The eight most common cyber-threats, and how to mitigate them
Cloud Articles, Cyber threats, cybercrime, DDoS, fraud, Front Page, Hackers, hacking, SecuritySkimming devices are typically placed on terminals that handle payment transactions — such as ATMs, POS terminals or gas pumps. While ATMs continue to be the prime target, the number of gas pump terminals used to collect payment card information more than tripled compared to 2016.
How to mitigate it
Train employees who carry corporate payment cards to spot signs of tampering, monitor your own payment terminals with video surveillance, whenever possible, and make sure the recordings are reviewed regularly.
Web Application Attacks
Not all web applications are trustworthy. While they don’t necessarily hold payment card data, they do often request users to submit their names, addresses and other sensitive information. Security is often weaker than online retail sites, so attackers use them as an easy way to capture personal data and credentials for use elsewhere.
How to mitigate it
Encourage users to vary their credentials and leverage two-factor authentication. Limit the amount of sensitive information stored in web-facing applications.
Takeaways
Only when aware of the threat landscape can you identify white spots and come up with measures to mitigate risks.
If you were off to Everest, you would probably leave the shorts at home and double-up on the thermal wear. The same applies when assessing where to spend your precious budget. The themes above help you understand the most common patterns. Only when aware of the threat landscape can you identify white spots and come up with measures to mitigate risks.
You don’t have to be big, rich or famous to become a target. Cybercrime is part of today’s reality and literally affects everybody. It’s often about identity theft, collecting credit payment card data and cloning the identities of everyday people. Similarly, it’s not just households finding themselves on the target list. Start-ups are chased for their breakthrough inventions, blue chips often fall victim for their customer records, and others are identified as a soft target and stepping stone to exploit their partners’ ecosystems.
Cybercriminals don’t rely on the status quo. As the value of some forms of data falls, they are casting their nets wider and come up with new tactics. While no system is 100% secure, too many organizations are just making it far too easy for criminals. The following seven tips cover simple mistakes that happen time and again:
- Start with physical security, as not all data theft happens online
- Restrict access rights
- Train staff to spot the warning signs and trigger alerts
- Patch promptly
- Monitoring, log files and change management systems can give you early warning of suspicious activities
- Use two-factor authentication to limit the damage of a lost or stolen device
- Encrypt sensitive data, so that it is next to useless when being stolen