It wasn’t that long ago that “security” meant the armed forces, the police or guards patrolling large business premises. You probably would not have called the army if you had a security problem on site, but you may well have put in a 911 call, either to report a problem or for someone to help deal with a more serious incident.
Today, one of the major risks to businesses and public organizations is cybercrime, where criminals target computer networks in order to steal sensitive commercial information, intercept communications with the aim of exposing individuals engaged in sensitive discussions, or simply preventing an organization from operating by taking over its computers and demanding money to restore networks (ransomware).
It’s the reason why so many businesses now put cybersecurity at the top of their risk lists, especially as the problem appears to be getting worse.
Some major cyber-attacks
In 2017, there have already been a number of serious attacks on computer networks. In May, the United Kingdom’s National Health Service was targeted, creating chaos for staff and patients. Vital medical procedures were delayed and emergency rooms were unable to carry out all the operations required.
Merck, the giant US pharmaceutical company, was targeted a month or so later, as were Russian oil giant Rosnoft, and Maersk, Denmark’s major shipping company. It has been suggested that this attack was to mask a cyber-attack against Ukraine, whose infrastructure was hit very hard, with utilities disrupted, public transport, airports and the central bank all attacked.
There has been much in the media about alleged cyber-attacks from Russia during the recent US presidential election, with thousands of emails stolen from the Democratic Party and Hillary Clinton and publicly released.
Why and how do cyber-attacks occur?
Hackers who mount cyber-attacks may be after information, money or simply want to disrupt the running of an organization. Sometimes motivation is clear and sometimes it isn’t. There are stories of hackers who just wanted to see how far they could penetrate an organization and find out the weak links in its cybersecurity. There are also tales of companies employing people who have hacked them, in order to tighten up their security.
Many cyber-attacks start with an email that seems genuine. A hacker will have researched the organization and constructed a message that appears relevant and credible. The email is likely to have a link, which if clicked, can erase data or give some control of the network to the hacker.
Although email attacks are the most common way of having cybersecurity breached, other methods include browser-based attacks, equipment being taken over, attacks on mobile systems and through infecting USB and other media.
How to minimize the risk of attack
There are a number of ways in which you can protect your company from cyber-attack, with probably the best method being to employ experts to support your organization. The days where the smartest operatives were spotty teenagers operating from their bedroom are gone (which doesn’t mean to say they don’t exist anymore), and there are now many skilled people who understand what is required to ward off attackers.
Many of these will have gotten into the cybersecurity business by getting a degree, often with an online learning course, as provided by Maryville’s cybersecurity degree. Online learning can be especially useful for people who have other commitments and can study in their spare time, developing knowledge and expertise in the field of cybersecurity.
You could hire your own in-house specialist as a permanent security presence or work with a freelance or a specialist company that deals in cybersecurity.
It’s important that all your employees understand the importance of keeping the computer network secure, especially considering that if the company is attacked, it could affect their jobs. High quality training and an insistence on keeping all company information secure, and not discussed outside the business, is essential. Hackers often look for human intelligence to make their job of penetrating a network easier.
In some cases, a hacker might be able to take over a network just by being physically present, so it’s important that there is strong physical security that will make the office more difficult to get into. Employees should also ensure that their mobile electronic equipment is kept secure. Tablets and phones can be easy pickings and networks could then be compromised if they are stolen.
If everyone is aware of the dangers of cyber-attack, your business is less likely to become a target.