How to protect your company when cyber attacks happen from within an organization
Some of the most damaging cyber-attacks can come from within the business, in ways that many employers overlook when it comes to their cyber security. It’s an employer’s worst nightmare—an employee is dissatisfied with his or her job and decides to sabotage the company. Employees can also cause enormous damage by inadvertent errors. By recognizing signs of internal cyber risks and implementing practises to prevent it, you can fend off internal cyber situations.
According to Info-Security Magazine, the concern about intentional data breaches has increased year-on-year, with 75% of IT leaders believing that employees have put data at risk intentionally. These are the employees who are dissatisfied with their jobs and see this as a way to “pay back” an organization for some contrived wrong. There are also reports of malicious insiders being purposely placed by cyber-criminals to get jobs in companies to steal information or to conduct corporate espionage.
Of those employees that have accidentally leaked data, 41% said it was due to a phishing message, 31% said that this was due to information being sent to the wrong recipient and 29% said that they or a colleague had intentionally shared data against company policy in the last year. Dan Raywood Deputy Editor, Infosecurity Magazine
However, according to Verizon’s 2022 Data Breach Investigation Report, internal sources accounted for the fewest number of incidents – about 18 percent. A caveat they report is that internal threat actors are very good at hiding their activity.
Unfortunately, if you have to choose to pay for a ransom demand after a cyber security attack it is probably too late. However, if you have just experienced a “denial of service attack” you may be able to restore your systems from your back ups and moving to another server (link to the cyber blog #1). However, if your attackers have accessed sensitive data that will be released that is when you need to bring in the professionals: lawyers, insurance agents and IT professionals.
One of the most well-known, swift and board sweeping ransom ware attacks was WannaCry which crippled many large organizations around the world. What most cyber criminals want is cryptocurrency. They are after a pay-day. Once an organization has been infected it results in loss of business productivity, revenues, loss of sensitive data and paying does not always guarantee you will get your data back.
From an insurance perspective we cannot stress enough that prevention is worth every dollar you put into your IT security and protocols.
- Here are a few things the ideal cyber security protocol should be designed to protect against ransomware threats:
- Implement real-time protection to prevent or interfere with the activation of ransomware.
- The defence should provide inline protection.
- The protection needs to be updated frequently. Security systems that allow days or weeks between updates give cyber criminals more time to
- target different systems with the same ransomware.
- Email is the first line of intrusion and a strong email security system needs to be implemented.
Prevention is the start of a good cyber security plan. Procedural errors are common when there are no standardized guidelines in an organization related to password management and sharing of company devices. It is important for each employee to understand the rules when it comes to digital security. The most common procedural errors are:
- Poor password management
- Letting unauthorized users access corporate devices
- Poorly managed high privileged accounts
- Misdelivery of information
Tips to combat procedural errors:
- Implement mandatory rules from C-suite down to every employee
- Educate your staff on best practices.
- Implement password protocols that are mandatory
- Utilize a password vault system
- Implement password resets every six months.
- Have a written rule about who and when access to company accounts can be shared.
- Ensure off-boarding of employee’s digital accounts is immediate or prior to an employee leaving the organization.
Inadvertent employee or contractor error
We all make mistakes and unfortunately the stats show that 41% of employees have unintentionally invited a cyber security risk. Workforces today are taxed with working with multiple systems and platforms, coupled with strenuous workloads and demanding clients or timelines, it is easy to make a mistake. The most common inadvertent employee errors are:
- Phishing messages or scams
- Fake login web pages
- Sending data to the wrong individual (bank transfers etc.)
- Putting log in credentials into unsecure emails
- Sharing password information
Employee education is the best way to combat inadvertent employee errors. Have regular check ins with staff to make sure they understand the key warning signs related to scams. Teach them and give real live examples of how smart scammers are. Get them to routinely do the following:
- Think not once or twice but three times before clicking on a link
- Watch for the return email addresses – often it is a subtle one-character difference from a real email address.
- Follow up with people in person or by telephone if someone is requesting sensitive information or money transfers.
- Be adamant not to share any passwords. And if they are shared it should only through a password manager vault where the actual password can be hidden.
- Do not put any sensitive information in an email. You a secure in house or cloud program. Or better yet text a PW and a user login separately.
- Review the URL of a page before clicking any links or putting in sensitive data.
Managing cyber security training can be daunting, but with practice and ongoing regular training this will become second nature to your workforce. For a cyber security checklist contact your Reliance advisor and get started today to a more secure digital way of doing business.