Between 2020 and 2021, 4 in 10 businesses and a quarter of charities reported some form of cyber security breach or attack. These figures are increasing year-on-year as cybercriminals innovate with new attack vectors to infiltrate businesses for profit or to steal valuable data.
For a business owner, if you have not already, now is the time to invest in a comprehensive cyber security solution before it is too late. However, if your business does fall victim to a cyber attack it’s important to know what to do next.
Most common cyber attacks
Ransomware
This uses malware to encrypt a business’s data and hold it to ransom, only giving the encryption key when the ransom is paid. Whilst the data is encrypted, employees can’t access files, databases, IT systems or applications. This malware is designed to spread throughout a system, encrypting every file on a business’s network, often causing significant downtime. These ransomware attacks often use a phishing email to gain access and initiate the exploit and malware infection.
Distributed Denial of Service
DDOS, as it’s commonly known, is a malicious attack where a cybercriminal overwhelms a target server, service, or network with internet traffic to disrupt normal traffic. The goal of these attacks may be to stop legitimate traffic from visiting a site, or to overwhelm network equipment, such as firewalls, to launch another cyberattack.
Man-in-the-Middle Attack
This may include intercepting messages and emails between individuals that includes sensitive data, or intercepting login credentials between a user and an IT system. There are many different methods that can be used to carry out a man-in-the-middle attack, however most can be avoided with firewalls, encryption, multi-factor authentication and a strong security culture within an organisation.
Password Attack
These attacks include a variety of methods a cybercriminal may use to steal login credentials. This may include a phishing attack, where the cybercriminal poses as a trustworthy individual and attempts to deceive the victim into sharing their password. Another password attack method is a brute force attack, where a cybercriminal will use a program to try millions of passwords every second until the correct one is found.
What to do if you fall victim to a cyber attack
Notify your IT Provider
If your business falls victim to a cyber attack, or if you believe there has been any sort of breach, you should first notify your IT provider. They may be able to help stop further spread of any malware or assist in surveying the damage and finding mitigation and recovery solutions.
Survey the Damage
Ideally with the assistance of your IT provider you will be able to survey the damage and ascertain which systems, services, and machines are affected. This will determine the impact on the critical business functions and confirm what method of attack was used.
Limit the Fallout
Depending on what cyber attack affected your business it may be necessary to take steps to avoid an attack from spreading. This may include re-routing network traffic, blocking traffic, or isolating parts of a compromised network. Depending on the size of your business and internal resources, this may need to be undertaken by a cyber security specialist, such as ourselves.
Record the Details
It is important to record any details of the actions taken and data collected from system logs. This may include information about affected systems, compromised accounts, and damage to systems. Collecting this information will aid in notifying stakeholders and reporting the incident to the relevant authorities.
Notify Stakeholders
If your business has suffered a data breach that resulted in an individual’s information being at risk, it is essential to notify them. This is important as incidents where data is compromised or stolen may breach GDPR, if these are reported within 72 hours it will minimise possible penalties. Regardless of what method of cyber attack your business faces, all cases should be reported to Action Fraud who will then inform the National Fraud Intelligence Bureau.
Learn From the Attack
After any cyber attack, regardless of severity, businesses should learn from the experience to understand how to prevent another attack or better respond if lightning strikes twice. This should include documentation of the attack and the response, if any mistakes were made that enabled the attack, and how training can be used to avoid another cyberattack.
How to prevent a cyber attack
As there are many attack methods used by cybercriminals, it’s important to have a comprehensive solution to stop all forms of attack in their tracks. This includes protecting businesses from phishing, ransomware, password attacks, DDOS attacks and others. It can be difficult to stay up to date with changes in the cyber security threat landscape, so often it’s best to rely on the expertise of a third-party IT provider. Contact us today to find out more about how you can keep your business safe and avoid a cyber attack.