One of the biggest threats to your business is cybercrime. Cybercrime costs businesses billions of dollars

each year, according to the FBI, which is why it’s so important for your business to understand the threats and take steps to protect your assets in cyberspace.

Cybercriminals Target Small to Medium Businesses

The recent surge of cybercrime has even greater implications for small businesses than it does for large enterprises, simply because the vulnerabilities are more easily exploited by hackers and cybercriminals. The SANS Institute says that small- to medium-sized companies are increasingly becoming targets for cyber attacks, and while some types of attacks can be mitigated within several months, many are preventable with cybersecurity training.

The average cost of downtime for businesses is over $200,000, and that can seriously hinder a company’s bottom line. Even worse, sixty percent of affected businesses go under within six months of being victimized.

While cyber defense is an ongoing process that requires continuous vigilance, having good habits from the beginning will make it far easier to stay ahead of cybercriminals. Cyber security awareness training helps staff identify threats, minimize the risk of attack, and sharpen their ability to respond in the unfortunate event they are targeted by a malicious actor. As employees become more empowered to spot cybersecurity pitfalls, it becomes easier for businesses to protect themselves.

How a Small Business Can Prevent a Cyberattack

If you’re a small business owner, there are a few simple things you can do to make yourself a much less appealing target. A few of the most effective ways to avoid a cyber attack include:

1) Making sure that your staff knows how to recognize phishing attacks

2) Keeping all devices up-to-date on updates and software, such as installing new firewalls and anti-virus programs

3) Ensuring that you have a business continuity plan in place, which can be particularly helpful in the case of ransomware attacks or an attack on your servers

4) Being wary of suspicious emails and following secure cyber security protocols such as two-factor authentication can also help keep small businesses safe online

The Necessity of Cyber Security Training

The main reason cyber security training is a necessity is that today’s cybercriminals are becoming increasingly sophisticated, which means that even well-educated workers can be vulnerable to attacks.

In addition, businesses with an abundance of personal information about clients and employees are prime targets.

From the security perspective, it’s important to make sure everyone in an organization understands cyber defense best practices because they are all potential victims.

If a company fails to take action to protect its workers, that can lead to even bigger issues down the road when outsiders gain access to sensitive data. Without proper protection, hackers who infiltrate corporate systems gain access to huge troves of personal information, which can lead to identity theft and other malicious acts.

Although the prospect of cybercrime is frightening, companies can take proactive measures to band together their staff to fight against hackers. That includes bringing in a cyber security team to help them deal with high-risk threats.

Businesses need to create procedures so if a worker does fall for a scam, they’ll know how to react. For instance, if a business’s social media account falls into the hands of a criminal, they should have an established way to quickly reach out to their cybersecurity professional and regain control of that channel.

What is the Best Way to Train Your Employees?

Companies should consider creating a cyber security procedure manual, but the Cylance survey found employees don’t like reading these types of documents. Therefore, they should spend more time training their staff in person on what to do if they encounter phishing or malware attacks. It’s important for managers to sit down with employees and give them instructions on how to engage in their day-to-day tasks.

Conduct Penetration Testing

Another great way to train employees on how to be more secure is by conducting penetration testing. This is the process of trying to hack into a company’s system and seeing if vulnerabilities are present. If hackers can successfully infiltrate, they’ll expose weaknesses that need to be patched.

Penetration testing will provide peace of mind for business owners since their systems will have been tested, and they’ll know what needs to be strengthened.

Use Multi-Factor Authentication

It’s important for employees to utilize multi-factor authentication when accessing their company accounts. While it may seem like a hassle, the extra step will leave them more secure than they’d be otherwise. Even if someone manages to get access to an employee account, they still wouldn’t be able to access others because of the authentication. It’s also a good idea for business owners with personal accounts to use multi-factor authentication there as well, so they don’t have to worry about unauthorized use.

Be Aware of Phishing Attacks

Whenever possible, service providers should be contacted through their official domain and no other. Hackers are increasingly setting up fraudulent sites that look like the real thing to get people to enter their information or click on malicious links. If there’s ever any doubt about which site is the correct one, the URL should be referenced to see if it matches up with what would be expected. Even if a business owner thinks they’re being careful, they could still fall victim to phishing attacks if they try to access a site and it’s been changed without them knowing.

Staying Aware in Cyberspace

Every business has a target on its back, whether they’re large or small. Cybersecurity is one of the most important issues that companies will face in the 21st century. In addition to training employees, it’s essential to have a cyber insurance policy in place in case something does go wrong.

The post Why Cybersecurity Training is Non-Negotiable for Business Owners appeared first on SiteProNews.

The biggest supply chain attack of the 21st century occurred earlier this year when IT management company SolarWinds had its update server hacked and compromised by nation-state actors. The scope and impact of the data breach are still being uncovered as more than 18,000 SolarWinds customers attempt to patch and recover from the tainted update. As security experts try to repair the damages of months of undetected data extraction, companies must try to learn from the fallout as they prepare for similar supply chain attacks down the road.

Why the SolarWinds Breach is so Impactful

All of this starts with a password. In 2019, a SolarWinds password, ‘solarwinds123’, was leaked onto the public internet by an independent security researcher. According to a recent CNN report, this password was used to protect the SolarWinds file server. CNN also reports that current and former top executives are blaming a company intern for the password’s leak and the company’s recent cybersecurity scandal. Regardless of who is to blame, a password of that strength should not be used to safeguard the company hired to secure defense department emails. This is the sentiment that Republican Senator Katie Porter expressed to CNN during the fallout.

Using the password in question, Russian hackers were able to access the update server for SolarWinds’ Orion software, an “infrastructure monitoring and management” tool. The access and permissions required by Orion made it the perfect launching point for cyber criminals to invade the systems of SolarWinds customers. In accessing the Orion update server, the threat actors inserted a malicious code that every Orion owner would download during the next update. Once enough users had downloaded the update, the nation-state attackers were able to leverage all the tools and credentials that Orion had. And because the malware was integrated into the Orion code, malicious activity was that much harder to detect. As a result, the hackers were able to skim, monitor, and extract information for months prior to detection.

Putting the Fallout into Perspective

The most devastating part of supply chain attacks like the SolarWinds breach is that IT leaders do not have visibility over many of the systems, applications, and tools used by third-party vendors. 

The Guardian reported that the initial data breach happened as early as March 2020 before its eventual discovery in December. This means that Russian hackers had unauthorized access to the systems of enterprises and U.S. government agencies, such as the Department of Homeland Security, for more than half a year. Even if SolarWinds customers are able to update their Orion software and extract the existing malware, IT leaders may never fully know the degree to which their assets were compromised. Even if only a quarter of the 18,000 SolarWinds customers were attacked, the number of contacts, files, and sensitive information they extracted could have dramatic consequences if they are used in a future attack.

What makes the Solarwinds hack particularly concerning is not the number of affected customers, but the types of customers that were affected. Facebook recently had over 530 million of their users’ personal information leaked onto the Internet following a 2019 data breach. While 18,000 is significantly smaller, the size and scale of the organizations that were hit may affect an equally large number of individuals. Most of the clients affected by the Solarwinds breach were not disclosed, but many Orion owners include Fortune 500 companies across North America, Europe, Asia, and the Middle East. NPR cited SolarWinds’ recent findings, which estimated that about 100 companies and a dozen government agencies were successfully compromised. Of the notable SolarWinds clients, Microsoft, Intel, Cisco, the U.S. Treasury, Justice, and Energy departments, and the Pentagon were also compromised in the attack.

What Have Security Experts Learnt From the Attack

Who protects the cybersecurity team? This is the question that many IT leaders were forced to ask when one of their own network monitoring tools was compromised and used against them. Due to the size and complexity of modern corporations, IT executives must utilize systems and technologies that support widespread surveillance and threat detection. Unfortunately, what the SolarWinds hack has revealed is that even these security tools are susceptible to attacks. Not only do security experts need to monitor their company networks, servers, and IoTs, they must also regularly inspect their monitoring systems.

What supply chain attacks like this highlight is the need for 360-degree cybersecurity. This means having a digital and physical security program that mitigates the attack risk against every possible entry point.

The post What the SolarWinds Hack Means for the Future of Cybersecurity appeared first on SiteProNews.

All of the about 200 institutions impacted were connected to the Belgian’s ISP Belnet network. These institutions either completely or partially lost their Internet connections. 

Belnet took control of the situation and had things under control by the same evening. However, some customers remained unable to connect to certain websites and online services. Fortunately, the cybercriminals did not infiltrate the network, as it appears they only succeeded in saturating and disrupting network traffic. 

The target of the attack was the network of the Belgian government, according to CEO of Secutec Geert Baudewijns, whose company provides security services for the Belgian government.

The number of DDoS attacks has been continuously rising in recent years. The scale of this particular event raises many questions for Belgium’s government and the EU as a whole. Are governments more vulnerable than ever to cyber attacks? And what can they do to increase their protection?

Before answering these questions, let’s examine the type of attack conducted by the unknown perpetrators—and what kind of damage they could have done.

What is a DDoS Attack?

A distributed denial-of-service (DDoS) is a class of denial-of-service attack that involves multiple compromised hosts working together to flood the victim site with large amounts of data. DDoS attacks are often done to a server or service, but can also be done at an individual level to a specific target.

This traffic flood aims to crash or slow down a website or network to make it impossible to use. An attack on a business can be described as an attempt to overwhelm the network with excessive requests, putting the systems of the business under a heavy load, thus shutting the business down or slowing it down to a halt.

DDoS attacks are often mistaken as DoS attacks. DDoS attacks occur when a large group of computers, usually located in different parts of the world, work together to flood a specific target with data or requests and take it offline. On the other hand, a DoS attack occurs when a single target is targeted with a concentrated amount of requests and data and taken offline.

In the case of this particular DDoS attack against Belgium, traffic flow that flooded the networks came from about 29 countries. The original source’s location has not yet been determined.

What is the Goal of a DDoS attack?

The goal behind a DDoS attack is to prevent legitimate users from accessing the resource or service. The attack causes the target to become unreachable, denying access to users, services, or applications. A successful DDoS attack can take a website offline for a long period of time, whether for minutes, hours, or days. 

Public institutions like banks, hospitals, and universities have had their websites disrupted as public services. And, for those institutions, the consequences can be disastrous. For example, peak-time DDoS attacks can cost organizations more than $100,000 or more an hour. 

Protecting Institutions from DDoS Attacks

To circle back to the original two questions: are governments more vulnerable than ever to cyber attacks? And what can they do to increase their protection?

In short, yes—governments are more at risk of being targeted for cyber attacks, including DDoS attacks. Unfortunately, cyber attacks are a weapon of war that is increasingly used in the digital world. These attacks can range from petty vandalism to high-profile hacks that can take down entire websites. Governments are especially susceptible to cyberattacks because they hold highly sensitive personal and corporate information.

While there has been mounting concern over the security of governments and their critical infrastructure, it is important to remember that there is no silver bullet for cybersecurity defences. Governments have different processes for protecting their computer systems, and there are always unknown risks. The best defence is often a layered approach that combines technical, legal, and economic factors.

Working With Cyber Security Professionals

As organizations increasingly rely on Internet-connected devices, and are increasingly connected to the Internet, the likelihood of a DDoS attack is only going to increase. For these reasons, many organizations have begun looking for ways to harden their DDoS defenses against future attacks.

A solution is for large corporations and governments to continue working with cybersecurity professionals to ensure the utmost protection. Cybersecurity consultants are as varied as the tasks they tackle. They may be generalists, tackling a wide array of tasks for their clients, or specialists focused on a particular area of expertise. 

So, why work with a cybersecurity consultant agency? A cybersecurity team is someone who takes a proactive stance to protect an organization from the ever-increasing threat of cybersecurity risk. It is an investment in the future of your organization and the safety of your employees and customers. A cybersecurity team protects your organization by:

• Protecting the IT infrastructure and networks from cyber threats, which can range from the most sophisticated malware and viruses to low-level attacks on individual computers and networks.
• Providing the technical and legal expertise to identify threats and mitigate them. 
• Performing compliance and testing activities to ensure that your organization is operating at a high level of security.
• Offering ongoing support and training on policies and procedures to make sure your organization is managing its security duties efficiently.

There’s no doubt that cyber attacks and governments’ ability to respond have become topics of great discussion in the past several years, with many government entities having been hit hard by cyber attacks. And with that, we can’t help but wonder how the future of cyber attacks will drastically change. While some believe that the government will only get more powerful and better at responding to cyber attacks, others think that the government will get more conservative and less invasive.

The post Belgium: The Latest Government to Be Halted by a DDoS Attack appeared first on SiteProNews.