Learning how to ensure online safety is crucial. 98% of businesses have experienced some form of cyber-attack, while 52% of businesses say that they have experienced a cyber-attack in 2016 and did not make any changes to their cybersecurity efforts in 2017 (Cyber Attack Statistics: Majority of Victims Aren’t Changing Their Security in 2017 – 2016 – Barkley Blog).
Though no two cyber-attacks are identical, they all share similar characteristics. By understanding the main types of cyber-attacks, you will have a general idea of what your business and employees should be on the lookout for when spotting suspicious online activity, as well as how to correctly respond to an attack.
Here are the 6 main types of cyber-attacks:
- Malware – Malware is a software that secretly accesses a device without the user’s knowledge. Malware can infect your device in many different ways, including: downloading software that may be secretly infested with malware, clicking on links or pop-up windows that cause malware to start downloading, opening email attachments that contain malware, or visiting a site that is contaminated with malware.
- Phishing – Phishing relies heavily on social media, text messaging, and email communication. Cyber-criminals use emails and social media websites like LinkedIn, Facebook, and Twitter to find information about victims and use it to create a message tailored to the individual to trick them into divulging personal and financial information. Phishing emails and websites can also include a link that directs the user to a site that steals a user’s information.
- Password Attacks – A password attack is when a hacker tries to gain access to a user’s account by guessing the password. Hackers have programs that use different methods to try to obtain access to accounts.
- Ransomware – Ransomware is a branch off of malware where your computer or device is locked until you pay a sum of money (ex: WannaCry in 2017). It is not encouraged to pay the ransom, as there is no guarantee that your files will be unlocked after the payment is made.
- Drive-By Downloads – A drive-by download happens when a malicious program is downloaded to an individual’s computer or other device by simply visiting the infected website. This type of attack involves no human error and the best way to prevent yourself from becoming a victim of a drive-by download is to ensure that all of your security programs stay updated.
- Malvertising – Malvertising is another form of malware. Hackers upload infected ads to websites and, once a user clicks on the website, the malware automatically begins downloading to the device. Any website can fall victim to malvertising, which is why it is important to make sure that the site or advertisement appears to be secure prior to clicking.
Now, here’s how you can prevent these types of attacks:
- Password protect your network
- Do not save your password in web browsers
- Creative passwords that are difficult to guess (use numbers, letters, and special characters)
- Keep your security programs updated
- Be careful where you click – pop-up windows, social media articles, and ads are hotspots for malware and phishing
- Check for poor spelling and grammar mistakes as well as a misleading domain name
- Do not send your personal information to anyone unless you are 100% sure it’s legitimate
While it is quite difficult to eliminate all cyber-attacks, having a comprehensive and actionable business continuity plan is crucial in mitigating risks and facilitating a speedy response and recovery. Your organization needs a way to easily manage and update plans and programs. Preparis’ all-in-one approach to business continuity, cybersecurity, and emergency notification ensures your organization in prepared for any disruptive incident. Click here for more information.