Phishing and ransomware are a growing phenomenon. To prevent and resolve these kinds of security problems, it is best to work at two levels: the technical level and the end-user level. We explain how to do that.
With phishing, scammers send an e-mail with a link to a fake website, for example that of a financial institution or a webshop. You are asked to log in, after which that information is misused. This usually involves mails that are sent on a large scale to potential victims. Spear phishing is more sophisticated, because the messages are addressed to the recipient in a very personal way so that they seem even ‘more real’. If the recipient falls into the trap, this can have serious consequences for companies, such as the loss of important data, network problems and a financial impact.
Spear phishing: an increasing risk
Earlier this year, the accounting organisation BDO sounded the alarm about the problem of spear phishing. It seems that hackers are increasingly targeting CEOs, CFOs and other employees with a strategic function who can carry out financial transactions. The risk is therefore considerably higher.
A Belgian bank has first-hand experience of this: in 2016, €70 million were lost as a result of CEO fraud after an employee, who thought he had been instructed to do this in an e-mail from the CEO, transferred money to hackers.
The hackers behind such CEO fraud are also becoming more inventive by the day. For example, scammers recently used voice distortion based on AI. It seemed that the CEO was calling to ask for a payment to be made. The unsuspecting employee then transferred $200,000 to the scammers' account.
Ransomware: ransom for your IT environment
Ransomware is also a growing threat to your business. Here you receive a virus file through an e-mail or a malicious website, which infects your computer and blocks everything. You then see a message appear on your screen that demands the payment of a ‘ransom’ – hence the name ‘ransomware’ – if you want to access your data again. If you are confronted with this situation, then don't start negotiating with the cyber-criminals under any circumstances and never pay the ransom asked, but contact an IT specialist.
In 2018, the number of ransomware attacks worldwide increased by no less than 350 per cent. Healthcare is increasingly the target, but smaller and medium-sized companies are also popular targets. Hackers know – or assume – that they don't always invest (enough) in security.
Nevertheless, the availability of IT is crucial for organisations of all sizes. The fact is that without access to the business data and applications, it's impossible to be productive and serve customers.
Block and disable intruders
To prevent threats such as phishing and ransomware, you must first ensure you have the most recent security software and ongoing patch management. In this way your IT environment is always up-to-date and malware is blocked or disabled before it enters your network. If there isn't the knowledge or time in your company to continuously monitor security, it's perfectly possible to outsource this task to an external IT service provider that can monitor your entire environment remotely through managed security services.
A fallback solution when things go wrong
And what if things go wrong anyway – how do you then prevent the loss of your crucial data? Here too an external partner can offer solutions, with backups through the cloud. Thanks to the economies of scale of an external data centre, you are assured of an additional secure fallback location that is always available if there is an emergency.
Alert the end users
And of course, don't forget to deal with the level of end users if you want to keep out hackers and viruses. They must always be aware of any potential IT threats so that they respond quickly when they see a suspicious mail or webpage. You can provide your employees with the necessary training. A one-off course is not enough. Repeat the training and key issues regularly.
Access security according to user identity
In addition, you can ask your IT service provider to provide security settings based on the role of each user in the organisation. You can establish this identity-driven security at the application level and the document level. In this way your information is efficiently protected and your employees have secure access to their IT environment at any location and with any device.