A cyber-attack is an attack against a website, computer system or a computer to of the computer hardware, or software, or information stored on it.
Cyber-attacks take many forms, including:
• Plant viruses or malware to a computer system, normally though phishing links or attachments which embedded with the virus. The virus will spread to the entire business network after one of the devices got infected.
• Unauthorized access to a computer system or its data.
• DDoS attack, which causes a huge usage to the network and system that takes down the entire websites.
The most harmful cyber-criminal activity is Ransomware. The amount of ransomware increased dramatically from 2015. And according to the newest research of Bitdefender, ransomware payment in 2017 will hit $2 billion US, which the amount is $1 billion US in 2016 and $24 million in 2015. (check info here https://www.cyberscoop.com/ransomware-2-billion-bitdefender-gpu-encryption/)
According to the research, an average of $1,000 is demanded by the hackers. And the traditional reactive methods are not working because the ransomware attacks are unique in the sheer scale which makes them hard to be recognized and monitored. And in addition, the attacks are mostly occurred in off-business hours.
As a result, when you find out you are being attacked, all your files are already being encrypted. And there will be a certain loss of some data even you have backups – please note the ransomware will encrypt your backup server too and if you don’t have a cloud backup or physical backup which are kept without connection to the network.
So a proactive security approach is the better solution for modern cyber-attacks including ransomware. While being proactive, organizations can reduce the change of being infected which will save many costs, resources and time compared to the reactive approach.
The proactive security approach including:
• Make incident response plan with proper backup solutions, regular testing of backups, monitoring the system, and recovery process after being attacked.
• Educating employees about the phishing and harmful website, which is the major cause of cyber-attacks. The key is not visiting/opening any unknown or suspicious links, attachments or websites. Secondly, beware of the actual sender of an email –the name or company you saw in the sender can be false, which most phishing emails are portended as your bank, PayPal or other online accounts.
• Avoid store important data in local machine, and limit the write access to important files
• Limit the administrative rights to the users
• Patching and updating the OS and popular software including Office, browsers to close the ports and holes which can be used for the attacks.
• Upgrade infrastructure and software if needed, including firewalls, anti-virus, spam filters
NetworkRepairs is experienced in proactive approach and able to help clients have better protection against raising cyber threads. We offer free consultation for your business network. Call us to setup a meeting.