In our highly digitized world, the potential for theft, fraud, and other crimes is often greater through a computer than it is in person. The amount of information and access controlled in the cyber realm, as well as the ability to strike anonymously from anywhere around the globe, means hacking, phishing, and other cybercrimes are increasingly lucrative to criminals.
A couple of years ago, we published a series of blogs on cybersecurity training, covering everything from the significance of the threat to what to do when a threat is discovered. The cyber world hasn’t become any less dangerous since then, so we thought we’d provide a refresher on this perennially important topic.
The Size of the Threat
- The hack of Equifax resulting in the exposure of personal information of 143 million Americans, including Social Security numbers, driver’s license numbers, addresses, names, and birthdays
- The data breach at Uber resulting in hackers gaining access to the personal data of 57 million customers and drivers
- The denial of service attack that caused a massive and sudden drop in value of Bitcoin
Since then, we’ve continued to see a number of high-profile attacks and data breaches impacting organizations, from the medical industry to finance to U.S. Customs and Border Protection.
In addition to the loss of data by hundreds of millions of individuals, such breaches can destroy trust in major organizations, as well as expose them to significant regulatory and legal costs.
Types of Threats
The single greatest cyber threat most organizations face has long originated in spam e-mails. While e-mail service providers have advanced algorithms to identify a great deal of spam e-mails and send them to designated spam folders, a lot still get through. This is often the means by which hackers gain access to user data, passwords, and other sensitive information.
Spam doesn’t just involve tricking individuals out of sensitive data. It can also expose them to malware through clicking links or opening attachments that contain harmful software, which is then spread throughout an organization.
Sometimes, simple carelessness can lead to a data breach. This was the case with First American, a major real estate and title insurance firm, which inadvertently kept nearly 1 billion sensitive financial records on its publicly accessible website going back over 15 years.
A Strong Defense
The first step in preventing cyberattacks is knowing about the common attacks and educating staff. Every organization should stay up to date on ongoing threats and best practices, and that goes for employees at all levels, as well as designated cybersecurity team members.
Organizations like the Federal Bureau of Investigation (FBI) offer resources available to businesses of all sizes, so being too small or not being sophisticated enough to afford a cyber team is no excuse.
Cyber threats might seem like the type of risk that is relevant only to big banks and governments, but cyber criminals target businesses of all sizes, and that’s unlikely to change anytime soon.