Even with advanced technology and constantly refined security methods, businesses and their customers face daily threats online, from redirections to phishing sites to damaging browser ads.
Of the cyber threats that businesses cope with every single day, by far the most common active threats include phishing, ransomware, and trojans, according to a report by Cisco. Kenny Natiss provides a closer look at some of the common cybersecurity threats businesses face today.
Phishing Attacks
Phishing isn’t just the most widespread cyber threat — they account for about 90% of breaches that businesses face — they are also the most damaging.
Phishing attacks, when an attacker pretends to be a familiar contact but instead offers a malicious link or access to account details, cause more than $12 million in losses for businesses.
They’ve also continued to grow; phishing is up 65% compared to 2020. Everyone from a business’ employees to executives can be impacted by phishing attacks. Email accounts are especially at risk.
Malware
Trojans and ransomware fall under the general malware, which involves hackers using code to hack into networks and steal or destroy computer data. Malware can be attached to emails and downloads primarily.
Malware can extensively cripple a business since impacted devices often require expensive replacements or fixes. Employees and customers are at risk because malware gives hackers access to sensitive data through back-door means.
Ransomware is particularly malicious. Through ransomware attacks, company data is encrypted in a way that prevents a company from accessing it. Businesses must then pay ransom to attackers to unlock the blocked data. They’re also more expensive than typical data breaches, with an average cost of $4.4 million.
Advanced trojans such as the prevalent Emotet are also destructive and one of the most costly forms of cyberattacks. Trojans typically attach themselves to ransomware and are disguised as something harmless, such as a form to sign or something to install on your computer that seems legitimate.
Weak Passwords
Yes, it’s simple, but easily guessed or weak passwords used by business employees can lead to huge data breaches, especially those involving financial information.
A report from security firm Preempt found that about 19% of business professionals use weak passwords or shared passwords for different uses, which makes all of their accounts easily compromised.
Password databases are also commonly accessed and attackers also find ways to guess passwords if they are among those commonly used.
Insider Threats
The problem may be coming from inside the business itself, whether it’s from a current or former employee, business associate, or contractor. Such insider threats commonly cost businesses over $500,000 per breach.
Insiders can have direct access to critical company data to cause financial damage; 25% of breaches come from insider threats, according to Verizon. One solution is the company doing a bit of an audit on their online practices. The Ponemon Institute found that 62% of employees say they have access to certain types of company data they likely do not need to have.