Sign up to V-Hub

Do you need help with something?

Share this article

What are the most common security threats today?

Articles
20 Jul 2021
Save

The most common cyber threats to look out for

Understanding how cybercriminals work is important for staying one step ahead of them.

And right now, when there’s more focus on the digital world than ever before, small business leaders can take the opportunity to learn more about the most common cyber threats, often targeted at small businesses

This article outlines the most common attack vectors and how you can arm your business against them.

1. Malware – Surveillanceware and Ransomware

Malware stands for malicious software and is the catchall term for any piece of software designed to either damage devices or (as is more common) steal important data.

There are many types of malware that can affect your system. Some of the most common include trojans, viruses, ransomware, nagware, adware, spyware and worms.

In 2020 we’ve seen an increase in Surveillanceware (which is used to access sensitive data on devices), and Ransomware attacks (where adversaries encrypt data and demand a ransom).

2. Phishing – Email and mobile

With phishing attacks, fraudsters pose as reputable companies and send false communications in order to trick people into revealing their personal information or clicking on a malicious link.

Phishing used to be mostly coordinated through emails. But as more people are using their personal mobile devices to access corporate networks, mobile phishing has taken over as the most popular route for phishing attacks.

3. Threat Actors - Hackers

Hackers are the individuals behind all these threats, creating malware and deploying phishing emails. They specifically like to prey on smaller businesses, because of their often limited security capacity, and the role they play in the wider supply chain. The COVID-19 climate also made it easier for them to broaden their attacks since remote work has become the new norm.

Once a hacker gains access to your network, they can steal, change, destroy or corrupt your data, or take control of your device, and may do a lot of it without your knowledge. So the only real protection against a hacker is preventing them from ever gaining access in the first place.

What should you look out for?

  • Fraudsters often entice workers to download dangerous malware or spyware programs through messaging and SMS platforms by using phrases that are hard to ignore, such as “just saw this picture of you, when was this?”

  • Business related phishing emails take advantage of crisis situations and use titles such as “Please Read Important from Human Resources” or “All Employees: Update your Healthcare Info” to convince people to click on them.

  • When personal devices are used for work, phishing emails targeted at individuals can gain access into a corporate network since there’s no mobile security installed. And people tend to be a bit less cautious when it’s their private email, making it a favourite for fraudsters.

How can you protect against these attacks?

  • Make sure you extend any phishing protection you have to mobile – whether that be personal or business devices. If your employees use their personal devices to perform work activities, and access business information, you may need to have policies in place that make installing mobile security mandatory.

  • Ensure firewalls are enabled for all devices that can access your company network, especially ones that connect through untrusted networks. Not sure what a firewall is? Search “What is a firewall?” in our free Smart Search tool to help cut through the tech lingo.

  • Only use software, apps, and accounts that are necessary, and protect them with strong passwords. For important apps, use secondary forms of authentication such as fingerprint or facial recognition.

  • Regularly update your anti-malware protection across all devices, and make sure operating systems are running the latest versions. Most updates include security patches that help protect against security breaches.

  • Regularly back up important data on separate, unconnected storage devices, to help protect against a ransomware attack.

  • Firms like Lookout and Norton also offer comprehensive protection against mobile phishing on Android and iOS devices. It can guard against phishing attacks from multiple vectors, and allow workers to use their own smartphones for work by offering content protection, even if the device is outside the firewall.

Picture showing diagram of what you can do to protect yourself online:
1. Extended phishing protection to all devices including mobiles 
2. Enable firewalls for all devices that access your company network 
3. Only use software apps and accounts that require authentication
4. Regularly update your anti-malware protection across all devices
5. Regularly back up your important data

How do you stay up to date?

The cybersecurity landscape is constantly shifting. Keeping on top of the latest news can help you stay in the know – and stay ahead of hackers.

The hotspot map of threats keeps track of phishing attacks globally, giving the most up to date picture of the threat landscape. South Africa currently has a phishing encounter rate of 46,5%, one of the highest in Sub-Saharan Africa.

For more detailed information on the tools and technologies you can deploy to keep your business safe, let one of our trusted advisors call you back.

Next Read: Three essentials of cybersecurity to keep your business protected.

Thanks for your feedback!

More news and insights