Cyber ​​risks: what are they and how to protect your business?

Do you know how serious it is to be unprepared to face cyberattacks and the damage that this lack of care can cause to a business? Indeed, cyber risks have increasingly serious consequences , and we can no longer ignore the issue.

Today, security incidents affect companies of all sizes and are frequently reported in the media, causing damage not only financially, but also to the reputation of the companies involved.

Given these security challenges , we will present here the most common cyber risks that your organization needs to protect itself against, and what to do to avoid these attacks.

What are the most common cyber risks? 

In short, cyber risks are criminal attempts to damage, steal, or destroy data , compromising websites, servers, or disrupting entire technology infrastructures.

Attackers aim to exploit system vulnerabilities, and one of the most common ways they do this is by installing code to alter the original data on a computer or server . The result is the theft of information and the loss of access.

Yes, cyber threats can affect any market segment or company size . Therefore, it's necessary to be prepared for all types of scams that can occur, from the simplest to the most sophisticated.

Here we'll talk about the 5 most common ones. See below! 

1. Malware

If you've ever seen an antivirus alert pop up on your screen or accidentally clicked on an email attachment that looked suspicious, you've probably already had a problem with malware. 

Attackers often use malware to infiltrate users' and companies' computers because this method is generally very effective for criminal purposes.

The term Malware refers to various types of harmful files, and once it's on your computer, it can cause several problems, such as:

• Take control of your machine;
• Monitor your actions and keystrokes;
• Silently sending all types of confidential data from your computer or network to the attacker's base.

Attackers use various methods to install malware on your computer, but it relies on the user taking action to complete the installation.

This can be done by clicking on a link to download a file or opening an attachment that may seem harmless , such as a Word document or a PDF that arrives by email. In fact, behind these files, there is a hidden malware installer.

2. Phishing 

When an attacker wants you to install malware or divulge confidential information, they usually resort to phishing tactics to pretend to be someone else and get you to perform an action you wouldn't normally do .

In a phishing attack, an attacker might send you an email that appears to be from someone you trust , such as your boss or a company you do business with.

The email will appear legitimate and have some sense of urgency. Examples include emails stating that "fraudulent activity has been detected on your account." The email will contain an attachment to open or a link to click. Opening the malicious attachment will install malware on your computer.

Because they are related to human curiosity and impulses, phishing attacks can be difficult to stop or detect immediately.

Generally, if you click the link, it may redirect you to a legitimate-looking website that asks you to log in to access an important file. In reality, the page is a trap used to capture your credentials when you try to log in.

To combat phishing attempts, it is essential to understand the importance of verifying email senders, as well as their attachments and links .

3. Ransomware

Ransomware is a form of malware that encrypts data on IT systems after they are infected. The major problem is that it demands a ransom payment to obtain a code to decrypt the infected system , usually to an anonymous address using a virtual currency like Bitcoin.

Many of the significant cybersecurity attacks in recent years have been ransomware attacks. One of the best-known examples was WannaCry, ransomware that emerged in 2017 and paralyzed major public institutions worldwide, primarily in Europe.

4. Reuse of credentials 

Today, it's common for system users to have so many logins and passwords to remember that it becomes tempting to reuse access credentials. 

Therefore, although security best practices recommend that you have unique passwords for all your apps and websites, many people still reuse their passwords.

This is a fact that hackers love. Once they obtain a collection of usernames and passwords from a compromised website or service, they know that if they use those same credentials on other sites, they have a good chance of successfully logging in .

This means that no matter how tempting it is to reuse your email, bank account, or favorite social media credentials, it's possible that one day these systems could be hacked, giving easy access to your email and bank account.

Being aware of the problem and mitigating the risk of this type of attack happening will significantly improve your security posture. 

5. Password attack

A password attack, as the name suggests, happens when an attacker tries to guess or crack a user's password. 

There are many different techniques for doing this, and some involve the very brute force of trial and error.

The most commonly used methods are related to password spraying , which attempts to log in simultaneously on multiple pages, and keylogger attacks , which capture all keystrokes typed by infected users to identify passwords. And, of course, attackers will often try to use phishing techniques to obtain a user's password.

4 cases of companies that suffered cyberattacks

Now that you know the main risks out there, learn about some examples of companies that have fallen victim to cyberattacks and had to bear significant losses. 

Here are 4 cases in which each of these types of attacks was implemented and generated serious problems for different companies and organizations.

1. Fleury Group in 2021

Did you know that reported cyberattacks against Brazilian companies increased by 220% in the first half of 2021 compared to the same period in 2020?

The data was released by the Mz group, which made available the Study with information on Cyber ​​Attacks that occurred in the first half of 2021. This survey was conducted using data collected by the search system on the website of the CVM – Securities and Exchange Commission, an agency regulated by the Ministry of Economy.

Besides the electric power companies, which suffered the most from the attacks, the healthcare sector was the second most affected, with 5 notifications. All of them were made by Grupo Fleury, a medical and laboratory company.

According to the company's statement, the systems became unavailable after attempted external attacks. In June 2021, a notice appeared on the company's website announcing the unavailability of its systems.

2. CMA CGM, the fourth largest container shipping company in the world

A recent example of a malware attack occurred in September 2020 with CMA CGM, the fourth largest container shipping company in the world.

The company suffered a cyberattack that directly impacted its servers, leading to a breach of its key data.

This occurred when malware was used to compromise the company's peripheral systems. The business website remained unavailable for at least two days, and customers were redirected to the company's alternative customer service channels.

3. Ransomware in Brazilian public institutions

In early May 2017, 70 countries had already reported WannaCry attacks. In Brazil, the Public Prosecutor's Office of the State of São Paulo, the TJSP (Court of Justice of São Paulo), the INSS (National Institute of Social Security), and many others also suffered from this attack .

It attacked in the traditional way that ransomware does: it hijacked files on the machines by encrypting them and then demanded money to return the files.

At the time, the attack targeted vulnerable computers running Windows Server 2003 without the latest update package installed.

4. The most devastating cyberattack in history

The cyberattack known as NotPetya , which also occurred in 2017, is known as one of the most devastating in the world.

When compared to WannaCry, there is a clear difference. While WannaCry encrypted access to files, NotPetya completely blocked access to the computer. The machine infected by the virus immediately lost the ability to access the Windows operating system.

While WannaCry prevented public agencies from accessing files containing population registration data, for example, the ransomware used in this attack managed to hide the operating system and prevent the victim from using the machine in any way .

Everything indicates that Russian hackers used the hacked servers of the Ukrainian accounting firm Linkos Group to send this attack code. But it wasn't limited to Ukraine's borders, also affecting large global organizations:

• AP Møller-Maersk, the world's largest shipping company;
• Merck, an American pharmaceutical company;
• TNT Express, the European subsidiary of FedEx;
• Saint-Gobain, a French construction company;
• Mondelez, a food producer;
• Reckitt Benckiser, manufacturer of hygiene, health and nutrition products.

In each of these cases, thousands of computers were wiped, resulting in losses amounting to hundreds of millions of dollars, whether in lost business or cybersecurity costs. 

In total, a White House estimate puts the cost of NotPetya at $10 billion .

How can you tell if your server is secure?

It is vital that companies take all necessary measures to keep their servers, data, network, systems, and users protected against the threat of cyberattacks. 

This means, for example, keeping software up-to-date and using secure processes such as encryption and authentication.

It is therefore necessary to follow good update and security practices to know whether your server is secure or not.  

In addition, there are simple recommendations that can help avoid cyber risks, namely:

• Do not open attachments or click on links in emails received from senders you do not recognize. If you do, inform the IT department immediately so they can ensure that the malware has not been activated and released
• Avoid sending usernames, passwords, dates of birth, financial information, or other personal details in email replies or during phone calls;
• Create strong passwords for all login authentication and avoid using the same password for multiple accounts. 

These are just the basic steps. To have a complete and secure structure against these attacks, it is necessary to resort to specific solutions.

How can you protect yourself from a hacker attack?

As we have seen, the best way to protect your company from various cyber risks is by investing in security practices and understanding the advantages of cybersecurity .

From small practices, such as installing and scanning their systems using reliable antivirus software, backing up company data, and setting stronger passwords, to major changes like migrating to the cloud and having a security service provider, there are several options that companies can choose from.

Here we will detail the main ways to protect your business.

Attack surface management

External Attack Surface Management, also known by the acronym EASM, is an emerging category of cybersecurity. 

It allows organizations to identify risks and vulnerabilities stemming from internet-facing assets within their own infrastructure.

In practice, it is a set of processes, technologies, and services implemented to discover external corporate assets and systems that may have vulnerabilities.

On this topic, Gartner, a world leader in research and consulting, developed the report " Emerging Technologies: Critical Insights for Managing the External Attack Surface".

This report indicates that "EASM should be part of a broader vulnerability and threat management effort, with the goal of discovering and managing internal and external assets, as well as their potential vulnerabilities.".

Source: Emerging Technologies: Critical Insights for External Attack Surface Management – ​​Published 19 March 2021 – By Analyst(s): Ruggero Contu, Elizabeth Kim, Mark Wah. 

Educate your team about data breach protocols

Your employees should be aware of your company's policies regarding data breaches.

Consider restricting access to data based on each role. You should also regularly train employees on how to prepare for a data breach or prevent one in the first place.

By taking the right steps proactively, your company will be better prepared to recover successfully. In the event that something does happen, conduct frequent safety checks to help reduce the likelihood of a similar incident occurring again in the future.

Migrate to the cloud

What companies need today are multi-layered defense architectures that can not only detect and deflect cyberattacks as close to the source as possible, but also scale to prevent large-scale threats. And that's exactly what cloud security solutions offer .

With the use of cloud technology, data is stored on remote servers, managed by your cloud solutions .

To learn how to take this important step and keep cyber risks far away from your operations, discover the solutions that Sky.One can offer. All of them will help your company make this migration and ensure the highest level of security.

Written by Skyone