CYBER SECURITY | 5 MIN READ
Cyber Security Ventures predicts that a business will fall victim to a ransomware attack every 11 seconds by 2021. When you hear statistics like that, imagining how many people are the victims of a network hack in general quickly becomes overwhelming. With so many daily cyber attack victims it almost seems as if hackers aren't picking targets at all, instead aiming for "spray and pray" methods of sending out mass hack attempts to see which ones stick.
While these methods are still used today, hackers also use increasingly methodical methods of selecting potential victims, especially when they're attempting to hack large businesses. Find out the characteristics that hackers look for in a potential target so you know how to avoid becoming one.
Not enough time? Jump to:
People and businesses with a weak firewall or anti-virus software usually either don't have the money to invest in a robust cyber security infrastructure or they are un-educated about how to build a secure network.
While many people would think that hackers would aim for the rich or for large businesses with deep pockets, hackers don't always think this way. They know that, although potentially less money is to be made in attacking those with a weaker cyber security system, these are easier targets.
One of the sole purposes of social media is to share your life with the world. The downside to this is that, for avid social media users, they might un-intentionally be labeling themselves as a target for hackers.
Those who post personal information such as their children's names, pets' names, interests, and lifestyle are publishing information that hackers can use against them.
Information such as children's names and pets' names are commonly used in passwords, so publishing this information online gives hackers the tools to figure out your passwords and break into your network.
Additionally, if a hacker can use your profile to find out intimate details about your interests and lifestyle, then they know how to craft phishing emails that will grab your attention.
As previously described, hackers love to target those with weaker cyber security because these are easier targets. Unlike large businesses who have the money to install a strong cyber security infrastructure, small businesses usually don't have the budget to do so.
This leaves them vulnerable to hacks. Hackers also know that small businesses probably don't have the money necessary to fight back against a ransomware attack.
This is why they'll attack a small business and make the ransom just low enough to where the business would rather pay the ransom then pay money they don't necessarily have to hire IT support to thwart the attack.
Large businesses are obvious targets to hackers. Their large amount of capital makes them lucrative ransomware targets and their large customer base leaves a lot of private information ripe for the taking.
A hacker could successfully attack a Fortune500 company, for instance, and have enough money to retire from hacking forever. To a hacker, the only downside to targeting large businesses is that they have the money to implement the tightest cyber security available.
According to IBM, the finance and insurance sector has been the most-attacked industry for three years in a row, totaling 19 percent of the cyber attacks and cyber incidents in 2018.
The financial industry attracts hackers because of the type of private information that these institutions tend to hold. Databases full of information such as credit card numbers and social security numbers are commonplace in the industry, and hackers know this.
If a hacker were to gain access to Wells Fargo's network, for instance, they could access enough knowledge to steal the identities of millions of people. Additionally, financial information like credit card numbers can be sold on the dark web for a high price.
The healthcare industry is a lucrative target for a hacker because of all the private health information that its companies tend to store. For instance, a hospital has medical records containing everything from a patient's social security number to their medical history.
Hackers distribute ransomware attacks to hospitals because they know that hospitals will pay to keep access to medical records that are necessary for doing business.
Medical records can also be used for sale on the dark web. Information like social security numbers can be used to steal identities, whereas a patient's medical history can be used to blackmail the patient with threats of publicizing their medical history, which could have intimate details about STD's and mental illness, for instance.
Though hackers use sophisticated methods to break into your network, a few simple tips can help keep you one step ahead of them.
Upgrading your network with the latest firewalls and anti-virus software are great first steps to better protect it. Along with taking these measures, consider changing your approach to safeguarding passwords.
Aim to never write down passwords anywhere unless it's in a secure password-storing program such as LastPass. Additionally, install two-factor authentication on any device or account possible, as this is a newer and more secure method to protect your network.
If you're a business, consider training employees on cyber security best practices, such as how to recognize and avoid phishing schemes. Along with employee training, businesses overwhelmed with the thought of internally managing their IT should consider managed IT services.
Managed IT services can build a comprehensive cyber security plan for your company, ranging from the installation of hardware and software to employee cyber security education courses to constant network surveillance for cyber threats.
4,000 businesses are attacked every day, and this number could just keep growing. Don't wait to step up your cyber security.
Posted by Erica Kastner
Erica Kastner is a lead Content Specialist at Standard Office Systems as well as a University of Georgia graduate. She aims to use her passion for problem-solving to help businesses understand how to better leverage their cyber security infrastructure.