CyberSecurity In a Nutshell
Cybersecurity is an all encompassing term. But at the root of its definition, it means defending your company's digital assets, including servers, computers, networks, and data, from digital attacks. In these trying times, a corporate strategy for doing just that should be a collection of technology and personnel to prevent, detect and recover from any cyber threats. As we begin to see the light at the end of the tunnel from the pandemic, one of the biggest affected industries has been healthcare.
The ransomware attackers hope for large, quick paydays from an industry (healthcare) that simply cannot afford to play the long game in these confrontations.
Honestly, healthcare has been a favorite target among the dastardly digital drek we refer to as Big Game Hunters (BGH) for years. The BGH targets this industry for obvious reasons ... it's a economic monster of an industry, and at its base it's literally a life and death struggle. Which means no industry has a shorter window of downtime than healthcare. Thus, the ransomware attackers hope for large, quick paydays from an industry that simply cannot afford to play the long game in these confrontations.
We will dive into the healthcare arena specifically in later articles, as well as other industries we've had success in helping ward off attacks and rebuild from crippling events. But we're going to keep this blog at a basic level.
Organizations face many challenges when it comes to crafting an effective, comprehensive cybersecurity strategy. The most common types of attacks include:
Malware
Malware (malicious software) basically means any program or piece of code that has a purpose of doing harm to a computer, network or server. Common types of malware include viruses, ransomware, keyloggers, trojans, worms and spyware.
Denial-of-Service (DoS) attacks
Denial-of-Service (DoS) attack is a malicious, targeted attack that floods a computer network with traffic. Imagine a huge highway, a great time saver most of the time, but when there's too much traffic it's a place where dreams of picking up your kids from daycare or putting dinner on the table at a decent hour go to die. A DoS attack launches bogus requests on the network to disrupt business operations. In a DoS attack, users are unable to do much of anything, thanks to a compromised computer or network. Most DoS attacks do not result in lost data and are typically resolved without paying a ransom.
Phishing
Phishing is a type of cyber attack that uses email, SMS, phone, or social media to entice a victim to share sensitive information—such as passwords or account numbers—or to download a malicious file that will install viruses on their computer or phone. For IT professionals, this can be the scariest proposition of all. Why? Because computers, servers, and networks can be programmed to consistently deliver good choices. But phishing takes advantage of what can be a company's weakest link ... its human factors. Even the smartest person at your company can have a bad day, be distracted, and hit the wrong button or open the wrong email at the wrong time ... and then it's too late.
And the latest type of attack: Ransomware
Ransomware is specific malware that denies access to your data, but the criminals will allow you access to your data ... after a payment (ransom) is made.
In our next blog, we'll talk about steps you can take to fight these criminals.