If you are not careful, hackers will find ways to infiltrate your systems, using them for their own gain. 

 The word "hacking" conjures up a number of images. For some, it has been an enjoyable pastime for years and provides a way to learn new computer skills. For others, hacking is associated with criminal activity such as stealing money from people’s bank accounts or hijacking computers to send out spam messages. But there are other types of hacking that can have a much more serious impact on businesses – the kind that could put your company at risk of being hacked. If you're not aware of these threats, what they mean for your business and how they work then you could be the next victim, you may even lose your business.

1. What is hacking and why you should care
 Hacking is an activity where an entity or actor A.K.A the “hacker” seeks to compromise digital devices such as computers, smartphones and tablets. It is done for any number of reasons but most often hackers are defined today by their unlawful intent in order to gain financial reward or information from another person's device/systems without permission - this would make them cybercriminals motivated primarily (if not solely) by money

 2. The three main types of hacks
 Ransomware is a form of malware that can damage your files and make them encrypted. The attacker will demand payment in order to restore access, while users are shown step-by-step instructions on how they should go about making payments to unlock access. They sometimes are for small ransom payments but very often attackers of very large organisations will demand millions to give access back.

 Phishing involves an attack or scam that uses email to trick recipients into clicking on links, opening attachments or otherwise taking action which produces harmful results. These emails appear to come from sources the user normally trusts - banks and credit card companies for example; however they can be more than just an annoyance if you end up too deep into the ‘trap’!

 Malware is short for malicious software and refers to any intrusive program developed by hackers (often called “cybercriminals”) that steal data from your computer or damage it in some way. Examples include viruses, worms, Trojans- all of these are forms of malware, Recent attacks have seen large amounts of personal information compromised through email attachments sent as spam emails from cybercriminals.

 3. Ways to prevent yourself from being hacked
 Stop using public wi-fi when accessing private data. 

 Turn off GPS, wireless connections and any other form of personal monitoring or connection on both mobile and desktop computers.

 Download only apps that you trust. Delete old ones and make sure the ones you use are updated when updates are available. 

 Use passwords, encryptions and two-factor authentication when possible.

 Treat links and attachments sent to you with suspicion. 

 Secure your data. 

 4. How hacking can affect your organisation
 Hacking can have many negative consequences. A hacker could steal your most precious data, like business secrets or contact information for employees and customers; they may also damage the actual hardware on which this information is stored - causing them total loss of their company's valuable assets! Whether you're a small (or large) firm targeted by hackers, there are legal implications if someone else steals our intellectual property during an attack as well.

 Data theft, extortion and attempts to extort, blackmailing et cetera. There are a whole range of potential impacts that hacking can have on your organisation. Businesses and individuals alike should be aware that data theft can have serious consequences. Losing business information to thieves means a loss of competitive advantage, while also bringing legal action against them in some cases if the private communications were text messages or emails belonging to third parties (such as customers). If your phone has been hacked into by whoever stole this type of sensitive files it will certainly teach you a lesson. 

Losing your data can be really frustrating, and even if you think it was just usernames and passwords that were compromised the consequences could be much worse. For example bank accounts or credit cards might have been stolen as well! So make sure to change those too in order to protect yourself from financial loss further down the road- plus call up any institutions where they use these account numbers.

Conclusion

Hackers have become the modern-day criminals, and they are attacking organisations at an unprecedented rate. Every day brings news of another company being hacked for its sensitive data - sometimes costing them millions in damages to their reputation, customer trust, and bottom line. The frequency with which hacking has been occurring is alarming enough on its own; but what’s really frightening is that hackers are now using artificial intelligence (AI) tools to help them figure out how best to break into companies' networks faster than ever before. It’s imperative that you take action and secure your business; it’s better safe than sorry.

They tell you that one of your employees' email accounts has been hacked and is being used to send out spam. You quickly realize that this could have serious consequences for your business- from lost revenue to damaged reputation. Unfortunately, business email compromise (BEC) is becoming increasingly common, and can cause significant harm to- businesses of all sizes. 

Email is a mainstay of communication in the business world. But what happens when email is used to target businesses for criminal gain? This is business email compromise (BEC), and it's on the rise. There are different types of business email compromises, and some of them can be much more damaging than others. Stay safe.

 What is business email compromise and what are the different types of it.
 BEC is a form of phishing attack where criminals attempt to trick senior executives into transferring funds or revealing sensitive information. The criminal's goal with these emails are convincing they request unusual payments, contain links that might lead you onto an 'offline' area on their website and viruses hidden under seemingly harmless attachments like invoices etc, which can result in your computer being infected.

  The FBI has mentioned five common types of BEC attacks, they apply in the UK too:

 1. Email Account

Hackers access your email account and request payment from vendors. The money is then sent back to an attacker-controlled bank transfer, tricking the vendor while their traces  are covered by a complex series of money transfers. 

 2. Vendor Email

Companies that deal with foreign suppliers are common targets for vendor email compromise. Attackers will pose as the company's supplier, request payment on a fake invoice and once they receive it, transfer the money into an account which is fraudulent in nature but still enough to hold valuable data from these organisations.

 3. Data Theft 

Data theft attacks are a huge problem for companies. They typically target HR personnel in order to obtain personal information about a company’s CEO or other high-ranking executives which can be used later on like when committing CEO fraud. This is often only part of a BEC strategy by the criminal. Internal employees who commit cybercrime are often data thieves.

 4. Legal Representative

It's not unusual for an attacker to pose as a lawyer or legal representative over email. The common targets for these attacks are those lower-level employees who may be unfamiliar with this scenario - and may mistakenly forgo questioning an urgent request from the sender without a hint of suspicion and this can mean big trouble later down the line . 

 5. The “boss” trick

 Attackers have been known to impersonate the CEO or executive of a company, and as such request that an employee within the accounting/finance department transfer funds into their own account. Obviously this can lead to catastrophic outcomes but many employees are at risk of falling for this type of scam, particularly those new to a company and eager to please or those who are less tech savvy.

 How to protect yourself from email fraud.

 Here’s a quick checklist for protecting yourself from BEC:

Never giveaway your password to anyone
Avoid opening superfluous attachments - the ones that you don’t need.
Beware of psychological manipulation A.K.A social engineering
Do a reality check - does it sound too good to be true? Don’t interact with it.
Refrain from clicking links that look strange and don’t sign in if they take you to a sign-in page - this is a classic tactic that makes life very easy for the attacker. You can often tell the difference between a legitimate and fake sign-in page.

Steps to take if you're already the victim of an attack on your company's emails
These three prompt actions can go far when trying to mitigate the impact of the BEC attack:

 As soon as you become aware that your email account has been hacked, the first thing to do is change passwords. Choosing a strong password without any similarities will help to prevent hackers from getting back into it further down the line.
Now that you've secured your account by changing the password, it's time to let management know about any phishing attacks. You can alert them through email or over chat so they're aware of what happened and work on preventing future ones from happening.
Once your email account has been hacked, the cybercriminal will be able to pose as you and send emails that appear legitimate. If someone on their contact list receives one of these pretend messages from "you," there's a good chance they'll open it - which could then give hackers more access or exposure than ever before, not to mention damage certain client relationships irreversibly. Swallowing pride about this is most important so you protect as many stakeholders as possible.
 It's hard to believe that something as innocent as an email account could lead to such serious consequences for your business. Fortunately, you can take steps now to protect yourself and your employees from this type of attack in the future. We recommend making sure all company passwords are strong and using two-factor authentication whenever possible. This will not only increase security but also decrease the likelihood of other cyber threats like phishing or ransomware attacks. The last thing you need is a hacker taking over one of your employee’s accounts and sending out costly spam emails on their behalf; it's up to you to make sure they never have access again! Don't wait until it's too late.

by: Keumars Afifi-Sabet
23 Feb 2021 IT Pro

Experts have criticised the lax approach to cyber security that many small and medium-sized businesses (SMBs) adopted prior to COVID-19, and have, to some extent, kept up during the pandemic.

Cyber criminals are increasingly targeting SMBs because they’re becoming more and more aware of the widening gaps in their IT systems, fuelled by a “head in the sand” culture that predates COVID-19. This, according to CEO and founder of the UK Cyber Security Association, Lisa Ventura, manifested in 2020 as an uptick in phishing attempts, malware, ransomware, ‘man in the middle’ attacks and CEO fraud. 

She was speaking on a panel hosted by Orange Cyberdefense and joined by the company’s head of security research Charl van der Walt as well as its UK director Stuart Reed. The trio agreed that some SMBs were effectively undermining security efforts by failing to patch newly-adopted technologies, as well as paying ransom demands against the advice of security experts. These attitudes, however, are beginning to shift as SMBs begin to realise they’re just as viable a target as large enterprises.

“Prior to the pandemic, we saw that many small businesses and SMBs had very much a ‘head in the sand’ approach to cyber security, with a lot thinking they didn’t need to take it seriously or even have it on their radar in many cases,” Ventura said.

“But today, with the move to getting everybody working from home quickly last year, from a business continuity perspective, we’re seeing more small businesses and SMBs finally starting to take their cyber security posture much more seriously.”

The rush to support remote workers

Describing the nature of a swelling attack surface, Charl van der Walt pointed to a surge in malware attacks against small businesses last year. This hasn’t historically been the case and has changed to the extent that malware detections in small businesses have now caught up with detection rates in larger organisations. 

He added that, per employee, we’re seeing more attacks against smaller organisations than in large businesses, which puts to bed this entire “too small to care” debate. 

The attack surface also increased in 2020 due to a number of drivers such as the massive shift to remote working, with many UK-based SMBs experiencing cyber security incidents as a result. Alarmingly, according to Lisa Ventura, as many as two in five smaller organisations admitted that they suffered multiple breaches.

These lax attitudes to cyber security also manifest in the way that many SMBs have embraced technologies such as video conferencing and virtual private networks (VPNs). 

These tools, the panel agreed, have suddenly elevated from peripheral services used by a small number of employees to mission-critical systems. Van der Walt observed one business, for example, renegotiating its VPN licenses from just five to 10,000 overnight. 

He added there was an immense surge in vulnerability research into remote access tools and VPNs, many of which businesses were rushing to tack onto their IT estates.

Although these relatively young services are now deemed mission-critical, “nobody had the energy or the appetite” to patch them as flaws were discovered and updates released. This resulted in a significant number of attacks.

'Myth-busting' the ransomware surge

One of the most notable changes to the threat landscape in 2020 was a surge in ransomware with research by SonicWall, for example, showing that 121 million attacks were recorded in the first half of 2020 - a 20% increase.

While there’s been a surge in detections, as far as Orange Cyberdefense is concerned these should be attributed this less to the efforts of cyber criminals, and more to the practices of security teams. 

Ransomware, Charl van der Walt explained, is a multi-staged attack that comprises network infiltration, reconnaissance, data theft and other forms of monetisation including granting other hackers access to compromised systems.

While Orange Cyberdefense can detect these attacks at any stage, the team only records these attacks as ‘ransomware’ when they detect a final payload and the launch of an encryption event. 

Ransomware incidents certainly increased during the pandemic, van der Walt continued, but reports only rose in line with figures for early-stage indicators, including the presence of droppers and downloaders, falling. These figures, therefore, are “not a reflection of the activities of the attacker” so much as they’re “a reflection of the level of focus of our clients”. 

“We believe that as everyone was scrambling to deal with the ‘new normal’ what happened was customers were less able, less willing, to respond to early-stage incidents,” he said.

“So when we told them: 'Hey, we’ve detected what looks like an incident', they were less likely to respond to it, and as a result, that attack would evolve and mature into full-blown ransomware.”

Following the first wave, IT teams were responding more readily to early-stage incident reports to confirm the presence of indicators like droppers and downloaders, pushing those numbers up again while recorded ransomware incidents once again fell. 

Exposing yourself to future attacks

The panel also echoed the views of the UK National Cyber Security Centre (NCSC) in urging organisations not to pay ransom demands following an attack.

Due to rapid changes to business structures during COVID, gaps were often left in the IT systems of SMBs, giving rise to opportunistic attacks in which hackers would encrypt hundreds of thousands of files and knock customer-facing services offline in the process.

“In many cases,” Lisa Ventura lamented, “we saw that SMBs just simply preferred to pay the ransom instead of dealing with those encrypted files, recovering their IT systems, and this, in turn, created a vicious cycle. So the more that those types of attacks succeeded, the more frequently that they occurred, particularly within SMBs.”

The tendency for businesses to pay ransom demands even gave rise to a new tactic called ‘double extortion’. Prior to encrypting victims’ databases, attackers would first look to extract sensitive data and threaten to publish this information unless a ransom demand was paid. Driven by that fear, many SMBs “would rush to pay that ransomware immediately” to avoid having their data exposed and potentially suffer any reputational damage.

There’s also an argument to suggest that businesses that pay ransomware demands, as well as the insurance companies that compensate them, are consciously funding organised crime, as the former head of the NCSC Ciaran Martin alluded to recently. 

Orange Cyberdefense’s UK director Stuart Reed said he was very sympathetic to the temptation to pay up, but that his company’s advice has always been firmly against paying any ransom demands. 

“It could be argued that you’re actually funding this cycle of criminal behaviour, albeit inadvertently,” he said. “Certainly, by paying the extortion there is naturally going to be an incentive to use that money-making mechanism time and again. 

“The danger is that if you do pay that ransom, firstly, you’ve got the dubious question of whether you get your information back or not or whether the extortionists are going to say true to their word, and there’s no reason they should do.

But if you do get that back, it arguably makes you a target for future attacks because you’re known to be paying out or coming good on demands. So there’s a real danger or risk that you’ll expose yourself further for future attacks.”