KeyBank logo
CHAPTERS
CHAPTER 3

Data breaches: What to look for

Ransomware: pervasive threats

Here’s how it works: A message appears onscreen demanding a hefty payment to restore system functionality. Once ransomware takes hold of a single computer or entire network, users can no longer access their computers or the information stored there. Failure to pay often results in data destruction. 

While ransomware continues to serve as a popular, effective tool for cybercriminals, it’s impossible to state with certainty how frequently ransomware is used. The reason: 

  • Many ransomware victims simply make the payment and, fearing negative press, never report the incident.
  • While there is no statistical data to prove how many organizations have paid ransoms only to lose their data, security analysts observe this occurs commonly.10

It is estimated that in 2019, paid ransom amounts exceeded $7.5 billion in the United States.11 Cybersecurity analysts forecast that by the year 2021 a new business will be victimized by ransomware every eleven seconds.12

Phishing: Recognize and mitigate

Three of the most commonly used methods for introducing a breach to a network are based in phishing techniques. They include emails, attachments and links, especially those that incorporate counterfeit or “spoofed” URLs. Analysts note that phishing is a source of more than 80 percent of all reported security hacks.13

Chances are good that once a breach vector is introduced into your work environment, you or anyone with online access will click on a fateful link, open an infected attachment or trigger ransomware. Here’s how to identify these phishing techniques ande some simple tips to avoid initiating a security catastrophe: 

Be on alert

You may have seen a colleague’s email address hijacked or spoofed in order to elicit a feeling of trust and familiarity. If there are any doubts, speak with (don’t email) the sender to verify the communication’s validity. Even if an email appears safe, links and attachments in the message may still serve as delivery mechanisms for malware, ransomware and wholesale theft. 

Don't open that file!

If an email includes an attachment, be certain of the file’s source. Contact the sender to double-check his/her identity and purpose of the email. If you open the attached file, do not enable editing or enable macros. Close it and bring it to the attention of your IT department.

Here’s why:

A malevolent Excel or Word file with embedded macros often gets past antivirus screening. Opening and editing the file can trigger a string of malicious code that executes some form of attack. 

Suspect counterfeit links

URL spoofing works in a similar way. Suppose a familiar address (such as www.abcz-corp.com) appears in an email from a trusted source. Mousing over the URL may appear to verify the address, but the URL still may be counterfeit. Clicking it could lead to a data breach in the following ways:

  • The URL might connect to a perfect replica of the ABCZ website where people freely enter their usernames and passwords – directly into a malefactor’s database
  • Clicking the URL may set off a malware attack on a local PC or the entire network

It’s fair to ask: Is it even possible to avoid a spoofed URL or link? In most cases, yes ….

Verifying the URL

In many cases, a URL or hyperlink that looks fine is actually composed of counterfeit characters that mimic authentic ones. In the past, a URL prefix of https:// was a fairly safe assurance of a secure site. That’s no longer the case because hackers use fake security certificates to impersonate secure sites. Here are some precautions you can take to protect your systems and data from URL threats:

  • If you already know and trust the site referenced by the URL or link, you can visit its home page – manually – by typing the address in a browser
  • If you have any doubt whatsoever regarding a URL’s legitimacy, use a tool to verify it. (ex: Google offers a free online “transparency report” and several antivirus applications incorporate similar functions)
  • The easiest way to avoid a data breach through URLs in emails, ads, electronic signatures or social media is to simply not click

Low-cost security boosts

While a comprehensive listing of ways to avoid a cyber attack is beyond this paper’s scope, understanding the security implications of emails, attachments and URLs is a great place to start. In addition, consider adding the following steps to your security protocol:

  • Educate and re-educate employees and contractors on security policies and common threats 
  • Use data encryption (e.g., iris scans and fingerprints)
  • Limit data access only to individuals who need it for a business purpose
  • Have procedures in place to deal with security threats and breaches
  • Remove extraneous data from online access
  • Keep all operating systems and applications current
  • Use multi-factor authentication to gain access to any secure online data 
  • If a computer does not require online functionality, disconnect it from the internet
  • Consistently back up data to multiple storage mediums and in multiple secure locations

Even with these precautions integrated into your organization’s routine, you’ll still need the defensive capabilities of a robust, scalable cybersecurity system.

Test your knowledge.
YOU'RE RIGHT!

Cybersecurity analysts forecast that by the year 2021, a new business will be victimized by ransomware every 11 seconds.

Next Chapter
NICE TRY!

Believe it or not, analysts forecast that by the year 2021 a new business will be victimized by ransomware every 11 seconds.

Next Chapter
CHAPTERS