According to the Clusit 2022 Report, phishing and ransomware represent two of the most widespread techniques for launching cyber attacks: in recent years, respectively, they constitute 41% and 10% of the techniques exploited by cyber criminals globally.
According to Cisco, ransomware attacks mainly use four methods: email phishing (via fraudulent email messages, apparently coming from trusted sources); malvertising (malicious advertising messages which, once clicked, install «hostile» programs on the user’s device); social engineering (that social engineering that invites the user to «trust» the cyber criminal to carry out compromising actions); exploit kits (software or pieces of code that can find a security bug or vulnerability in an app or operating system).
They are all techniques that try to increase sources of income, for example by asking for ransoms in bitcoin to restore data. Furthermore, Ransomware-as-a-Service (RaaS) also allows criminal groups, without IT skills, to «rent» the malicious software and focus only on choosing the victim to attack.
However, they exist cyber hygiene practicesor IT hygiene, which allow you to avoid being affected by these attacks:
- Prevent infiltration by adopting a layered security approach and a secure, company-approved file sharing program;
- Monitor company network activities to detect suspicious activity and attack attempts;
- Always keep software, operating systems and apps updated, downloading and installing all patches, especially to prevent zero-days;
- Development of a system for rapidly restoring operations ensuring business continuity;
- Use high-quality antivirus software;
- Prevent human errors, working on risk awareness and continuous employee training.
The moment in which you decide to dispose of your IT devices should also not be underestimated. If you plan to sell or throw away your desktop, laptop, tablet or smartphone, it’s important not to leave any personal or sensitive data inside. It is not enough to delete personal files or data. You need to reformat and then wipe your hard drive. If the latter is cleaned, no one will be able to gain possession of personal and sensitive information.
In addition to practicing good cyber hygiene habits, entrepreneurs and professionals can safeguard their profession and their data by adopting a Cyber Risk policy. This coverage allows the insured to protect himself from cyber attacks and the resulting expenses and losses of data and confidential information. Furthermore, this coverage provides expert intervention for the recovery of lost data and decontamination from any malware. All these are services included in the Smart version, which has a maximum limit of up to €25 thousand. Lokky also offers its customers the possibility of taking out a Top version of the policy which provides for an increase in the limit up to €250 thousand and the inclusion of numerous additional guarantees, including a daily allowance for business interruption and coverage of expenses for restoring the company’s image.
latest posts published
Lokky, the Italian data driven insurtech for professionals and SMEs
An ally for cyber security: Load Balancing
Business Trend 2023 for SMEs, professionals and commercial activities
Occupational risks for pastry shops
How to read a pay slip
What are the most common cyber risks and how to protect yourself
Clinical Risk: What it is and What are the consequences
Commercial activities most affected by theft
October is European Cyber Security Month
