HOW DANGEROUS ARE CYBER ATTACK AND HOW TO BE PROTECTIVE FROM IT?

In Latin America, three out of every five companies suffer at least one security incident on the network, and one in five is the victim of information hijacking. This was revealed by the ESET Security Report 2018 study, which was conducted with 4,500 executives, technicians and managers from 2,500 companies from 15 countries in the region.

The study showed that the most affected countries are Peru with 25 percent, Mexico with 20 percent, followed by Argentina with 15 percent, Brazil with 14 percent and Colombia with 10 percent.

In addition, it demonstrated the wide variety of techniques that can be used to steal valuable information from companies, from external attacks to financial fraud, including data alteration and the payment of bribes to cybercrime.

In the digital age, information is a very important factor for companies, therefore, it is necessary to carry out a risk analysis of computer security to determine the level and impact, know the weaknesses and strengths of the company, have more control, monitor and establish strategies to protect against cyberattacks.

In this special report that we prepare you will be able to know everything you must take into account to prevent cybercrime in your organization.

What is cybersecurity and what is it for?

When it comes to cybersecurity, it is generally associated with cyber threats and cybercrime, however, this also has to do with good practices to implement to protect information and prevent or detect cyber-attacks to which any organization or person is exposed. .

Threats to computer security come through harmful or malicious programs that are installed on a device or accessed through the cloud.

Information Systems Audit and Control Association (Isaca), an international reference association in the matter, defines cybersecurity as "a layer of protection for information files. Based on it, we work to avoid all kinds of threats, which put into risk the information that is processed, transported and stored in any device”. 

Installing antivirus programs and intrusion detection systems, known as anti-spyware, which can detect spyware early or the presence of malicious programs, are some of the best practices to protect computer security. 

Information security not only refers to the technology to prevent attacks but also to develop training strategies for employees and users to avoid these attacks.

And it is increasingly important to do so, because according to The Global Risks Report 2018, from the World Economic Forum, cyberattacks and data theft are part of the list of the highest risks in the world. The economy, geopolitics and the environment are also on the list.

It is not a surprise that this is the case, since computer attacks are becoming more common and less extraordinary, in addition, as the World Economic Forum report explains, the financial impact they have is greater, affecting not only people, but mainly people financial entities around the world.

The ransomware, malicious software that threatens all data and snatches control of stored information, is one of the worst cyber-attacks, in 2018, for example, accounted for 64 percent of all malicious emails. This malicious program that hijacks data can lead to massive data loss, as criminals retain the information with the intention of extorting money from companies.

Two ransomware attacks in 2017 were WannaCry, which affected 300,000 computers in 150 countries, and NotPetya, which caused $ 300 million in quarterly losses for affected businesses. Another trend was the use of cyber-attacks to damage critical infrastructure and strategic industrial sectors.

How to prevent computer attacks?

Cybercriminals operate covertly and are often difficult to detect, so it can take a long time before problems are visible to the organization. For prevention and early detection, keep in mind the following tips and good practices:

Avoid threats through emails

Emails are one of the weakest points of a company, because through these it is possible to easily introduce virus threats and information theft. However, many companies believe that they are not so dangerous and ignore the activity of internal emails and can be victims of data hijacking.

For this reason, we recommend that you periodically monitor the activity of suspicious messages, as well as the downloads of attached files and educate your company personnel on the proper use of this medium so that it is used for work purposes and to alert the company in case to see a suspicious email.

2. Detect malicious code early

It is common for these codes to be hidden in PDF, Html, and GIF and Zip files. A good practice that you should not ignore is to choose an antivirus that can discover, decode and decrypt these hidden codes and thus avoid being a victim of information theft.

3. Recognize suspicious connections

Cybercriminals often use IP addresses, websites, files and email servers with a history of malicious activity, so it is recommended that you use tools capable of examining the reputation of untrustworthy sources located outside your organization.

4. Monitor databases

Modification of the structure in the database and unauthorized attempts to access critical data can be a warning sign that indicates that the network would be threatened, to prevent this, use tools that help you monitor databases and record attempts unauthorized access.

5. Keep your systems up to date

The best way to ensure that the company's equipment works well is by taking an inventory of all available hardware. Next, choose a plan to manage your teams in the most effective way.

There are two ways to do it: train your employees to update regularly or automate the process through a tool that automatically updates the system. This last option will allow updates to be downloaded in one go and then distributed within the company.