Cyberattacks are on the rise, and for many businesses, it’s no longer a question of if, but when, you might be the victim of a data breach.
Cyberattacks are on the rise, and for many businesses, it’s no longer a question of if, but when, you might be the victim of a data breach.
No matter the size of your business, if you or your customer’s data is exposed, recovering from the aftermath can be incredibly difficult — and quite expensive! The damage can range from lost data to blocked access on certain sites to skyrocketing insurance rates.
Keep reading for our advice on what to do before and after a cyberattack.
What is a cyberattack?
A cyberattack is any unwelcome attempt to disrupt, disable or destroy electronic data via unauthorized access to computer systems. Cyberattacks can target individuals, companies or even governments, and while hackers are often after economic gain (through access to personal/financial data), experts are increasingly seeing attacks focused on data destruction and/or political activism.
There are many types of cyberattacks, including:
- Malware (includes spyware, viruses, trojans, worms, ransomware)
- Phishing
- MitM (Man-in-the-Middle) Attacks
- DOS (Denial-of-Service) Attacks
- SQL Injections
- Zero-day Exploit
- Password Attack
- Cross-site Scripting
- Rootkits
- IoT (Internet of Things) Attacks
Each of these attacks zeroes in on a different vulnerability in your system. Fortunately, adopting some cybersecurity best practices and maintaining basic IT hygiene can go a long way in mitigating these attacks.
Protecting your data
It’s imperative that you develop strong cybersecurity habits for your organization, based on the risk profile of your industry. Many companies acknowledge the incredible damage that a cyberattack could cause, but choose to ignore the possibility of such an attack happening to them, opting instead to accept the risk of not taking the proper precautions due to perceived cost or complexity. Here are a few simple things you can do to protect your data (and the data of your customers and employees):
- Keep your security software, web browser and operating system up to date, which will ensure any security holes stay patched.
- Secure your files using a combination of external hard drives, flash drives, backup services and cloud storage.
- Use multifactor (MFA) identification, which can quickly alert you to any malicious login attempts. This added security step should be turned on as the organization-wide default. While tools like Duo (a Cisco product) and the location-based Impossible Travel (available in Microsoft Office 365) can create some friction for end-users, these tools provide excellent security during the log-in process.
- Secure your router by changing the password to something cybercriminals can’t guess.
Use strong encryption (ie. WPA2 or WPA3), which protects information sent over your network. - Instead of forcing users to create more complex passwords, ask them to create longer ones to improve password security. We encourage the use of passphrases with a maximum password field length of 64 characters.
- Implement a Password Manager to ensure that you use unique passwords for each application you access. This makes it easy to never reuse a password to mitigate widespread breaches.
- Monitor your accounts regularly and alert your tech provider of anything that looks suspicious or out of the ordinary.
- Stay current on news involving cyberattacks and data breaches. Be sure to sign up for our ATB Technologies email list to receive alerts.
Navigating a cyberattack
While it’s important to be proactive and take steps to protect your business from cyberattack, hackers are getting smarter and smarter. In fact, a recent study found that cybercriminals can penetrate 93% of company networks.
If a breach has been discovered, it’s important to react quickly in order to recover with minimal damage. Once you’ve confirmed the breach and determined that your data has been compromised, it’s important to find out exactly what type of data was affected. This information will inform your next steps, which might include monitoring your account for unauthorized activity, changing your login credentials/passwords or freezing impacting accounts.
No matter what, you’ll want to make sure that your customers and employees stay top of mind throughout your response. How you notify them about the breach and explain the actions you’re taking to resecure their sensitive information will play a crucial role in minimizing distress, rebuilding brand trust and protecting your business’ reputation.
Keep your business safe with cutting-edge cybersecurity from a team that will never let you down. Contact ATB Technologies for a free consultation to discuss your current technologies, pain points and IT support needs.