Cyber attacks occur every day throughout the tech world. According to a report by Centri Technology, a leading provider of data encryption security, mobile data optimization (MDO) and bandwidth management solutions, there are over 200 significant security incidents which take place on a daily basis—causing nearly six full-fledged breaches each day. These cyber attacks can affect a variety of information sources, ranging from personal data settings to corporate database infrastructures.
One of these well-known corporations, JPMorgan experienced one of the largest known cyber security breaches during 2014. A year following the breach, prosecutors announced the official charges that detailed the massive network intrusion which simultaneously impacted a variety of financial institutions, brokerage firms, major news publications and more.
As the court documents revealed, three men are currently facing charges for this cyber attack—stealing the personal information of over 100 million people. In October 2014, JPMorgan admitted 76 million households had been jeopardized in this cyber attack of mass proportions, and that another seven million small businesses were compromised.
As a result, many businesses rely on cyber security agencies in order to help protect important information key to their business. Our friends at Tempered Networks offered their insight on the issue of cyber attacks. Here are a couple of insights from a business point of view that dive into the threat of cyber attacks:
Evaluating Threat Surface
When it comes to cyber attacks, every step taken is taken in layers. Based on Tempered Networks’ background on cyber security, depending on the amount of damage received from an attack, information taken, and whether or not the “bad guys” are able to attack again. The process of threat surface evaluation is crucial for any individual or business to ensure cyber security. In addition, to ensure that the most important information is kept secured, businesses need to identify their most important assets and secure them first, there by providing security for the most important areas. This brings up the next big issue of procedural damage control.
Procedural Damage Control
Eventually, when an attack does occur, there is some level of damage control. Whether or not a business has state of the art security, there is always some level of panic that occurs when a cyber attack breaches security. Defining what needs to be secured based on threat surface analysis and sticking to a plan often helps repair any damage caused by cyber attacks. As stated previously, every step is taken in layers, whether it is in developing security or ensuring security after an attack. As a general rule for any business, it is important to have some form of security to protect important assets, however having the general knowledge on cyber attacks can help avoid dealing with any worst-case scenarios, and the following information provides this as such.
Due to the unidealized rate at which cyber attacks occur, it is important for all individuals who engage in online activity through a technical device to become increasingly knowledgeable on ways to prevent putting themselves at risk for a potential security breach. Aiming to secure the federal civilian networks, cyberspace, and critical infrastructure that are essential to our lives and work, the Department of Homeland Security offers numerous tips on how to avoid such a network intrusion. Here are two of their top recommendations:
Be Wary of Spam
The most important insight offered by this government agency on how to actively avoid cyber attacks is to never click the links in unknown emails and to never open foreign attachments. These preventative strategies suggest that if any user questions an email’s legitimacy, they should go on the company/sender’s website and review their contact information and content directly. If the website still does not seem legitimate, refrain from opening the email.
Additionally, to avoid unintentionally opening downloads, turn off the option to automatically download all incoming attachments. Homeland Security stresses that typically, retailers do not send emails with attachments. So, if receiving questionable retail emails with any type of attachment, contact the company directly and ask whether or not the email was, in fact, sent by the company. This will help guide a receiver in determining if a message is spam with the potential for a cyber attack.
Another useful tip for protecting oneself against cyber attacks is to avoid giving out personal information both over the phone and via email, unless optimum security is guaranteed. Many deceitful services rely on social engineering to mislead individuals into providing information which can later be used by the scamming company for fraudulent purposes. If unsure of a companies security policies or legitimacy, ask them to provide a formal business name, title, and a call-back number. If they cannot provide one of these things, questions may be warranted.
Furthermore, all digital users should set secure passwords and avoid sharing this password information with anyone. When establishing passwords or codes, users should refrain from using common words or phrases, and should continuously and regularly update this information (at least once every six months). Never use anything with the potential for someone else to “crack” or decode.
Above all, always remain cautious of cyber security while engaging in online activity. If any action or user seems questionable, consider reporting the incident to the United States Computer Emergency Readiness Team online, or call them at (888) 282-0870. Their system assists analysts in providing timely handling of incoming security incidents as well as the ability to conduct improved analysis.
Special thanks to our friends at Tempered Networks for offering their knowledge on cyber security and offering solutions regarding cyber attacks.