How to prevent business hacking in Australia
Cybercrime poses a significant threat to Australian businesses. These three strategies can help organisations fight back against intrusions.
One in three businesses in Australia have been the victim of some form of cybercrime. According to the Australian Government’s Stay Smart Online initiative, each attack costs a business over $270,000 on average.
Given the dangers posed by cyberattacks, businesses of all sizes need to be vigilant and adopt a prevention mindset for network security. These are three strategies that can help Australian organisations mitigate the risk of breaches and intrusions.
1. Train your staff to spot phishing and social engineering attempts
13 per cent of test subjects clicked on phishing attachments.
What harm could come from a friendly chat at a bus stop? A full-scale data breach courtesy of social engineering – a tactic where a cybercriminal leverages information about a target for an attack. A common application of social engineering is phishing; an attacker crafts a specifically targeted email containing malicious links or attachments that the victim is more likely to click on.
How do hackers tailor these emails? That’s where that ‘friendly’ bus stop chat comes in. Cyberattackers can use those interactions to get personal information that will help compose a more enticing email firsthand. According to an experiment in Verizon’s 2016 Data Breach Investigation Report, 13 per cent of test subjects clicked on a phishing attachment.
Training is the answer to this tactic. Organisations should strive to teach employees about the dangers of social engineering and phishing.
2. Be careful with removable media
When people see a USB drive on the ground, they will thank their luck and pick it up. The cyberattacker who carefully placed it there, on the other hand, will think, “Jackpot!”
Removable media devices like USB drives and SD cards are a hacker’s best friend given how helpful they are in infiltrating a system – and how willing employees are to plug them in. These devices can often contain a malicious file, much like in phishing attacks, that digs into a network and opens up a backdoor for further intrusion.
Other devices might not actually be what they seem, such as the Rubber Ducky. This device looks like a USB drive, but it’s a minicomputer that penetrates a device in seconds. Operating systems recognise it as a keyboard, so it simply bypasses most security controls. Watch this video to see it in action.
Training and strict guidelines on the use of removable media devices can derail these attacks.
3. Fortify your network
It should be clear by now that cybercriminals are typically very good at what they do, so organisations need to adopt a multifaceted strategy to combating them. While training is a key part of this, ensuring your network has strong defences is another.
A managed firewall, part of Telarus’ Managed Security platform, gives your organisation protection against attacks and unauthorised access without the need to put large amounts of resources towards it.
To learn more about what our security platform can do for your business, contact Telarus today.