A Proactive Approach to Cyber Security for Small Businesses
In terms of cyber security, the spring and summer of 2018 weren’t good for several Canadian enterprises. It began near the end of April, when several services in the Ontario municipality of Wasaga Beach were victims of a ransomware attack. Nearly two months later, the municipality agreed to a $35,000 CAD payment to regain access to four of the most important servers.
In June, CarePartners (a home health care services provider) informed the public about its own security breach. Names, contact information, and detailed medical records were stolen by cybercriminals who threatened to make the data publicly available if their demands weren’t met.
If you’re wondering whether your own company is safe from cyber attacks, you're not alone. Keep reading to learn about the different kinds of cyber attacks, plus tips you can use to proactively protect your business.
Cyber security is constantly evolving, though there are several common types of attacks that every business should know about, including:
Malware means malicious software, including spyware, ransomware, viruses, and worms. The software breaches your network through a vulnerability, usually when someone clicks a link or opens an attachment that then installs the software. Malware programs can block access to parts of the network, make a system inoperable, transmit data from a hard drive, and more.
Phishing occurs when fraudulent communications are sent with the goal of obtaining sensitive data, like login information. Email is the most common medium and the correspondence is designed to look trustworthy.
SQL injections are all about code — an attacker inserts malicious code into a server using SQL, forcing the server to reveal information that shouldn’t be readily available. Sometimes, all it takes is inserting the code into a website’s search box.
Man-in-the-middle (MitM) attacks, or eavesdropping attacks, occur during two-party transactions. In one method, attackers use an unsecured WiFi network to get between a device and the network. Once they’re in, it’s easy to steal sensitive information.
Cyber attacks are a frightening prospect for any company who deals with data, but the best offense is a good defense. If you’re proactive about data protection and IT security, your chances of becoming a victim are greatly reduced. With that in mind, here are 10 best practices you need to implement: