4 in 10 businesses reported a form of cyber-attack or breach between 2020 and 2021. Consequently, businesses are now investing heavily in cyber security to protect their data and reputation. If you do suffer a breach, it’s important to know what to do next and how to stop similar events going forwards.
Most common cyberattacks
Ransomware
A form of malware that encrypts business data. The attacker then demands a ransom payment to release the encryption key. Whilst the data is encrypted, employees can’t access systems, files, databases, and applications. This malware will spread throughout a system often causing significant downtime. The most successful method attackers use are phishing emails appearing as a CV, for example.
Distributed Denial of Service
DDOS attacks are where cybercriminals overwhelm a target server, service, or network with fake internet traffic. Unlike other kinds of cyber-attacks, the goal is to stop legitimate traffic from visiting a site, or to overwhelm network security equipment. Attacks can be repeat assaults leading to extended periods of downtime.
Man-in-the-Middle Attack
A general term used for when a criminal positions himself between a user and application to intercept messages and emails. There are many different methods that can be used, however most can be avoided with firewalls, encryption and MFA .
Password Attack
One method attackers use are brute force attacks, where criminals use a programme to guess millions of passwords every second. Another method is a phishing attack, where attackers attempt to socially engineer users to share their password.
What to do if you fall victim to a cyberattack
Notify your IT Provider
Your first port of call should always be to contact your IT provider. They can stop further spread of any malware or assist in surveying the damage and finding recovery solutions.
Review the Damage
Understanding the affected systems, services and machines is the number one priority. Your IT provider will be able to survey the damage and confirm the method of attack and impact on the business.
Minimise the Fallout
Re-routing network traffic, blocking traffic, or isolating parts of a network can help to prevent an attack spreading.
Document the Details
It’s crucial to record the details of the actions and look at the data from the system logs. This should highlight any compromised accounts and systems.
Notify Stakeholders
Suffering data loss can be a breach of GDPR. Businesses should ensure attacks are reported within 72 hours to Action Fraud to minimise possible penalties. Individuals’ information may have been leaked so it is essential to notify them straight away as well.
Learn From the Attack
Irrespective of the attack’s severity, businesses must learn from the experience to prevent lightning striking twice. Adequate documentation of the attack and response plan, will highlight vulnerabilities and gaps in knowledge.
Best practices to prevent a cyberattack
With cybercriminals using a variety of attack methods, it’s critical to have a comprehensive solution in place to stop all types of attacks. This includes safeguarding companies against phishing, ransomware, password breaches, DDOS attacks, and other threats. Keeping up with changes in the cybersecurity threat landscape can be difficult, so it’s often best to rely on the expertise of a third-party IT provider. To learn more about how to keep your business safe contact us today.