tech talk title

How to Handle a Cyber Attack

Dan Carpenter
November 11, 2019
7 min read

WHAT TO DO IN A CYBER ATTACK!

Can Cyber Attacks be Prevented?

As our relationship with technology continues to evolve, so does our risk of falling victim to cyber attacks. Small- to mid-sized businesses are especially vulnerable, making up more than half of the targeted victims. As smaller companies tend to be unprepared, they are often seen as easy targets, and, sadly, the majority go out of business less than a year after being hacked.

Let’s consider the statistics:

  • 43% of cyber attacks are aimed at small businesses
  • 86% of small businesses are not prepared for a cyber attack
  • 60% of small companies close within six months of a cyber attack
  • 52% of security breaches are due to human error or system failure

But how can small businesses prepare themselves for security breaches? Are cyber attacks preventable, or are they an inevitability in our new internet-dependent world?

Recognizing the Source of the Problem

The first step in keeping your business safe is recognizing that the most common source of security breaches comes from human error. People make mistakes. They will forget to enable Multi-Factor Authentication and use weak passwords. They will open an email attachment that infects the entire network with malware. No industry is spared from cyber attacks. For example, last month the Cherry Hill Public School District lost its computer network for nearly a week and a state of emergency had to be declared due to a ransomware attack.?

When people make a purchase using their credit cards, they rarely think to check for a skimmer attached to the device. Even individuals who know how to look for skimmers tend not to check the touchpad in everyday places such as grocery stores when inputting their information. Credit card companies sought to make cards difficult to skim by incorporating a chip design. However, they also included a magnetic strip on the majority of cards to make them backward compatible, thereby making the chip pointless. Just as technology takes the first steps towards catching up, bad actors have now employed a new type of device called “shimmers” that are impossible to detect by current means. As of now, there are no security measures to address shimmer devices and threats continue to get more creative as technology improves.

It has become increasingly common for websites to prompt users to fill out their information before they can access a page. If these websites are not properly secured, or if the user is using public Wi-Fi, their data is open to thieves. Their name, address, even their credit card information is accessible to hackers who have a variety of ways to retrieve it, including through the Bluetooth connection on the user’s phone. Many people are still vulnerable through traditional methods as well (the literal theft of the device) because a large portion of the population still doesn’t realize the importance of password-protecting their devices.

The human-error factor makes it impossible to completely eliminate the possibility of a cyber attack. No matter how many steps are taken to educate employees or convince them to be vigilant, it just takes one person and a moment of absent-mindedness to unwittingly open the entire company to threats.

Since security breaches are inevitable, how can companies effectively diminish their damage? The industry standard is to use the 6 Stages of Incident Response which minimizes the time taken to deal with a cyber attack and maximize efficiency in the face of a threat.

Preparation And Response Are Key

The 6 Stages of Incident Response:

  1. Preparation
  2. Identification
  3. Containment
  4. Eradication
  5. Recovery
  6. Lessons Learned

The first stage, Preparation, addresses how businesses can avoid being underprepared in the face of security emergencies. The more time lost to a cyber attack, the greater the loss that will be accrued. Start by tracking all baseline traffic patterns for all of your technological assets. Then create an emergency communication plan to be followed in the event of a suspected attack, determining which events must lead to an investigation. Build a solid blueprint for what to do when an event takes place, and make sure all employees are aware of what part they play in the response plan.

The next stage, Identification, requires your designated team to gather all available data on this particular situation, and then analyze it. Your security team then determines the entry point of the breach, the spread of it, and works to find a singular location of the entity.

The next steps happen in rapid succession. First, Contain the threat by patching its entry point. Then Eradicate the threat by removing it. After that, Recover all systems to get them operational again to avoid disrupting your business for a greater length of time than necessary.

The Forgotten Step

The final step is perhaps the most important, and, unfortunately, the most widely neglected. This leads to businesses making the same mistakes and opening themselves up to the same vulnerabilities again. Lessons Learned is about taking a step back to document the entire process. Log every facet of the situation to be used as part of future Preparation plans. Not every scenario can be predicted, so documenting the situations can help establish patterns to help companies improve on system weaknesses so that incident response can move much more quickly in the future.

After event recovery has begun, every state has its own notification laws that require businesses to disclose to customers if their personal information may have been compromised or lost. Make sure to follow federal and state-specific laws to comply with legal requirements.

Once you have gone through these steps, find a way to incorporate aspects of it into your daily life. Remain vigilant and aware of where your information is going and the purpose of sending it. For tips on how to prepare for a cyber attack in your daily life, please read our previous blog

Make sure to lead by example. Modeling best practices is the most powerful way of convincing other people to follow suit. If you treat data security as a priority, then your employees are more likely to adopt best practices. By being aware of threats and working to improve your security posture, you can create a safer environment for you, your business, and your employees.

男人的加油站app