Cybersecurity is beyond the constraints of this program’s look at theft and fraud in the workplace, largely because the ability to catch cybercriminals requires resources outside the capacity of most small businesses. Nonetheless, it is important to be aware of the variety of threats that exist today and to be aware of the rapid evolution of online and cyber threats.
Th days of printer ink scams and Nigerian princes have long passed, but there still remain primitive attempts at attacks and fraud, along with sophisticated approaches.
The most prevalent forms of cybercrime include ransomware attacks, phishing scams, insider threats, social engineering manipulation and malware infections. While some involve direct attacks on your operation, others use your computers as hosts or staging grounds.
The attacks do not even require direct computer access. Attempts to hack emails and social media accounts are ongoing, often without our knowledge. Email providers, ISP providers and web hosts provide a wealth of tools to make you aware of attempts on your security, as banks and credit card companies do.
Websites are common targets of hijacking and, when the perpetrators are not attempting to gain control of your websites, they are flooding you with bogus comments.
Ransomware attacks are not limited to institutional and government sites. Big, medium and even small business often experience hackers who access your data and prevent you from using it unless a ransom (hence the name) is paid.
Phishing attacks are a cute way of labelling fishing efforts, trying to gain access to your personal information, passwords, contacts, bank data and so on.
Insider threats may be attempts by employees, contractors or people connected to the company. As often as they attempt to steal your data and access your accounts, they also are looking to find other entities to attack, with whom you are associated.
Social engineering largely involves impersonation. Cybercriminals may impersonate an authority to whom you report, a banking or government agency or even a desperate relative. These tactics sometimes smack of the Nigerian prince scam, but many vulnerable, and otherwise wise people fall for the impersonations. Some do so with the hope of gain (greed) while others do so, believing they are helping someone in need. This is why elderly people are often targeted, but even small businesses and entrepreneurs can be duped.
Malware poses the most direct and consequential threat. It involves malicious software like viruses, worms and Trojan horses. It can attack your systems unexpectedly or use your systems to launch attacks on other systems.
Data breaches may occur directly on your systems or may originate with customer and supplier software which is used to attack you.
All of these threats are largely preventable. There is a wealth of detail online as to how you can protect yourself against current threats, but, as quickly as we put up defences against the known problems, cybercriminals come up with new strategies.