The enemy playbook.

When discussing threats to business’s cybersecurity, the term “cyberattack” is often used as a catch-all term to define any kind of data breach.

Not to say there’s anything wrong with the term, but it’s a purposely vague term and defending yourself against cyberattacks means knowing exactly what to defend against.

Think of cybersecurity like a football game. While a goal line defense may work well against an offense trying to pound its way into the end zone with its running game, it doesn’t work as well when that offense is throwing deep passes to its receivers. Similarly, there is no blanket defense against all forms of cyber threats—each requires its own specialized defense.

Thanks to foresight we can only describe as Belichick-like, we just happen to have the cyberattack playbook in our possession so your defense knows what to expect. Break huddle!

Phishing

What is it?

According to the FBI, phishing remains the single greatest cybersecurity threat to businesses. A phishing attack occurs when a victim or group of victims is targeted by someone posing as a legitimate institution—such as a bank or credit card company—with the purpose of tricking the victim into disclosing sensitive information (Social Security numbers, credit card numbers, etc.). Phishing attacks may occur through email or social media, and can even sometimes occur over the phone.

A specialized form of phishing called “spear phishing” targets a specific victim with the attacker posing as a trusted sender. For example, an employee may receive an email from someone claiming to be the CEO of the company asking for confidential information.

How to defend:

If you know what to look for in a phishing attack, phishing attacks can actually be fairly easy to avoid. Look for the telltale signs, such as incorrect domains or URLs in the email address, misspellings and grammatical errors, or logos that seem off for a legitimate institution.

Perhaps the most important sign to look for, however, is the motive. Legitimate senders will never ask you to disclose any personal information unsolicited. So unless you contacted the company first, ignore such requests.

Ransomware

What is it?

Ransomware is a form of cybercrime that has become more well-known in recent years thanks in part to widespread cyberattacks like WannaCry. During a ransomware attack, malware spread through phishing attacks is installed on the victim’s computer and encrypts the victim’s files, locking the victim out. In order to unlock the files, the malware will extort the victim for hundreds or even thousands of dollars (hence the name “ransomware”) to be paid in a given time frame, after which the data will be lost forever.

The aforementioned WannaCry attack, in which cybercriminals demanded a ransom of $300 in Bitcoin, affected 200,000 computers in 2017 and resulted in economic losses of about $4 billion, one of the costliest cyberattacks of all time.

How to defend:

Of course, you should never open an attachment or click a link from an unsolicited email. Doing so could result in malware like this infecting your device. Should your computer somehow fall victim to a ransomware attack, it helps to have all your data backed up on a source away from the infected device. Take the leverage away from the cybercriminals—they can’t wipe out your data forever when you already have a copy of it. If you’re not already doing it, take proactive measures to back up your data immediately.

Viruses

What is it?

Over the years, the term “virus” has itself become a catch-all term for any sort of malicious code or software. In reality, a computer virus is a form of malware that can self-replicate like a virus in the human body. A computer virus will typically inject its code into programs, modifying or corrupting them, and rendering them unusable.

In some severe cases, such as the ILOVEYOU worm from 2000, one computer virus can replicate itself enough to cost billions of dollars.

How to defend:

Like ransomware, the best defense against computer viruses is to not let them on your computer at all. Viruses can spread through emails just like any other form of malware, so don’t open any unsolicited attachments. Viruses can also spread through infected devices like thumb drives, or through infected websites and pop-up ads. In other words, mind where you click.

Just in case, you should have a reputable, up-to-date antivirus program running at all times in case something falls through the cracks.

DDoS attacks

What is it?

If your organization provides some form of online service through its website, you may be at risk of a distributed denial-of-service (DDoS) attack. During a DDoS attack, a website’s server is overloaded with traffic requests coordinated from either one or multiple sources. When a website’s server becomes overwhelmed with traffic requests, slowdowns and crashes can occur on the website. Sometimes the DDoS attack may be accompanied by a demand for payment or else more severe attacks will be carried out.

How to defend:

Because a DDoS attack can cripple your organization’s online services, having a safeguard in place is critical. One of the most effective ways to neutralize a DDoS attack is through a web application firewall (WAF). Unlike a regular firewall, a WAF can filter out any suspicious traffic to and from a given web application.

What are some other common cyberattacks to beware? Let us know in the comments!