Dom Cobb, the main character of Christopher Nolan’s movie “Inception”, released in 2010, has a few monologues about ideas. For Dom, ideas are the most powerful force in the universe. And he compares them to viruses:” Resilient…highly contagious”. 

And here’s the trick : in contrast to brand image, engineered from scratch by an organisation itself, the reputation is built by the “others” stakeholders, both inside and outside the company. 

In other words, public opinion crafts your company’s reputation. And remember,  people are buying trust, not products or services. 

What happens when cybersecurity joins reputation costs. 

In a digitalized and interdependent world, the upsurge in cyber attacks and data breach have put many companies in the spotlight.  

And although the attacked organisations present themselves as “victims” of the cybercrime, in the eyes of their shareholders, partners, employees and public opinion, these organisations have failed on their duty to properly protect their assets and data.

If the exogenous or endogenous factors that trigger a crisis situation are multiple, security and data breach are now on the Board’s agenda. 

Thus the 4 major risks feared by companies are : 

• Financial risk and cash flow control
• Customer/employees personal data risk and legal consequences
• Risk of business/operations interruption
• Reputation risk

These major risks feed into each other. 

A Forbes Insights Report, in collaboration with IBM, indicated that almost half of all organisations, 46 percent, experienced reputation and brand damage due to a security breach. Additionally, 19 percent had suffered from reputational damage, caused by third-party security breach or IT system failure.

And the financial impact by cost category is the following : 

• 29 % Reputation and brand damage
• 21 %  Lost of productivity 
• 19% Lost revenue 
• 12 % Forensics
• 10% Technical support
• 8% Compliance/regulatory 

But if the worst arrives, cyberattacks and ransomware is more than that. 

It is still difficult to model financially immaterial costs like the loss of credibility, loss of clients confidence, loss of trust among employees and partners.

Only companies that have undergone major cyber attacks can testify to the damage suffered in the medium and long term. 

So how to avoid making the headlines and reduce costs if it happens ?

Especially when ideas are ” Resilient…highly contagious”. 

A company undergoing a cyber attack has 3 deadly enemies: 

• The lack of time 
• The lack of internal coordination
• The lack of technical and professional knowledge 

And 3 friends: 

• Cybersecurity culture, beyond awareness
• Business centric crises process and response plans
• Top technologies and trained teams

In the PPT Framework – People Process Technology- the most valuable assets in a company are people, especially because they are making things happen. 

Employees manipulate more sensitive data than ever before. 

After the 2020 study co-published with Professor Jeff Hancock from  Stanford University , “Understand the mistakes that compromise your company’s security”, security company Tessian review in 2022  their first figures, after the pandemic era : 

• Phishing email : 52% clicked because it looked as though it had come from a senior executive at the company, unlike 41% in 2020;
• Lost of a customer or a client due to an employee sending an email to the wrong person:  29% in 2022, up compared to 20% in 2020;
• Scam via text message : 56% of employees have received a scam via text message, and 32% complied with the request in the scam messages

Education and tailored cyber awareness plans reduce the incidents, protect the reputation and transforme the employees into genuine human firewalls. 

But if an unexpected occurs and the crisis is triggered, corporate and operational communication should be considered business as usual. Proactive and informative communication delivered on time is the key to take appropriate response.

And if you still have doubts about the price of reputation, just ask Snapshot, who still remembers this 2018 tweet from Kylie Jenner causing in a few hours  a sharp drop of 6 percent in the stock market price, the equivalent of $1.3 billion. 

Contact us to help you to reduce your cyber risks and protect your business. 

Ideas are ” Resilient…highly contagious”. Some of them are valuable, and this might be good for business. 

To better understand what ChatGPT is, it is important to understand what a chatbot is. A chatbot is a computer program that simulates a human conversation to assist in communication and service with a customer through artificial intelligence. The software mimics this human response from voice or text commands, reducing the need for human action.

In 2022, OpenAI launched ChatGPT, created to interact through conversation, allowing for answering follow-up questions, admitting mistakes, challenging incorrect premises, and rejecting inappropriate requests.

Cybersecurity risks associated with ChatGPT

Although the emergence of chatbot technology has proven beneficial, there are still many skeptics, and for good reason. It is not by chance that several education entities in the US and Europe have blocked access to ChatGPT, fearing negative impacts on student learning and the accuracy of produced content.

Misinformation has been a constant concern for the ChatGPT program, which learns only from existing human data on the internet – which is far from a reliable source most of the time.

However, the most crucial aspect to consider is the threat to cybersecurity that the advanced Chatbot has suddenly created. This is a dangerously strong AI that can pose a significant cybersecurity risk and should be taken seriously. A clear example was the attempt to create a phishing email, in which ChatGPT initially mentions that such content may violate its content policy, but after more instructions, ends up creating a possible phishing email. The same goes for the apparent ability to help cybercriminals write malicious code.

ChatGPT security risks

In general, we can say that the main security risks with the use of ChatGPT are as follows:

• Malware

Malware usually has a very short life cycle: a cybercriminal creates it, infects some devices, and then operating systems send an update that protects devices from this specific malware. Additionally, technology sites warn about emerging malware threats, and the threat potency is quickly neutralized. However, ChatGPT is capable of writing numerous malicious codes, potentially significantly increasing malware attack rates.

While a human would have to take a break to eat and sleep, artificial intelligence can do so non-stop. Cybercriminals could turn a malware operation into a 24-hour digital crime machine.

• Phishing

Phishing attacks, usually known for having grammar and spelling errors, are improving message quality with AI. ChatGPT also understands tone commands, so cybercriminals can increase the urgency character in messages that demand immediate payment or responses with passwords.

• Fake profiles

Catfish, or people who create false online personas to attract others into relationships, are using AI for fraud. Like malware creators, cybercriminals can now do the same to accelerate simultaneous profile creations. ChatGPT can change the tone of messages, a support for criminals, allowing for creating statements that can convince someone to hand over personal identification information for money transfers.

• How to prevent ChatGPT frauds

With the increasing popularity of ChatGPT, it is important to be even more vigilant and we would like to remind you of some tips to keep your data protected from threat agents who try to take advantage of technology.

• Stay informed

This may seem like a very basic tool, but training and the ability to recognize a cyber attack or malware before allowing it to enter your network is potentially the only thing between you and a threat agent. Being suspicious of suspicious emails and links will greatly help in protecting your information. There are some indicators of a message written by AI – short phrases and reuse of words. In addition, Artificial Intelligence can create content that says a lot without forming an opinion.

• Use a secure password

Another very basic security tip that is often overlooked, although it is usually the first line of defense against data theft. Make sure that the chosen password is complex and difficult to guess.

• Activate two-factor authentication

Most networks already have two-factor authentication features that ensure unique factors are used to verify a user’s identity before granting access. This provides an extra layer of security to your network to prevent breaches.

• Install antivirus software

Antivirus software protects the network against malware, phishing attacks and most other cyber threats.

• Monitor your accounts

Being aware of activities in your bank account and network helps you quickly detect suspicious behavior and act immediately to reduce the risk of further damage to the network or account.

• Keep software up to date

The operating system needs to always be at peak performance to provide adequate protection for the network. Make sure that the latest updates are installed on devices to mitigate security flaws and bugs found in previous versions.

While reading the email, you receive a call, you answer it, and you hear your supervisor saying that he just sent you an email, but wanted to call first to make sure you have received his request. At that point you recognise the voice and it is familiar to you when it says, “Can you get on it as soon as possible?”

This request could be for a financial transfer of funds, restricted access to some part of your network or any other significant request that would motivate a highly skilled cybercriminal.

These actual cases have been going on since 2019, and the quality of the fake voices has improved significantly over the last four years.

This case is just one example of how cybercriminals are improving their performance by compromising systems and people with new AI technology.

There are several ways in which attackers are currently using artificial intelligence (AI) in cyber-attacks.

Deepfake attacks

Deepfake technology can create fake videos or audio recordings that are difficult to distinguish from the real thing. Attackers can use deepfakes to impersonate someone in a phishing attack. Cybercriminals use these types of attacks to gather information or trick people into performing harmful actions.

AI phishing attacks

Cybercriminals use AI to create more sophisticated and difficult to detect phishing attacks. For example, they can use AI to generate convincing fake emails or websites that look legitimate. AI can clone any website in a matter of seconds and customise it, based on the original, to give the impression of real access to an internal resource.

Denial of service (DoS) attacks

AI also has the potential to enable launching more sophisticated and powerful distributed denial of service (DDoS) attacks, in which multiple systems are used to flood a target with traffic.

AI-powered ransomware

Cybercriminals can use AI, not only in distinct ransomware attacks, but also combine them simultaneously. Hackers can identify individuals or entire organisations to target. AI can track email addresses and create highly personalised dynamic emails designed to bypass countermeasures. After an AI-powered ransomware attack, cybercriminals gain access to the system. AI allows them to eventually quickly diagnose weaknesses to escalate the attack.

Advanced persistent threats

AI can be used to conduct advanced persistent threats (APTs), in which an attacker establishes a long-term presence on a network to steal confidential information.

Data processing giant

Cybercriminals can use machine learning algorithms to analyse large amounts of data to identify patterns and trends that are not immediately obvious to humans.

Wrap up

To defend against these threats that are increasingly sophisticated and creative, we remind you of the good practices in cybersecurity that we call SOUP-D:

S of “Safeguard”

Save important information in backups that will allow you to recover it later.

O of “Origin”

Always ask yourself what the origin of a certain contact is, especially in digital media. Preferably do not act immediately and confirm through other original sources.

U of “Update”

It is also important to install the updates for your devices, as well as those for your antivirus, as you will have less risk of vulnerabilities.

P for “Password”

It is crucial to define your passwords. These are the predominant access key in technologies and with them the multi-factor authentication (MFA).

D of “Do not trust”

Always be suspicious of approaches, in particular those involving sensitive data or operations, and always seek to confirm, preferably using a route other than that of the initial contact.

For that purpose, the attacker uses an electronic means to send content that allows him, for example, to simulate a real brand, pretending to be someone trustworthy in an attempt to get the victim to pass sensitive information or to perform something, in this case using malicious attachments. When this technique is used through SMS it is called smishing. By phone (voice) it is called vishing. This technique can also be used through instant messaging on social networking applications such as WhatsApp.

Knowing what methods cybercriminals use and how to identify them can help you avoid becoming a victim.

What is Phishing?

Phishing is a method of cyber-attack that attempts to trick victims into clicking on fraudulent links sent via email. The link usually leads the victim to a seemingly legitimate form that requests sensitive information or leads to the download of some file containing malicious functionality.

A classic example is receiving an email informing you that your bank account has been blocked and asking you to click on a link to regain access. In fact, that link will lead to a fraudulent form that simply collects your information and from there they can access your account and steal your money.

Know more about Phishing attacks.

What is Smishing?

Smishing is a type of fraud similar to phishing, except it comes in the form of a text message. A smishing text usually contains a fraudulent link. By following the link and the instructions provided, the victim ends up inadvertently installing malware, which will usually serve to facilitate the attacker in obtaining illicit financial gain over the victim.

These smishing text messages may look like urgent requests sent from a bank or parcel delivery service, for example. It can be easy to fall for this scam if you think you need to act quickly to solve an urgent problem and do not take steps to verify the veracity of the message.

What is Vishing?

Fraudulent calls or voice messages fall under the category of “vishing”. Cybercriminals call potential victims, often using pre-recorded robocalls, pretending to be a legitimate company to request personal information from a victim.

For example, to confirm your details with your Bank or to extend your car insurance cover. If you answer you may be served by a supposed agent and may be asked to provide personal information.

How to prevent Phishing, Smishing and Vishing attacks

To avoid becoming a victim of phishing, smishing or vishing, there are a few rules you should follow. These can directly protect you from fraud and reduce the likelihood of being targeted.

• Do not click on attachments or links in emails, unsolicited messages or suspicious SMS
• When you are contacted, confirm the veracity of the originating email address, profile or phone number
• Always assess the timeliness, or timing, of the content of emails, instant messages, SMS or phone calls
• Do not share personal data or follow instructions without verifying from other sources the veracity of the request – for example, from the Bank’s account manager or a line manager
• Be wary of messages with formal language errors, but also do not trust all messages just because they do not have formal language errors
• In organisations, carry out simulated phishing and smishing attacks, and possibly vishing, in order to raise awareness and levels of attention to these means
• Do not share sensitive data on social networks, as this may provide information to possible attackers who want to carry out spear phishing (phishing aimed at a specific person)
• Report to the organisation’s IT security officers or to the authorities whenever you are the target or victim of such an attack
• Be attentive and do not allow yourself to be persuaded without reflection by authoritarian requests, promises or urgent requests

1. Phishing fraud

Phishing remains one of the most common types of fraud attempts, with cybercriminals using clickbait to lure victims into clicking on a malicious download.

This is how a phishing scam usually unfolds:

• The cybercriminal sends you an email that appears to be from a legitimate source, such as a bank, social networking site or online shop
• This way you are tricked into clicking on a malicious download or a fraudulent link
• The cybercriminal installs malware and/or uses your credentials to steal your confidential data

The common warning signs of a phishing email to look out for are as follows:

• Spelling mistakes and poor grammar
• Text with fanciful messages of offers and extraordinary gains
• Email texts with threats of financial or legal consequences
• Entity logos with dubious image
• Email address from suspicious sources

2. Ransomware

Another common type of online fraud is ransomware. In this type of attack, cybercriminals threaten to publish the victim’s personal data or permanently block access to it unless a ransom is paid. To avoid ransomware, back up your data and regularly update your antivirus software to alert you to possible attack attempts.

Get to know how can organizations arm themselves against Ransomware attacks.

3. Scareware

Scareware is a form of malware that uses social engineering to cause shock, anxiety or the perception of a threat in order to manipulate users into purchasing unwanted software. This software is fake and used to install malware that can steal confidential information.

The warning signs of scareware to watch out for are:

• The software immediately notifies you that it is scanning your computer for viruses
• Pop-up is difficult to close
• The pop-up wants you to act quickly
• Never heard of the software company

To avoid scareware, make sure you don’t click on unexpected malware notifications.

4. Emergency situation simulation frauds

In these scams, a cybercriminal presents himself as a family member in an emergency situation who needs money immediately for some urgent situation – leaving a foreign country, paying a hospital bill, buying a new mobile phone. The COVID-19 pandemic has made it even easier to sell convincing lies: “I’m in hospital with COVID. Please send money immediately.”

To avoid this type of fraud:

• Resist the urge to act immediately. Cybercriminals appeal to sentiment and trust you to respond quickly – before you have a chance to think things through
• Check the identity of the contact. Ask questions that a stranger would not know the answer to. Confirm the story with other family members or friends, even if (or especially if) the caller says to keep it secret
• Never send cash, gift vouchers or money transfers

5. Fake online shopping sites

Cybercriminals can also create and publish fake online shopping sites that look genuine or replicate existing branded sites.

A common sign of a fake shopping site is if excessive offers appear in the shop, finding popular brands and selling them for extremely low prices. These sites usually have URLs similar to the brands they are trying to imitate, such as “Amaz0n.net”. Cybercriminals use these strategies to induce the purchase of counterfeit products and record bank information at the time of purchase to use on their own.

Formjacking is another fraud technique. This one happens when a legitimate online selling website is hacked and shoppers are redirected to a fraudulent payment page, where the cybercriminal steals their personal and credit card information. To avoid this scam, make sure the URL on the payment page is the same as the site you were shopping on. Cybercriminals may change the URL slightly, perhaps adding or omitting a single letter. Check the URL before you enter your payment details.

Warning signs of fake shopping sites include:

• A redirect that leads to a page with “http://” in the URL
• Excessively low prices
• No information about the origin of the site, no or very limited contact information and questionable reviews

Conclusion

It is safe to assume that if someone asks you for banking or personal information, they are trying to trick you. Therefore, you should never provide personal information to anyone on the Internet who contacts you directly. If you need to make a financial transaction online, make sure you do so on a secure server and through a trusted website.

If you believe you have been scammed, immediately change all your passwords, delete any malicious software you may have downloaded, and contact your bank if there is a possibility of fraud using your credit card. Contact your local law enforcement to report the fraud and get help with the next steps.

Every year, technology evolves and shapes the way we conduct business, manage tasks and store data. The digital environment and opportunities for attacks are constantly changing. Thus, it is important to be aware of technological trends, especially regarding cybersecurity, which currently have significant importance in management and business continuity. The prevention and defence of cybersecurity is intrinsically related to identifying trends, technologies and factors of potential threats. Based on these premises we highlighted those that we consider to be the trends for 2023.

The impact of Artificial Intelligence (AI)

Artificial Intelligence will continue to have a significant impact on the cybersecurity environment, taking on an important role in businesses, creating real-time solutions faster than a human. AI can perform various security-related tasks, including data analysis and machine learning.
AI can also be used by cybercriminals. In cybersecurity, incorporating automated AI-based solutions is a necessity at this time to save resources and for being more reliable against automated attacks.
Deepfake videos are popular on social media, and cybercriminals, knowing this, use them to manipulate information, destroy credibility and pose as reliable sources. According to experts, deepfake technology is currently the most worrying in the use of artificial intelligence, as it can have significant effects on terrorism and cybercrime.
It is estimated that more cybersecurity themes will be made available with AI systems, year after year.

Global Events

Global turbulence or politically volatile events can trigger serious cybersecurity risks. Moreover, events with potential international impact often set trends to shape action and response in the sphere of information technology and cybersecurity. As a prime example, the COVID-19 pandemic created a fertile ground for cybercriminals and malware groups to develop virus-based threat campaigns and misinformation around treatment, such as vaccines. Whenever important issues arise, these provide ammunition to lead phishing, malware and other cyberattacks.
This is also why organisations had to adapt and set new security policies during the pandemic for their employees. Basic
precautions included the use of dedicated devices, reserved access and guidance to employees on security. Today we are noticing an adoption of hybrid working, where possible, in organisations. Now that the pandemic is coming to an end, 2023 will show whether any of the precautions taken in these years will make a difference.

Security in the Cloud

As organisations migrate to the cloud, it is inevitable that cybersecurity will develop specific solutions. And the trend is for migration by entities to increase. It can be said that the cloud will continue to be a key component both for its business application and for ensuring business continuity. Today, the cloud is leading in ransomware protection, primarily due to its backup functionality and ability to build infrastructure quickly.

In recent years, there have been major developments in cloud security, one of which is the Zero Trust cloud security architecture. Zero Trust is a security framework that requires all users, on or off the organisation’s network, to be authenticated, authorised and continuously validated before receiving or maintaining access to applications and data.

Internet of Things

The common usage of IoT creates an attractive attack base for cybercriminals. According to Insider Intelligence, there will likely be 64 billion IoT devices deployed worldwide in the next five years. An organisation’s opportunity for attack grows as more devices are connected to the internet.

Computers or smartphones have better security precautions compared to other IoT devices. With this in mind, one of the critical cybersecurity topics to watch in 2023 is IoT and increased digitisation.

Discover six measures you can take to reduce the risk of security breaches in your IoT network

New Generation Mobile Network

As 5G is a very new technology, it is difficult to predict what effects it will have on cybersecurity.

Unprecedented new levels of wireless connectivity and speed are introduced with 5G. There are more opportunities to initiate larger attacks at faster speeds. Like IoT, 5G is still a new architecture, so it will take some time to adapt and protect. Early adopters should be cautious when integrating cutting-edge technology and even limit the use of 5G-based devices.

Attacks on mobile devices

Cyber criminals attack mobile devices through various methods, such as phishing and unauthorised applications. Today, these devices can store large amounts of valuable data and perform functions remotely, and often have a low level of security. Mobile security is often undervalued, and with mobile devices being yet another potential gateway to network breaches despite manufacturers’ efforts to implement security, it is very likely that phishing and malware attacks on these devices will increase.

Read our 8 best practices that can be implemented to improve the security of mobile devices

Attacks on the Supply Chain

Supply chain attacks can use vulnerabilities in third-party software and cause substantial financial losses. Today’s business operations are primarily supported by the global network of suppliers, third-party services and supply chains. Unfortunately, this dependency increases the possibilities for attacking businesses and provides cybercriminals with more entry points for exploitation.

According to open source reports, the number of supply chain attacks has increased 430% by 2021.

While supply chain attacks are no longer a novelty, other opportunistic and financially motivated cybercriminals will be alert to the potential that exists and the impact it can unleash. Cybercriminals are more willing to apply a strategy they see succeeding.

Targeted ransomware

Ransomware, the biggest threat raising the most visibility, is one of the big issues that cybersecurity has to deal with.

Ransomware campaigns require resources and, therefore, high impact attacks can be sponsored by terrorists looking to inflict a massive attack on a territory or organisation. With the current war situation in Ukraine we have seen this happening with cyber warfare. With increasing resources, sponsored and targeted ransomware cases (e.g.: Colonial Pipeline incident), are expected to increase proportionately.

These ransomware attacks may even become a regular scenario.

Read more about ransomware:

• 7 tips to be prepared against ransomware attacks
• Ransomware Awareness | The importance of education

Data Privacy Laws

At a time when we share our personal information across almost every service, governments have started taking strict measures on data security.

By the end of 2023, 75% of the world’s population will have their personal information protected by modern data privacy legislations established by various data protection authorities (such as RGPD).

Consumers will be able to know what kind of data is collected about them and for what purpose. Organisations will begin to manage various data protection laws and will focus on automating their approach to data privacy.

Hacking autonomous vehicles

Autonomous vehicles are a topic that has us all curious and excited. But is cybersecurity ready for this technology?

Cars often have automated software, enabling features such as cruise control, engine timing, airbags, automatic door locking and driving support systems.

Currently, it is believed that cyber criminals will be able to control vehicles or listen to conversations through microphones.

It is therefore crucial to be aware of the numerous risks associated with the purchase of these new autonomous vehicles.

Scarcity of Resources

In order to respond to regulatory requirements and the challenges of cybercriminals with increasingly ingenious and creative attacks, the demand for cybersecurity experts and talent has increased considerably.

Many organisations lack cybersecurity talent, knowledge and expertise – and the shortfall is growing. Overall, cyber risk management has not kept pace with the proliferation of digital and analytic transformations, and many companies are unsure how to identify and manage digital risks. To face the challenge, regulators are increasing the targeting of corporate cybersecurity resources, generally with the same level of oversight and focus applied to credit and liquidity risks in financial services and to operational and physical security risks in critical infrastructure.

At the same time, companies face stricter compliance requirements as a result of growing privacy concerns and high profile security breaches.

By 2023 that challenge remains, and it is anticipated that it may increase the demand for talent and the demand from regulators.

Understanding trends, especially cybersecurity threats, means staying aware of the world around us.

Due to the significant growth of online shopping, it’s important to remind the most important habits to stay safe in cyberspace, both at home and at work. These nine tips help you recognise and combat digital security threats and be less vulnerable to cyber-attacks. Thus, we remind you here of some of the main tips to protect yourself against malicious online attacks:

	1. Practice safe web browsing wherever you are by always checking the padlock icon in the browser bar. This means a connection that carries your data safely.
	2. When using Wi-Fi, avoid open networks without access keys, as is the case with some free Internet access services.
	3. If you are using an unsecured public hotspot, remember good internet usage practices by avoiding sensitive activities that require passwords or credit cards. Your hotspot is often a safer alternative to free Wi-Fi.
	4. Do not disclose personally identifiable information such as tax number or date of birth to unknown sources.
	5. Type website URLs directly into the address bar rather than clicking links or cutting and pasting from email.
	6. Be on the lookout for phishing emails and fake websites. Be wary of any email asking you to verify or renew your credentials, even if it appears to come from a trusted source. In all cases, try to verify the authenticity of the request through other means, such as accessing the service in question directly.
	7. Do not click on suspicious links or open dubious attachments, especially if they appear in the context of e-mails relating to purchases, orders or other actions that you do not remember doing.
	8. Check your online accounts and bank statements regularly and report any suspicious activity to your bank. If you think you have been victim of an attack, contact your bank. If possible, enable two-factor authentication for payments.
	9. Make sure your system (operating system and applications) is up to date, as well as ensuring that anti-virus and anti-malware are installed and fully up to date.

According to the Cybersecurity Incident Response Services by Forrester, 50% of global security decision-makers experienced a breach in the past 12 months, a number that rose to 63% in 2021 due to the increasing number of ransomware attacks against companies. 

But first, it is important to understand how ransomware attacks work and what causes ransomware attacks.

What is a Ransomware attack?

Ransomware is a form of malware and a criminal business model that is constantly evolving although the basic concept stays the same. Ransomware aims at blackmailing organisations to pay money by making their data and related systems unavailable through encryption or by threatening to leak sensitive data to the public.

What can you do to protect your organisation from ransomware attacks?

Here are a few tips on ransomware attack prevention, what to do when ransomware attacks strikes and how to mitigate the impact:

1. Educate your users on how to avoid clicking spammy links
2. Remove vulnerabilities
3. Enable good passwords and use strong authentication
4. Make use of security monitoring and intelligence
5. Pay attention to supply-chain risks
6. Improve your defence in depth security architecture
7. Maintain plans and policies
8. Maintain a secured backup of your data

1. Educate your users on how to avoid clicking spammy links

Even though there is a lot of protective technology available to deal with ransomware it is a fact that the vast majority of ransomware incidents are still enabled by humans. The biggest potential to reduce ransomware risk lies in user awareness. No Anti-Ransomware program is complete without appropriate education and training elements.

Remind your users on a continuous basis to be wary about clicking  on links and attachments in emails, text messages or any other social media apps without proper evaluation. Also, educate them to avoid USB devices, websites, software that are either unsolicited, not required or not approved by your organisation.

Attackers usually make use of constantly improving social engineering methods to trick users into clicking such links and thus, it is imperative that everyone is well aware of these techniques and how to safeguard yourself from them.

2. Remove vulnerabilities

Regularly patching your operating system and applications will help to close security vulnerabilities that attackers can exploit. Constantly monitor your systems for new vulnerabilities and do not forget to take the hackers view by performing persistent pentesting on your critical assets and entry points.

3. Enable good passwords and use strong authentication

Encourage users to use password managers that enable them to generate random, unique passwords for each account without having to remember a large number of complex passwords or to reuse passwords across accounts. By doing this, cybercriminals will have a much harder time getting access using the stolen credentials.

Furthermore, setting up two factor or multi factor authentication by default puts you one step closer to securing your data. Be aware of the fact that multi factor authentication improves the level of security, but it is not a bulletproof security control in all cases.

3. Make use of security monitoring and intelligence 

Stay updated on the latest security threats in general and specifically to your organisation. Scan for breaches in your network and monitor what is going on in the internet/darknet regarding your organisations’ domains and account names.

4. Pay attention to supply-chain risks

Only rely on verified and trusted 3rd parties. Challenge your suppliers and partners on their security best practices.

Additionally, block the use of software and services from unknown or untrusted vendors. Malware writers often bundle their products with free software or plugins, so if something looks too good to be true, it probably is.

5. Improve your defence in depth security architecture 

Having high performance firewalls, modern endpoint protection software or email security gateways is definitely a good idea to avoid being hit by Ransomware. But do not forget to constantly maintain a comprehensive and end-to-end security architecture that provides the best bang for your security money and that addresses the specific risks of your organisation’s environment and ways of working (work from home, bring your own device etc.).

6. Maintain plans and policies

Ensure that your organisation knows what to do in the event of a ransomware attack by developing a security incident response strategy and plan. It is important that the strategy and plans specify who will play what roles during an attack and how communications will be conducted. If any partners or vendors will need to be contacted, be sure to include their contact information. Additionally, ensure that your company has a policy for dealing with suspicious events that are often part of an attack for phishing confidential information. In order to verify your plans’ efficiency, you must regularly test them. Never testing a plan means that you cannot guarantee its success.

7. Maintain a secured backup of your data

Last but not least, do not assume that you can totally avoid ransomware attacks by any combination of prevention controls. Not having a good backup strategy in place must be considered as a lack of due care.Backing up your data regularly in a secure way is the best way to protect yourself from the impact of a ransomware attack and prevent any data loss. By doing so, you will have a copy of your data that is safe and can be accessed even if your primary copy is encrypted. This will allow you to continue working and avoid paying a ransom.

At a minimum, follow the 3-2-1 backup rule:
– 3 copies of data
– on 2 types of storage
– 1 of them located off site

Remember to secure your backups from unauthorised online access and take into consideration that attackers will also try to attack your backup and archive systems. Immutable backups or systems that require manual intervention by an operator to get write access to your backup data are essential.

Do not forget that implementing a secure backup is only half the battle, you need to be able to restore your systems in a timely manner (see also tip #6 on maintaining proper plans).

A backup retention policy specifies how long data should be kept, where it should be archived and what should be kept in backups. Restoring previous versions of the backed up files is possible with good backup retention policies, which provide protection against hardware failures and human errors. 

The ebook on Backup, Archiving & Anonymization discusses the different types of backups and the risks associated with the failure of backups to provide a deeper understanding of the issues related to poor data retention.

If you need support to execute your Ransomware protection strategy, let us help you protect your organization from today’s threats, recover from any attack, and avoid ransom fees. We ensure all our clients’ endpoints, systems, and data are protected against cyber attacks using approaches that integrate next-generation data protection with cybersecurity.

Learn how you can protect yourself against ransomware attack

You may have the most sophisticated security system and rely on the latest protection technologies, but that will not matter if you are not aware that you must avoid putting your information at risk.

There is no system that is truly 100% secure, which is why the main issue to be addressed is the end user due to the multiple security flaws related to them. In fact, the Verizon’s Data Breaches investigations report shows that, in 2021, 85% of data breaches involved a human element, including errors or misuse. Training and education are therefore key points to prevent a potential attack that can affect you directly or others.

Focusing on keeping informed about the best practices of ransomware prevention, new trends that emerge in cyberspace, and which actions you should suspect of, can make all the difference to prevent you from being attacked.

Don’t be the weakest link! Follow these simple rules for your and your colleagues’ protection against ransomware:

1. Don’t trust a suspect e-mail that you have received.
2. Don’t click links or download suspicious e-mail attachments.
3. Don’t download attachments from your personal mailbox (e.g. Gmail) to work devices (laptops, tablets, smartphones).
4. Carefully review e-mails before taking any action. Were you waiting for that e-mail? Were you already discussing this matter with your contact? Ask the sender if they actually sent it.
5. Carefully review URLs and file extensions before opening them
6. Take a preventive attitude, assess your organisation’s state of maturity and resilience in the face of a potential attack.

This is a huge challenge! Cybercriminals are more and more bold and creative, and technologies and process effectiveness are not enough to address the risks, which makes it important that users are aware of threats, whether in a professional or personal context. A continuous commitment to the training and monitoring of current cyberthreats is mostly a matter of citizenship and defence of the interests of us all.

Companies can invest in many different tools to protect themselves against cybercrime, but the weakest point of an IT security system is usually the human being. However, social engineering experts are excellent psychologists, able to manipulate the victim and use intelligent arguments and formulations. Therefore, it is essential to be aware of the threats, importance and value of data.

There are many tips for prevention in social engineering. We highlight some of them here:

1. Phishing

The goal is to make the recipient of the email believe it’s something they need or are waiting for. The email may include dangerous links or attachments containing antivirus software. Phishing types also include: spear phishing and whaling. Think before you click!

2. Pretext

This technique uses a pretext – a false justification for a specific action – to gain confidence and deceive the victim. For example, the attacker claims to work on IT support and requests the target’s password to perform maintenance.
Proper processes, policies, and identification and authentication training must be in place to avoid these attacks.

3. Bait

The bait aims to attract the victim to perform a specific task, providing easy access to something that the victim may feel tempted to access. For example, a USB drive infected with a keylogger and identified as “Private Photos” left on the victim’s desk.
Security policies, such as blocking unauthorized software and hardware, will prevent most attempts, and you may want to remind teams never to rely on unknown sources.

4. Quid pro Quo

“Something for something” in Latin, involves a request for information in exchange for compensation. This is the case of an attacker calling random phone numbers claiming to be from technical support. Occasionally, he finds a victim he happened to need. They offer “help”, gaining access to the computer and being able to install malicious software.

5. Shoulder Surfing

This method involves stealing data (passwords or codes) by looking “over the shoulder” when the victim is using the laptop or other device (a smartphone or even an ATM). Awareness of the threat is particularly important for companies with employees in remote work, where they can use their work devices in public places

6. Tailgating

To prevent such attacks, there are several important aspects to consider:

Training employees in social engineering

One of the most important aspects of social engineering prevention is risk awareness. Therefore, it is essential to organise cybersecurity workshops for employees and pass on the importance of data.

Testing employee awareness

Occasionally, it’s a good idea to put employees in a real attack simulation situation. Do they lock computers when they come out? Are there any important documents on your desks? Credentials written in post-its? What will they do if an unknown number calls and impersonates someone offering services the company is looking for? Answering these questions will help ensure that everyone on the team is aware of what they can and should not do. Do exercises with the management team and key employees on a regular day. Test controls and reverse engineer potential areas of vulnerability.

Enhance multi-factor authentication

Even a strong password isn’t always enough. It is best not to rely on single-factor authentication for important data. In addition to passwords, multi-factor verification can include fingerprint scanning, authentication tokens, or SMS codes.

Currently, the best defence against social engineering attacks is the education of employees complemented with technological solutions to better detect and respond to attacks. By being fully aware of it, and taking basic precautions, you will be much less likely to become a victim of social engineering.