Happy New Year!
2020 has finally arrived. Entering into this new decade, we prepare for change and growth. As we all know, this means we must also prepare for new risks that we have not faced before.
The technology world is advancing faster than ever. In order to keep up with cybersecurity threats, we must first become aware. While we cannot predict the future, it’s safe to say that we now have a clear idea of what’s to come. In this blog post, we will go through a list of the main cyber threats and risks that SMBs need to know about for 2020 so they are well equipped and able to take the right precautions for their specific organization.
Risks for 2020
- Ransomware and malware attacks will continue to spread. These types of attacks can destroy networks and company reputation in the blink of an eye. Often times, malicious software damages a victim’s system or holds company data hostage long before anyone even realizes what’s happening.
- Many, if not most attacks will target SMBs. While hackers sometimes target smaller sized businesses with the end goal of reaching a larger business, they also target SMBs because they have noticed a lack of security. Whether this is due to budget constraints or, in many cases, the ‘it will never happen to me’ mentality, SMBs will continue to be at risk so long as they are viewed as an easy target by not taking a proactive approach to their security posture.
- Phishing attacks will become more targeted. At this point we’ve all seen Phishing emails show up in our inbox. Some are obvious attempts at stealing credentials or financial information, but now that the general public has become more aware, would-be attackers are growing more and more sophisticated in their approach. Attacks like Spear Phishing (focusing on a specific individual within an organization) and Whale Phishing (centering on higher level members such as directors and c-level) are becoming the new normal. Although these attacks are more dangerous than ever, simply spreading awareness and offering regular employee training is the key to a proper first-line-of-defense.
- Voice phishing (Voice Deep-fakes/Speech Technology) will become common. Many believe that this is because of the upcoming elections, but experts across the board are warning that deep fakes (images, videos, and voices created to impersonate a target by using computers and machine learning software) will be the most convincing way to hack into organizations in 2020.
- AI powered cyber attacks are here. While it may have felt like a long-shot in the past, malicious hackers are advanced in their methods. With malware backed by AI, there is a whole new world of threats for organizations – especially those with less experience or without specialized guidance to combat this technology.
- Uncommon attack methods will begin to emerge. Cybersecurity has finally started to gain momentum, and hackers are aware of this. Knowing that we are doing all we can to prevent common attacks, they will turn to unconventional methods that some of us may be unprepared for. For example: Stenography (concealing a file/image/video within another file, message, image or video), and SMS attacks in which a two factor authentication code is compromised and will allow a hacker to collect all of your information the second you enter your password.
Becoming aware of these risks is the first step to preventing them.
We’ve put together some quick steps you can take right away to help you remain diligent and plan smart for the year:
- Download anti-virus software. The small investment is worth what’s at stake if you are currently unprotected. Research what software works best for YOUR company, specific computer, or device before making your decision. These days there are plenty of free and affordable resources available.
- Educate your employees. Possibly the most underrated and overlooked method of defense is empowering your team as the first-line-of-defense. Read more about this in our blog post: https://bit.ly/2QrCZaG/.
- Be cautious with ALL emails sent to you. Read in-depth about deciphering if an email is safe: https://bit.ly/2SWDYS6/.
- When possible, avoid public Wi-Fi hotspots. They are hotbeds for cyber attacks! Accessing sensitive data, financial, or personal information is very dangerous as many hackers can easily intercept this information on unprotected networks. Only browse websites that start with HTTPS and avoid websites that start with HTTP on public Wi-Fi. If your company offers a VPN to access company data, use it, as it offers extra security.
- Educate the family! Take time to sit down with your kids and go over the basics – like asking before clicking unknown links, or avoiding downloading software from unfamiliar sources! Check out some tips on how to protect your home network: https://bit.ly/2MZ4Htc/.
- Check to see if you’ve been compromised. If you’re wondering if your personal data has been compromised, visit this great free resource to learn more: https://haveibeenpwned.com/. Just type in the email or password you want to check on, and the website will search through their records and give you instant results and necessary steps you can take to protect your online identity.
- Use strong passwords. And, don’t use the same one over again! Use 8 or more characters (including both upper and lower case), use numbers, and special characters. Like most people, if you’re having trouble keeping track of them all, there are lots of free password management tools available to help you keep track and secure. Consider looking into https://lastpass.com/.
If one thing is clear, it’s that cybersecurity is crucial to help businesses survive in this new decade. Making this a priority now and taking necessary steps to protect your business could be the thing that sets your organization apart, keeping you and your customers safe and happy.
We want to open our doors to anyone who is curious or concerned, so we’re offering a Cybersecurity Assessment that will identify vulnerabilities you likely are not yet aware of.
Let’s stay on top of this together.