Within hours, a cyberattack can disable your business all with just a click on a computer. Many organizations don’t realize that cyberattacks have become increasingly common in businesses of all sizes and can cause an organization’s computer system to shut down for days or weeks. Company financial data and customer information can be stolen before you even know a cybercriminal has accessed your computer system. Even worse, a ransomware attack can leave a business with no choice, but to pay a significant ransom to a cybercriminal before a business can even start to get back up and running.
What is a cyberattack?
A cyberattack is when a cybercriminal or group of criminals access your business’ computer system/computer network with the sole intent to wreak havoc on your business by shutting it down, causing the business to lose revenue, and/or to lose customers.
The cybercriminal will steal information, including customer credit card numbers and other Personally Identifiable Information (“PII”) and sell it on the dark web, which will result in identity theft for your customers. It’s also not unusual for a cybercriminal to hack into an employee data base and put your employees at risk for identity theft as well. Once the cybercriminal is inside your computer system, they can see and potentially steal all types of information, including propriety business plans, financial information and confidential data. They see it all.
In a ransomware attack, a cybercriminal steals customers’ PII and threatens to disclose it or sell it on the dark web, if the business does not pay a “ransom” to the cybercriminal. During a ransomware attack, the cybercriminal “encrypts” (freezes and shuts down) a computer system, including any software used to run the business. They literally hold the business’ computer system hostage until a ransom is paid.
The cybercriminal leaves a “ransom note” and sets a deadline for payment of the ransom, which usually needs to be paid in crypto currency such as bitcoin or monero. Then the race is on for you to try to “decrypt” (unfreeze and get back up and running) before the cybercriminal increases its demand or just disappears leaving you with a dead computer system and with no access to your data.
Who are these cybercriminals?
Cybercriminals, like all criminals, come from all walks of life and commit cyberattacks for any number of reasons. There are criminals whose main objective is to make money through selling data to other criminals to use in identity theft, steal trade secrets or proprietary information, or simply turn a profit by extorting a ransom payment. The motive of these cybercriminals can be anything from financial gain, to malice against a current or former employee, or, in some cases, the motive is political.
How does a cyberattack happen?
The scariest part of cybercrime is that there are a number of ways for a cybercriminal to access your computer network. One way is to gain access through a laptop or desktop by hacking passwords. Another way is to gain access through vulnerabilities in your system such as a software that you use that creates an opening. Cyber criminals tend to access your computers and look around for a long period of time to gather information and data that they can use to harm your business or to extort money.
The sophisticated cybercriminal will gain access to your system, go through financial files, employee records, tax documents, customer lists and proposals, propriety and confidential information, and whatever else they can find to figure out the best way to extort money from you and increase their financial gain. Some common access point include the following:
What can you do to protect your business from being debilitated by a cyberattack? Unfortunately, just like all individuals cannot fully protect themselves from being a victim of a crime, all businesses cannot fully protect themselves from a cyberattack.
However, there are steps a business can take that make it harder for a cybercriminal to access your systems and cause injury to your business:
Cyber criminals know no boundaries. The only way to keep ahead of them is to be vigilant in keeping your computer system secure. It’s the first and best response to protecting your business from being one of the many businesses that fall victim to these criminals.