People often have a false belief that only big organizations are cybercrime targets. Consequentially, we fail to protect ourselves adequately against cyber security threats.
According to the Oxford Dictionary, cybercrime is any criminal activity carried out by means of computers or the internet. Kaspersky one of the computer antivirus companies publishes some specific examples of the different types of cybercrime:
Most cybercrime falls under two main categories:
While big businesses are most likely to be targeted, nobody is safe online! Targets range from big corporations to individuals. Each year, businesses’, governments’, and individuals’ monetary losses reach new heights. With covid-19 and the increase of remote working, this number has exploded and cyber security is an ever-recurring challenge. On average here at Neuwelt, we receive over 5-8 phishing or spam emails while our Virtual Private Server – VPS records a daily average of 20+ virus or hack attempts.
According to Check Point’s research, in 2021, cyberattacks saw a year-to-year increase of 50%. Businesses also saw a weekly attacks increase of 50%. In terms of geography, Africa was the most affected by cyberattacks and saw an increase of 13% in weekly attacks. It should also be noted that Africa invests the least in cybersecurity and has the loosest data security laws.
Cyber security attacks take multiple forms, and it is essential to be aware of the most common to be prepared in case of any threats.
Malware, or malicious software, encompass all kind of software designed to harm and exploit your devices. It ranges from viruses to ransomware, as well as Trojan horses.
What they do is steal your data (financial, identity or security data like passwords and usernames, etc.), delete your files, and overall impede you from using your devices. The malware can seep into your devices without your knowledge by many various means. Most commonly, if you download an infected program, click on an infected link, or connect an infected USB drive, malware can easily infiltrate your devices.
Malware has been thriving since the beginning of the covid-19 crisis. Indeed, by using people’s fear of the virus, cybercriminals have extorted enormous amounts of money from people.
Ransomware is one of the most common cyberattacks in 2021 and one of the fastest evolving cyberattacks. In 2021 one of our network computers was infected by a remotely controlled SSPQ virus.
It is a type of malware that asks for a ransom, as indicated by the name. It holds the victim’s sensitive data and asks for a certain amount of money in exchange for the data. However, even when the victim pays the ransom, the data is sometimes never fully or even partially recovered. In the absence of a multi-level data security or backup system, such attacks can cost any business, organization, or individual dearly since they tend to encrypt computer files and render systems inoperable.
Is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers (Oxford Dictionary). Phishing is one of the many existing “password attacks” which is a malicious attempt to enter password-protected accounts.
This kind of attack is when cybercriminals impersonate someone to extort personal information from the victim. They pressure them to give sensitive personal information using a forged “trusted” identity. These types of attacks have been widely known to target isolated individuals and are responsible for over 80% of reported security incidents according to spanning.com
Cybercriminals can use phishing attacks to implement malware or freeze the system as part of a ransomware attack.
It is sometimes tricky to identify a phishing attack. Education, awareness, and sometimes experience are the best weapons against phishing attacks. According to CrowdStrike, there are seven characteristics to recognize a phishing threat:
Picture credit SecurityMetrics
During a MitM attack, the cybercriminal intercepts a transaction between two parties and basically “eavesdrop” to get sensitive information (passwords, account credentials, etc.). They can also impersonate the other party to get the information.
The cybercriminal creates a free unsafe Wi-Fi network publicly available and waits for someone to connect. When the user is connected, the cybercriminal can see all their online data exchanges. After intercepting the transaction, the hacker decrypts the information without the user’s knowledge. The criminal then uses the hacked information for identity theft, illicit password change, unapproved bank transfers, or online transactions.
There are many more cyberattacks, and it would be impossible to document them all as new attacks appear regularly. However, here are some other cyberattacks that are commonly reported:
As you can see, many attacks exist, and it is impossible to be aware of all of them however you can always reduce the risk or severity of attacks. Being aware of and educated on cybercrime is the first step, however not enough to prevent attacks. We share below a few tips on how you can improve your protection against such attacks.
Keep an eye out for new software updates for your connected devices. Indeed, updating your system frequently will allow the software to bridge the security holes that have been found. It also removes and fixes bugs. Serious software or computer systems vendors are always on the lookout for trending threats in order to proof their systems against such attacks besides, such updates come along with new and improved functionalities.
Almost everyone owning an email address has in time received a couple of suspicious emails. Despite all the measures, email server companies employ to mitigate spamming and phishing attacks, still so many hackers have evolved along with and have continued tricking their way into other people’s email inboxes. It, therefore, remains a personal responsibility to inform oneself about such emails and links. Based on the common characteristics of phishing above, always avoid clicking on any links.
Similarly, always avoid responding to obtrusive and suspicious alerts while online. Have you received an alert while visiting a website? Do not enter. Usually, these inform you that you have won a certain prize for just visiting a certain website. No one on the internet let alone in the world is simply that nice and generous to give gifts effortlessly without a giant catch. On a side note, it’s always those interested in receiving free gains that mostly fall victims here.
The above sometimes apply to certain ads. Did you see an ad? Avoid clicking on the banner. Generally, websites that host free online resources like films, songs, software, adult content, sports live streaming, etc. are the primary base for such “click baits”.
Certifying a source is not always easy, especially on the internet, but with careful examination of such email or any other form, you can always gain certain confidence as to the origin of a communication. Many organizations and businesses have a standard communication structure or guidelines as to how sensitive or secure data can be exchanged. Always be ready to ask yourself: Who is sending this email? Is the email address conforming to the company/organization website domain? The contact info from any institution or organization should be publicly available. In case of any doubt, quickly check if the person sending you a suspicious email REALLY works where they pretend to be working.
Some of the simple hacks we’ve employed at Neuwelt include doing a google search to identify any social media platforms such a person might be on. In many cases, you will be able to see traits of where someone works or if they even exist at all. Also, it’s always wise to note that you may not be the only one receiving such communication, so be sure to research online if there is any other person that ever received such a suspicious communication.
If your account is a treasure, the password is both the lock and the key. It is indispensable to create a strong password; to keep away cybercriminals from opening your safe. It is then safe to ask, what are the properties of a good password? Well, good enough, we work online and over the years we’ve picked up a few tips and tricks on how to create a strong and secure password.
A strong password has the following characteristics:
Having a unique password for each account becomes hard to manage. Luckily, there exist safe ways to keep your passwords away from cybercriminals but accessible to you.
It is advised for organizations to implement a 2-factor authentication policy. With this measure, when identifying sensitive accounts, it will ask for (1) something you know (password) and (2) something you have (smartphone, tablet, etc.). This way, cybercriminals cannot use your password to access your account easily.
Unsecured networks, such as public Wi-Fi, are susceptible to cybercriminals’ attacks. The best way to protect against them is to avoid using them, or if unavoidable, steer clear from using sensitive information (banking app). Using a VPN is also a good way of protecting against the risk of cybercriminals attacking your devices when using an unsecured network.
At the slightest suspicion of cyberattack, the best is to use protection software to defend your devices.
Of course, most offer paid services, but free options are also available (although more limited). Below, you can find a selection of protection software (with free and paid options):
In conclusion, it still falls back to you as an individual to watch your step online and inform yourself about keeping what is precious to you safe. The internet is full of such great articles like this one providing good content which if well-read and implemented can increase your security online.