Why and how would cybercriminals want to break into my business?
There is a lot of money to be made. These bad guys earn millions of dollars in just one cyber attack especially if there is a ransom involved. It’s not like the old days where you had to go hold up a bank and risk being shot. You can do it from 1000s of miles away in your own home.
They gain access to their victim, lock their files, ask to pay for a big amount of ransom before they unlock your files. Easy money! In fact, they run it like a business. Obviously, they wouldn’t do the attacks if it wasn’t profitable.
Cybercriminals have an arsenal of different attack methods. One of them is the social engineering attack. It is the psychological manipulation of people into performing an action to give away their sensitive information.
Sometimes, cybercriminals do research about you called OSINT. They disguise themselves as someone from your friends, family, workmates and such. When you’ve received a message or email from someone you know, you sometimes tend to lower down your anxiety and compromise with what they have said. They ask you to click a link or send your personal information. The next thing you know, a large amount of money was withdrawn from your bank account.
Further, according to Cybint, 95% of cybersecurity breaches are caused by human error.
How do cyber security experts fight cybercriminals?
Cyber security experts fight cybercriminals like a game of cat and mouse. We put basic protections in place like Anti Virus. However, we know that that is only one layer of defense and cybercriminals are trying to work around that. We ensure systems are patched and kept up to date. We also harden operating systems following guidance from vendors like Microsoft as well as advice from other Ethical Hackers and Security Groups. We study what methods are being used in the wild and use frameworks like MITRE ATT&CK and ATT&CK and NIST.
So, are cyber security experts ever ahead of cybercriminals?
Yes and no. We have the advantage of knowing the system and with the right experts, you are in a far better place than having an unmanaged system or an IT provider that only maintains the status quo and doesn’t keep up with security.
In Florida, hurricanes happen. Florida businesses are not measured on whether they can prevent a hurricane from happening (that’s preposterous); they’re measured on how fast they can recover and get back to serving customers and making money.
In 2021, cybersecurity incidents are the inevitable hurricane. Your business is not judged by whether you can prevent an incident, but rather by how fast you can recover.
You might have been hearing news regarding cybercrimes. But at the same time, there are probably hundreds of companies that successfully protected themselves from cyber crimes by taking fast incident response. You may be just hearing the bad news, but less of the good ones.
If you need help with cyber security and IT services, tell us your needs and let’s start working together.