Since the inception of information technology, cybersecurity has come a long way. Unfortunately, cyberattacks have kept pace and malicious actors are constantly on the hunt for new targets. High-profile cyberattacks frequently occur across a variety of industries, proving that anyone can become a target. If 2022 taught us anything, it’s that no business or service is safe from becoming a target. Here are some of the biggest cyberattacks of 2022.

Phishing remains one of the most common types of data breaches and often leads to a ransomware attack. When ransomware hits your IT, all or substantial parts of your IT will stop functioning and your data becomes compromised. The only way to bring your systems back online is to restore from backup or to “pay the piper,” the cybercriminal, their ransom. While ransoms of the past were in the thousands, they are now typically hundreds of thousands or even millions! In a worst-case scenario, there will be operating losses due to interruption of services when restoring and rebuilding your systems. The other main results of phishing are the stealing of personal or confidential business information, as well as the hijacking of a person’s mailbox, to deliver false instructions to illicit a payment to the cybercriminal.

Cloud is increasingly becoming popular as more companies have noticed the benefits it offers, such as reliability and security. Cloud provides companies flexibility and, when implemented correctly, cloud can increase the efficiency of your business. However, while there are many benefits of the cloud, it also comes with a few risks.

Cyberattacks are not a new phenomenon.  They have become an increasingly large problem for all organizations, and now, businesses are turning to cyber insurance as a means of protection against the aftermath of a cyberattack.

Managed Service Providers (MSP) deliver customers with IT security services and are now finding themselves at the center of attention as cybercriminals are increasingly focusing their attacks on this vital industry.  Though this is a security challenge for MSPs, it also presents an opportunity for them to prioritize internal security protocols to better protect themselves and their clients.  

As we mentioned a few weeks ago, cybercriminals are looking to exploit public fears using malware attacks.  Now, spear phishing attacks are increasing at an exponential rate with cybercriminals attempting to capitalize on people working from home and distracted by COVID-19 fears. 

As the spread of coronavirus (COVID-19) continues to grow, the consuming amount of news coverage surrounding the virus has created a new danger – cybercriminals looking to exploit public fears using malware attacks.  It is very important to be cautious for scams in times of uncertainty.  We highly recommend the following tips on what you can do to make you, your colleagues & your families safer online.

The vast majority of data breaches today are phishing attacks, occurring when a cybercriminal casts a broad net in the hopes of catching a small percentage of unsuspecting victims.  In our last blog post, It’s Only Getting Worse, we describe both phishing and spear phishing tactics and why it is imperative for businesses to take precautions to protect themselves. 

Recently, a company called me to discuss concerns about their IT security.  This company, based in the US but doing business with clients and vendors in many parts of the world, has been inundated with phishing emails.  The difference here is that these phishing emails are not just generic ones that pretend to be Microsoft Office 365 or UPS trying to steal passwords, but rather, they are spear phishing.  Spear phishing involves impersonating actual people associated with the company, like executives or vendors, in attempts to steal money or proprietary information.  These schemes are becoming more and more common.