Every year in October around the world, many organizations, companies and individuals are organizing various events with the goal to raise awareness of online threats and security, by providing educational content through video, blog posts, books (in both physical and electronic format), or even through some interesting games. All of this presents the National Cybersecurity Awareness Month (NCSAM), a whole month dedicated to educating people about cyber security threats so they could keep them and their families safe both at home and at work, as well as in school, or some other public place.
Cyber security threats (or online threats) can have a large impact on both business and personal life. It is not a secret that “data is the new oil”. There are many criminal organizations and individuals who are trying (and succeeding) to breach companies, organizations or/and home networks to steal any value information that could be useful to gain some advantage or money for example. It is well-known that humans are the weakest link in the cyber chain, and statistics show that most of the cyber incidents are happening due a human mistake.
So, what online threats exist today? Well, there are many online threats, but if we should single out some of them, those would be:
1. Phishing – This type of threat is usually distributed through emails which contain malicious links and attachments which if you open them, can either infect your PC/mobile with some malware, or can lead you to some web pages where if you leave your personal information (like credit card for example), they can be stolen. Those mails often tend to scare a victim to gain information. One example of such a threat, is that you can receive an email that tells you your PC is infected with a virus and you need to immediately download and install some recommended antivirus software to clean your PC. If you do that, you will then actually infect your PC. These messages are also often called SPAM messages.
2. Ransomware – This is probably the most common threat nowadays. Trends of using this type of malware among the criminal organizations are raising every day. Ransomware is a type of malware that once it gets into your network (PC, server, mobile, printer, etc.) it starts locking all your files, documents, pictures, music, even cloud files, by encrypting them.
Afterwards, you will get a message on your infected device that to unlock (decrypt) your files, you need to pay a ransom. Nobody can guarantee that you will get a key to unlock your files if you pay, so there is a risk to be tricked twice. Important thing to remember is that a ransomware victim can be anyone, not just some big or tech company, also this type of mallware can be deadly.
Some ransomware cases can be found on the links bellows:
– First death reported following a ransomware attack on a German hospital
– Ransomware shuts down production at Flemish multinational
3. Weak passwords – A trend of using a weak password has been around ever since the beginning of the Internet. Many people setup their personal information like their birthdays, pet names or names of their relatives for Internet services, especially for critical ones, such as bank accounts, emails, etc. Many companies do not enforce strong password policies, which can result in breaching and accessing critical parts of the company network by criminals.
Security Awareness Training
While solutions for these types of threats can be based on some software or hardware, they can also be based on an educational program. Educating staff about these types of threats (and other common threats), teaching them how to recognize basic scams, and how to protect themselves and others around them, is the base point of every organization’s security. This can be done through the Security Awareness Training, which is a training that aims to teach and prepare people (especially non-tech) for everyday threats on the Internet. The content of such training should not be limited only to theoretical knowledge, but also should include practical one, where people could test their knowledge and be sure that they could recognize a threat in case they see it.
How can ITAF help you?
If you need help with educating your employees, friends and colleagues, contact ITAF and we can provide you with quality security awareness training prepared by our security experts, that will help you to keep yourself and others around you, safe on the Internet.