Hackers want in. They want to get into the business, your data and your details because cybercrime is a multi-million business and there is a lot of profit in phishing, stolen data and ransomware. They dig deep into their business and use every loophole and vulnerabilities they can find, whether it's in their systems or their people. Their approaches follow several standard steps, although they may change depending on the target or objective.
"Cybercriminals often go through the various steps, although they may happen in a different order or some may be skipped along the way, these are the most common ways to approach a business." “They start with reconnaissance where they are trying to learn more about their target – including what hardware and software you run, your email addresses, employee names and other details that might give them an advantage when it comes to planning. a successful attack,” said Anna Collard, executive at Content Strategy & Evangelist Africa.
Once they have the information, they plan their attack. They can use root access found through automated malware that can be introduced into the system via a USB key, human error, or a vulnerability. It's easier than most people realize to be tricked into downloading and running a malicious program that installs itself and delivers the goods. Users and businesses can minimize this risk by ensuring that all of their Internet-facing and security systems are up to date and constantly scanning any downloads, applications, and endpoints for malware.
“If you want to defend against cyberattacks, you need to think like a malicious hacker and know the tools and techniques they use to defend against them,” says Collard. “The first thing is to stop worrying so much about what hackers want and more about how they're going to get it. Using the house analogy, this amounts to making sure the doors are locked, there are bars on the windows, and there is no easy access point in the basement.”
The next step is to think about the type of attack vectors that are likely to be used against your organization and then implement measures to protect them. While this is still a guesswork measure and shouldn't be the only defensive part of your posture, it helps you create a more robust security approach. This is a data-driven defensive posture – it uses information and insights to assess the most likely types of attack so you are protected against them.
“You need to make sure you build a combination of defenses,” says Collard. “It's about overlapping policies, technical defenses, training and other types of security that allow you to create more of a security fabric around your business. It also ensures that you don't end up neglecting a critical part of your business and accidentally leaving a vulnerability open.”
Training is absolutely essential. Employees need to know that they are, in fact, one of the company's most attacked targets and how to protect themselves against this. They need to know how to spot phishing attempts, how to avoid making obvious mistakes, and how to avoid not-so-obvious mistakes. If people are on high alert and aware of what a simple mistake can cost them and their company, they move from being a liability to an integral part of the organization's security defenses.
“Cybercriminals will always try new methods, new viruses, new threats, that's their job,” says Collard. “Companies need to make detecting and protecting against these attacks part of their jobs – part of their employees' jobs. That way, security moves from something people perceive as a pain or a tedious tick-tock exercise to a habit, to a fundamental part of office culture. And that awareness and vigilance will put the organization in the best possible place when it comes to security.”
