Top cyber-security threats and how to tackle them

Using computers and adopting digital technology has made life easier for countless small businesses.

Even if your core service or product isn't computer-related, the flexibility and surrounding infrastructure of digital tech means almost all businesses rely on data for one thing or another.

Unfortunately, this also presents a digitally focused set of hazards and risks. In the right circumstances, computers can be an easy entry point for criminals and fraudsters.

Meanwhile, unhappy or negligent employees could release confidential information, intentionally or otherwise.

In this blog, we look at some of the top cyber threats facing businesses right now, and the preventative measures you should consider.

What are the most common cyber threats for small businesses right now?

Phishing attacks

Arguably the most frequent cyber attacks these days are phishing attacks. They're when someone sends you an unsolicited text or email trying to act like a service or product you might be using.

They send a link to your email address and ask you to log in to a fake service that looks like the site you're expecting, but actually just steals your credentials. Once compromised, the attacker can then spoof all of your contacts too.

The best way to mitigate against this type of email spoofing is to enable two-factor authentication (2FA) on everything. Because even if an attacker has your password, they can't log in to a site without your 2FA code.

Secondly, use a password manager – they generate extremely secure and complex passwords so you don't use the same code twice.

Because general awareness of cyber security has improved somewhat, cyber criminals have had to change their tactics and now take a more personal approach, known as spear-phishing.

Ransomware attacks

Ransomware is nothing new to cyber security, with the earliest example rearing its ugly head back in 1989.

Once ransomware is on your computer, it can delete and prevent you from accessing files until you pay a fee or ransom.

Today, ransomware gangs actively and aggressively spread their malicious software. But the makeup of these threat actors can shift quickly, making them hard to pin down.

Many gangs, when threatened, will fracture and split into numerous smaller groups operating under different names.

Tip: Stay across the latest ransomware advice

Some of the best actions you can take against ransomware attackers are preventative:

• Back up your data regularly on the cloud where ransomware can't access it.

• Train your staff to identify suspicious and fraudulent emails and become more aware of social engineering (when a cyber criminal uses manipulation, influence or deception to gain control over a person's computer system, or steal personal and/or financial information from them).

• Undertake incident management in the event of a ransomware attack.

Bear in mind that paying a ransom won't guarantee that the malicious actors will give you your data back, nor will it remove the ransomware from your computer.

Malware and viruses

If you're wondering whether malware and viruses are the same thing, the answer is a firm ‘no’. Malware includes:

• viruses

• spyware

• adware

• ransomware (see above)

• other types of harmful software

Knowing the differences between viruses and other types of malware is helpful when it comes to prevention as well as removal.

A computer virus is designed to copy itself and spread to other devices as widely as possible, just as a biological virus infects its host, self-replicates, and spreads to new hosts.

Computer viruses proliferate by infecting applications and email, and they can be transmitted by removable storage, infected websites, email attachments, and even networking routers and server software.

Tip: Prevent malware and viruses with network security

Network security safeguards your internal computer networks and protects both your hardware and software.

It prevents cyber intrusions such as malware from entering your network and spreading, and leaving you with infected devices.

Network security tools include:

• antivirus and anti-malware software

• firewalls

• virtual private networks (VPNs)

VIDEO: Keeping your business safe online

Watch this webinar to learn how to identify and address risks around online security and what tools you can use to help keep your business secure:

SQL injection

SQL injection is a common web hacking technique where cyber criminals insert malicious code into a website with the intention of gaining remote access and manipulating private information stored in the website's database.

The target might include users' login credentials that allow the hacker to impersonate the user or sell the information. Preventing an SQL injection attack requires advanced knowledge of website development.

Tip: Prevent an SQL injection with application security

Application security aims to increase the security of your apps by removing vulnerabilities and enhancing security features.

Although most of this will be done at the development stage, updates and patches will be released after an app has been launched.

Common threats to applications include unauthorised access to sensitive information and modification – an SQL injection attack being one example.

To make sure your applications and software programs are secure, consider using a patch management tool to regularly check for new patches and updates and install them as soon as possible.

Denial of service (DoS)

The aim of a denial of service (DoS) or distributed denial-of-service (DDoS) attack is to cause a website, machine or network to crash, making it unavailable to its intended users.

Malicious actors achieve this by flooding the target with requests until it becomes overwhelmed and is unable to serve any more users, resulting in a denial of service.

Tip: Prevent a denial of service attack with endpoint security

Endpoint security protects all the connected devices on your network, such as desktops, laptops, servers and mobile phones.

They will be protected against security threats like unauthorised access, data breaches, malware and ransomware.

Common endpoint protection solutions include antivirus security software, VPNs, and anti-phishing email scanners.

Man-in-the-middle attacks

A man-in-the-middle attack takes place when two parties are trying to communicate, and a third party – the ‘man in the middle’ – intercepts the communication of either party with the intention of stealing data or impersonating them. The unsuspecting user remains unaware that this is taking place.

For example, cyber criminals may create a fake e-commerce website then persuade a user to log in by sending an email pretending to be the legitimate owner of the store.

Once the user logs in to the nefarious website, they have unintentionally handed over their credentials to the cyber criminal.

Tip: Prevent man-in-the-middle attacks with data security

Data security refers to the policies, processes and technologies you have in place to prevent data from being modified, destroyed or disclosed, whether accidentally or maliciously.

Examples of data protection practices include:

• using strong, complex passwords to avoid unauthorised access

• running regular system back-ups to aid recovery and business continuity

• using encryption to prevent data from being easily read

VIDEO: How to manage your business's cyber security

Watch this webinar to find out how to manage your business's cyber security and protect your computers, networks, devices and data from unauthorised access or attack:

Insider threats

The past couple of years have proven financially difficult for many people as the UK experiences a severe cost of living squeeze driven by soaring inflation and rising interest rates.

But as hardship increases, the risk of crime and exploitation also rises, researchers say. Unfortunately, businesses aren't immune to these risks either.

If employees are under personal financial pressure, they can, in extreme circumstances, consider criminal activities to make up for these losses.

Whether working alone or with outside criminals, corrupted employees with rogue access to financial or otherwise important data could present a risk to your company.

Tip: Prevent, monitor and audit

Fortunately, insider threats can be relatively rare, but this doesn't mean you shouldn't put preventative measures in place.

One of the most effective methods can be to 'prevent, monitor and audit', as outlined by the National Cyber Security Centre.

• Prevention involves restricting who has access to sensitive data and controlling the sharing of information.

• Monitoring involves warning users which actions may be illegal or against company policies, if they're emailing people outside the business, for example. Monitoring can also involve reviewing activities that have been flagged after they have happened.

• Auditing is similar to post-event monitoring. It requires you to assess activities employees have carried out and to review any risks that may have arisen since your last audit.

If you feel rising costs are causing employees to struggle or are likely to drive them to malicious activity, there are ways you can support them.

The poverty-focused charity Joseph Rowntree Foundation has identified a range of ways employers can support their employees.

Password-less authentication

While complex passwords are difficult, or take a long time to hack, they still pose a risk. Many businesses, big and small, use multi-factor authentication (MFA) to protect their data and access to software.

Instead of using a written password, it's now possible to use the biometrics found in modern devices.

This technology can prevent hackers from guessing a correct password (using techniques like brute force password cracking) and lessen the risk of employees forgetting.

These can include face and fingerprint scanning, all of which are far more difficult to replicate or phish when compared to traditional passwords.

Tip: Consider biometric authentication

If you want to use biometric authentication, one of the best places to start is by choosing a provider that supports MFA.

Your employees should be able to access systems through biometric scanners on their phones or laptops.

Cable cutting

While we might think of technical innovation as wireless, the internet and wider computer infrastructure are still largely reliant on physical cables.

In recent years, cases of sabotage directed at internet cabling between countries have increased. Once cables are severed or damaged, internet use can be severely disrupted, affecting home users and businesses alike.

Tip: Secure your IT infrastructure

While you can't influence the geopolitical or national security situations that might result in cable sabotage, you can plan to secure your critical infrastructure and IT systems.

Future-proofing your network, and not allowing systems to become outmoded and thus prone to disruptive attacks, can help to reduce the chances you're affected by bad actors.

Similarly, having regular back-ups and audits can be beneficial in the long run, should disaster strike.

Rolling blackouts

It isn't just internet infrastructure that can be put at risk. Geopolitical events can result in energy supplies being reduced or even cut off.

If rolling blackouts become common, it won't just be your computers and office lights that won't turn on.

The internet servers that host your website and any other digital components your business relies on will also be affected by power cuts. Though it is expected that governments will prioritise powering infrastructure.

Tip: Have a backup for power outages

One reliable way to counter any blackouts is to invest in an uninterrupted power supply system (UPS).

These systems will help to power your servers and your office in the event the external supply suddenly drops or ends. There are a number of options for UPSs, so it's worth exploring.

Final thoughts

Nowadays, businesses face an increasing myriad of cyber risks and threats, and whatever your company's size and sector, it's important to think about contingency plans should the worst happen.

One option to help protect your business in the event of any harmful cyber activity is cyber insurance, which can help with the cost of retrieving data, performing repairs and defending against claims for compensation.

Relevant resources

• Cyber security for small businesses: A basic guide

• What is phishing and how can I protect against it?

• What is a data breach and how do you guard against one?