The misconception about the origins of cyber attacks and the consequences

a cyber attack lurks in a small corner.

As a provider of IT services, we like to help raise awareness about Cyber Security. Companies usually turn to our help when it is actually already too late. They can't access data, for example, and suppliers and customers may even be locked out as well. It only takes something small to happen or a major data breach occurs. A data breach affects consumers and businesses. But how does this impact your business and what are the consequences?

various cyber attacks.

The main goal of hackers, of course, is to make money. What is most common is for data to get into the hands of hackers and be resold to criminals. Also, money can be made directly when bank accounts are accessed. A cyber attack can target individuals or (large) companies. But nowadays there are also cyber attacks carried out by other countries with the aim of obtaining political information. Here you can find more information about cyber security in the Netherlands.

Colleagues within Referit have sometimes received a phone call from "Microsoft" asking for account information.

phishing.

Phishing emails are the biggest problem. Emails that appear to come from often trusted entities, but contain a curious file or link. A file often contains malware that unleashes ransomware. A a link can lead to a copy of a certain website. This attempts to fool you into providing sensitive information such as personal and banking information.

But phishing also occurs via phone and text messaging. Colleagues within Referit have sometimes received a phone call from "Microsoft" asking for account information. Obviously, this is not a Microsoft employee, but a fraudster.

What can you do about this yourself? Here are some examples, you will receive one:

- Email from package shippers like DPD. "Am I expecting a package?"
- E-mail from bank. "Is my bank asking for personal information via e-mail?"
- E-mail to verify login information. "Did I just create an account?"
- Video or link via social media. "Do I know this person and does this make sense? "

Phishing can happen to anyone. Besides the security of personal property, you also have to deal with the security of your phone, tablet or laptop that may have company applications on it. Thus, through you, the company can also bear the brunt.

hacking.

Whereas with phishing you end up leaving personal data somewhere yourself, with hacking your system or network is invaded. For example, it has happened before that iCloud accounts of Apple users were hacked, after which photos ended up on the Internet. This can happen to any user. Once a hacker has gained access to one of your accounts and you happen to use this password for multiple accounts, you probably know what time it is.  

What many people don't know is that there is such a thing as two factor authentication (2FA). This is login method where you use not one, but two keys. In addition to your password, you can, for example, have an additional notification set up, a code generated on your phone or facial recognition set up. So in 99% of cases, the above can be prevented.

ransomware.

One form of cyber attack that is gaining ground is ransomware. Literally translated, ransom means ransom. So it is a malware that somehow invades a computer or network, blocks data through a script and then asks for a ransom in exchange for unblocking. You usually find out about it when you start your computer and see a screen with this message.  

Unfortunately, paying the ransom does not always have the desired result. Data is initially accessible again, but the virus is found to still be on the computer. Some time later, the data can be fixed again and even more money is demanded. Read here what to do if your business is infected with ransomware.

Ransomware comes from outside, but the threat often originates inside the network.

Arnaud van Herk - Referit
‍

misconception about the origins of cyberattacks.

The misconception surrounding cyber attacks is that companies often think that ransomware, for example, comes in through the firewall. Our cyber security expert Arnaud van Herk explains: "Ransomware comes from outside, but the threat often originates inside the network." This means that in-house personnel unknowingly pose the greatest danger.

As an example, an employee has received an e-mail or brought a usb stick from home. In the e-mail or on the usb stick is a randsomware virus and is opened. At that moment, usually nothing happens. Often the virus "sleeps" and becomes active after, say, 2 weeks. So it is also very difficult to find out at what time this virus entered.

So the danger often arises within, as a script in a phishing e-mail or usb stick releases a ransomware virus. Ransomware is inextricably linked to phishing. Check out the "latest ransomware statistics and trends in 2023" here.

major consequences.

A cyber attack can have several major consequences, including:

- Account data stolen;
- Identity theft due to personal data being out in the street;
- Direct financial loss or ransom demanded.

In addition, it is critical that a virus be found and removed as quickly as possible. A specialized party in cyber security will need to be hired for this purpose.

protection against cyber attacks.

We implement the following solutions not only for the systems we host for clients, but also for our own networks and systems. Most of the solutions below are aimed at preventing cyber attacks.

- End-point protection: We implement Mobile Device Management (MDM), primarily for customers where we provide our CSP services, but also for our own employees. We facilitate MDM through Microsoft Endpoint Manager to install, manage and secure devices.
- Encryption of data carriers (hard disk, USB stick): We encrypt certain data streams. For example, we do this with the hard disks of our laptops. This ensures that your hard disk only works in your laptop.
- Authoristation: We use the "least privilege principle" for customers here. Employees have only the rights they need. So you can see exactly who has access to what.
- Access to systems: For both our administrators and our customers, we provide access to our systems via Site-to-Site VPN tunnels. Systems accessed directly over the Internet can only be accessed through MFA.
- Immutable data backup: For all our customers, we ensure that copies of their data are always made. We also apply data encryption and make backups immutable at an off site location with an independent party. We use the company Wasabi for this. This means that even ransomware or hackers cannot gain access to this data. Unfortunately, what we often see is that companies make backups, but do not apply data encryption and immutable backups. This is how ransomware can still strike.

In the image below, you'll find a somewhat more technical overview of what Referit is already currently doing around IT security by service.

pentesting.

At Referit it is also possible to have pen testing done. We have this done by an independent party. A customer gets a good picture of the IT security within Referit. Everything we host in our environment can be checked, such as hardware, data and applications. Any vulnerabilities can then be reported.

always safe.

It's not about quick IT solutions, but short- and long-term security. We make sure in our cloud services that crucial systems are continuously monitored and checked, so that safe working becomes the most normal thing in the world.

Do you think Referit can help your company in this regard? Then leave your details now, completely secure, on our contact form 😉.