Every year in October around the world, many organizations, companies, and individuals are organizing various events with the goal to raise awareness of online threats and security, by providing educational content through video, blog posts, books (in both physical and electronic format), or even through some interesting games. All of this presents the National Cybersecurity Awareness Month (NCSAM), a whole month dedicated to educating people about cyber security threats so they could keep themselves and their families safe both at home and at work, as well as in school, or some other public place.
Cyber security threats (or online threats) can have a large impact on both business and personal life. It is not a secret that “data is the new oil”. There are many criminal organizations and individuals who are trying (and succeeding) to breach companies, organizations or/and home networks to steal any valuable information that could be useful to gain some advantage or money for example. It is well-known that humans are the weakest link in the cyber chain, and statistics show that most of cyber incidents are happening due a human mistakes.
So, what online threats exist today? Well, there are many online threats, but if we should single out some of them, those would be:
This type of threat is usually distributed through emails that contain malicious links and attachments which if you open them, can either infect your PC/mobile with some malware or can lead you to some web pages where if you leave your personal information (like a credit card for example), they can be stolen. Those emails often tend to scare a victim to gain information. One example of such a threat is that you can receive an email that tells you your PC is infected with a virus and you need to immediately download and install some recommended antivirus software to clean your PC. If you do that, you will then actually infect your PC. These messages are also often called SPAM messages.
This is probably the most common threat nowadays. Trends of using this type of malware among criminal organizations are raising every day. Ransomware is a type of malware that once it gets into your network (PC, server, mobile, printer, etc.) it starts locking all your files, documents, pictures, music, even cloud files, by encrypting them.
Afterward, you will get a message on your infected device that to unlock (decrypt) your files, you need to pay a ransom. Nobody can guarantee that you will get a key to unlock your files if you pay, so there is a risk to be tricked twice. The important thing to remember is that a ransomware victim can be anyone, not just some big or tech company, also this type of malware can be deadly.
Some ransomware cases can be found on the links bellows:
– First death reported following a ransomware attack on a German hospital
– Ransomware shuts down production at Flemish multinational
3. Weak passwords
A trend of using a weak password has been around ever since the beginning of the Internet. Many people set up their personal information like their birthdays, pet names, or names of their relatives for Internet services, especially for critical ones, such as bank accounts, emails, etc. Many companies do not enforce strong password policies, which can result in breaching and accessing critical parts of the company network by criminals.
Security Awareness Training
While solutions for these types of threats can be based on some software or hardware, they can also be based on an educational program. Educating staff about these types of threats (and other common threats), teaching them how to recognize basic scams, and how to protect themselves and others around them, is the base point of every organization’s security. This can be done through Security Awareness Training, which is a training that aims to teach and prepare people (especially non-tech) for everyday threats on the Internet. The content of such training should not be limited only to theoretical knowledge, but also should include practical one, where people could test their knowledge and be sure that they could recognize a threat in case they see it.
How can ITAF help you?
If you need help with educating your employees, friends, and colleagues, contact ITAF and we can provide you with quality security awareness training prepared by our security experts, that will help you to keep yourself and others around you, safe on the Internet.