your business and make sure you have the right security measures in place. Granted you never know whether you’ll be hit but by educating yourself and your employees, you will hopefully be able to prevent one happening.
Technology is advancing and so are hackers. They are becoming more and more sophisticated resulting in the need of organisations to come up with stronger strategies. In this blog I will be going through three different cyber security threats that you can expect to see in 2019 and what you can do to prevent them.
Ransomware
As in 2018, we can expect to see the threat of ransomware impacting the world and unfortunately the threat is only expected to grow. Hank Thomas, CEO of Strategic Cyber Ventures said “Ransomware isn't going away; in fact, we will probably see even more of it targeting consumers in 2019”.
Ransomware is a form of malicious software and usually works by taking over a victim’s computer and denies them access to their data. Attackers often threat to publish the victims data or perpetually block them from it until a ransom is paid, in which they would restore the data.
Since 2012, ransomware scams have grown internationally and are now able to take over mobile phones as well as computers and laptops. Furthermore the attacks are targeting all types of organisations. Small businesses, individuals, government agencies, law enforcement, health care and academic institutions have all been victims in the past and continue to be.
Ransomware doesn’t just appear on a victim’s computer, the victim unintentionally initiates a download of the malicious software. Therefore, when trying to prevent ransomware attacks, the first step is to educate your employees of what to look for to be able to identify a potential attack. Secondly it is important to make sure you back up your files. By doing this it means that even if your computer does become encrypted, you won’t have to pay a ransom to have access to it again. Finally implementing a detection software can play a big part in helping to prevent attacks. This kind of technology can detect ransomware and other malware before it gets into your inbox.
Phishing
Phishing attacks remain a problem as we delve into 2019 and they continue to be popular among cyber-criminals due to the fact it provides them with direct access to the end user.
Phishing is referred to as a type of social engineering attack in order to obtain sensitive information from users such as login credentials and credit card details. Attackers do this by disguising themselves as a trustworthy source to the targeted victim and deceives them into opening an email, instant message or message. The information they gain can often lead to financial loss and identity theft.
There are some ‘red flags’ that you should be aware of when trying to prevent phishing attacks and below I have gone through some questions you should ask yourself when receiving an email, text message or instant message.
- Do I recognise the email address?
- Is the senders address from a suspicious domain?
- Was it received at an unusual time such as 3.00am?
- Does the subject line seem irrelevant and not match the content of the message?
- Is the sender asking you to click on a link or open an attachment where they say you might gain something of value?
These are just a few of many questions you should ask yourself and educate your employees on. In addition to this using spam filters and editing your browser settings are also useful ways to help prevent phishing attacks.
Cryptojacking
An emerging online threat called cryptojacking is also expected to be seen in 2019. Also referred to as malicious cryptomining, it hides on a computer or device and uses the machines resources to ‘mine’ forms of online money known as cryptocurrencies. Cryptocurrencies are digital currencies that exist in the online world and are not issued by any central authority, therefore, some may say it is immune to government interference or manipulation.
Unlike other forms of cyber-crime, cryptojacking has been scarily designed to be completely hidden from the user. They do this similarly to other threats by manipulating users into clicking on links or opening attachments. However, once doing this they completely infect your computer by loading cryptomining codes onto it.
As with phishing there are some red flags that may flare up. These include if your computer begins to slow down or if it is using the cooling fan more than before. With cryptojacking as it is harder to detect once infected, the key is to install comprehensive security measures before you become a victim.
Conclusion
Cyber threats aren’t going to go away and attackers are always advancing so it’s important to have preventions in place. I cannot stress enough how important it is to educate your employees on cyber threats and preventions as human error is the biggest cause of cyber-attacks.
In 2019 we can expect to see a huge advance in threats as well as in cyber-security in general. To name but a few single factor and ‘bad’ passwords are going to soon be non-existent with a rise in multi-factor authentication being the standard as well as a rising threat of Digital Ad Fraud.
Here at entrustIT, security is extremely important to us which is why we decided to obtain and maintain ISO 27001 accreditation. As we go into 2019, let’s all take that step together in trying to prevent cyber-crime.
Interested in finding out more about Cyber Security? Download our FREE White Paper to find out more >>