The world, and the businesses in it, are increasingly relying on technology. And while the introduction of new technology can be great, it also opens businesses up to a variety of new risks. Cyber crime is on the rise and a real danger to small business owners. That’s why it’s important to understand the different types of cyber crime, learn some steps that may help prevent a cyber breach, and establish how to recover if your business does suffer from an attack.
What is cyber crime?
Cyber crime is criminal activity that involves a computer, networked device, or a network. And the number of breaches occurring has been rising over the years. There’s been an 11 per cent increase in security breaches since last year and a 67 per cent increase in security breaches in the last five years, according to the Ninth Annual Cost of Cybercrime Study by Accenture and Ponemon Institute.
What are different types of cyber crime?
Cyber crime comes in all shapes and sizes. There are a number of methods hackers may use to attempt to gain access to your computer system, data, or money. Below, we outline some of the key techniques used in cyber crime and some of the necessary terminology for understanding it:
Phishing: Phishing is a type of cyber crime during which fraudulent communications are used to trick users into revealing sensitive information, like passwords or credit card information. Phishing can occur in a variety of mediums, ranging from email to phone/voicemail to text messaging or even faxes. Small business owners are often targeted because they take on so many roles in their business.
Malware: Short for “malicious software,” malware is any program or file that’s designed to gain access to or damage a computer. It may arrive via an email, a website, or through exchanged files. It might exploit a flaw in the computer system directly, attempt to take control of the system or attempt to capture sensitive information.
Ransomware: A type of malware, ransomware occurs when a user is locked out of their computer system, denying them access to their files or their device until a ransom is paid.
Social engineering: Social engineering is the act of tricking someone into revealing sensitive information or taking action, like soliciting a monetary payment. Social engineering can be combined with other threats like phishing to gain your trust and make you more likely to do something like click on a link or download malware.
How can cyber attacks be prevented?
There’s no foolproof way to ensure your business doesn’t suffer from a cyber attack. But there are a number of preventative steps that can be taken to protect your business as much as possible. Here are five simple ways to help safeguard your company:
- Password security: Passwords are the first line of defense your business has against cyber attacks. Ensure your passwords are strong but also something you’ll remember. Make sure you use different passwords for different accounts and be careful with your password retrieval questions. After all, if someone can answer those, they could reset your passwords and access your accounts!
- Update often: The applications and software you rely on for your business should be updated often and as quickly as possible. Many of the updates include security enhancements and bug fixes that could help defend you from cyber attacks.
- Read the terms and conditions: We’re all familiar with the terms and conditions pop-up that appears when you install or download things like software, apps, or files. And unfortunately, we can also be quick to accept the conditions without reading them. But you shouldn’t be so quick to do that. Take the time to read and understand the terms you’re agreeing to. This will include details on what kind of access you’re giving to various parties on information including your location, phone number, and client names.
- Be on the lookout for phishers: Phishing emails are becoming increasingly common and can cause serious damage. In fact, 54 per cent of email scams target small businesses. That’s why it’s vital to ensure your emails are from trusted sources by checking email addresses and links before clicking on anything. Proofreading can also be an easy way to spot a phishing email, as sometimes hackers miss spelling mistakes.
- Back up everything: The goal is to avoid a cyber breach, but that’s not always possible, and if it does happen, it’s better to be prepared. There are many steps to take following a cyber attack, but before one even happens, you can help yourself by backing everything up. You can use cloud sharing or an external hard drive to do this – better yet, why not both?
How to recover from cyber crime
Should your business suffer from a cyber breach despite your best efforts, it’s important to be prepared. Below are a few tips on how to recover from a cyber breach:
- Don’t unplug: Even though you might want to turn everything off, you shouldn’t. If you do, you could delete valuable information on how the hack originated and the extent of the damage.
- Call in an expert: Reach out to someone who specializes in cyberattacks to help you determine the scope of the damage that’s been done and come up with a plan to contain the situation.
- Communicate effectively: Handle communications with care so as not to damage the reputation of your company, and to ensure your customers, employees, and partners are aware of the situation. Consider hiring a public relations expert to gather facts and craft an appropriate message for the public and your employees. Be sure your communications happen in a timely manner, but don’t announce the breach until you know the full scope of the damage. Be as honest as possible and be sure to provide consistent updates.
- Fix your security: After the breach, the investigation into what happened will highlight vulnerabilities in your security system. Then, you can work on correcting them.
- Revisit your insurance: Speak to your provider about your policy to ensure you’re covered for the damages that a cyber breach can cause.
To learn more about coverage tailored for your cyber needs, visit our cyber risk and data breach coverage page today!
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information. Terms, conditions and exclusions apply to coverage. See policy for details.