Top 10 Cyber Attacks and How to Respond

Every workday brings new challenges and surprises, especially when it comes to cybersecurity. This guide helps employees recognize key warning signs of common cyber attacks and how to respond effectively. Small and medium-sized businesses (SMBs) often have limited resources and less robust security measures than larger enterprises. This  makes employee awareness very important. Below you will read about the top 10 cyber attacks you face and how you, as an employee and the front line of our defenses, can combat them.

We’ll dive into scenarios that you, as an end user, might experience during such attacks and the immediate steps you should take to help mitigate the attack and prevent additional damage. This guide aims to arm you with practical knowledge to spot and respond to these threats and when to involve others (such as your MSP or your bank) in order to help you keep your business safe.

1. Wire Transfer Fraud

Experience: You’ve just sent a wire transfer for a large order, but something feels off. The account number you sent the funds to doesn’t look right or familiar.

Immediate Steps:

1. Call your bank immediately to request a hold on the wire transfer and verify the recipient’s account details.
2. Notify your CFO or financial officer to ensure the issue is escalated quickly.

BONUS: Speed is your only tool here.  The more quickly you can escalate and place a hold, the more likely your chances of avoiding this catastrophe will be.  Minutes count.

2. Business Email Compromise (BEC)

Experience: You receive an unusual email from your CEO (or work colleague) urgently requesting a transfer of funds to a new vendor. The email looks 100% legitimate, with no noticeable errors in the email address or content, except that the request is a little unusual.

Immediate Steps:

1. Verify the request directly with the CEO through a phone call or face-to-face conversation. Do not rely on email for verification.
2. Report the email to your IT department to investigate further, as the CEO’s email account may have been compromised.

Bonus: Often, a BEC can lead to follow-up emails with fake invoices that prompt you to enter your email credentials on a phishing site. Stay alert for unusual requests and verify them through secure channels to avoid falling victim to these sophisticated scams.

3. Ransomware Attacks

Experience: You try to access your files, but instead, you’re greeted with a ransom note demanding cryptocurrency for file decryption.

Immediate Steps:

1. Disconnect from the network and shutdown the computer to prevent the ransomware from spreading.
2. Inform your IT Team or MSP immediately to initiate their incident response plan.

Bonus: Ransomware attacks like this often start by an errant click on a malicious link or file received via email. Mentally review your recent computer activity to assist in identifying the point of attack and entry email or action.

4. Phishing Attacks

Experience: You receive an email that looks like it’s from your bank (or common vendor), asking you to verify your account details. The email is slightly off, with a few typos or it may have a strong sense of urgency or emotionality.

Immediate Steps:

1. Do not click any links or download attachments from the email.
2. Forward the email to your IT department for further analysis.

Bonus:  Hackers and cybersecurity professionals know we all make more mistakes when we react to things quickly without thinking.  Any urgent or emotional email should be closely inspected before acting on it.

5. Credential Stuffing

Experience: Your notified of unusual login attempts on your account from various different locations and maybe even countries.

Immediate Steps:

1. Contact your IT team or MSP:  this may not be an isolated attack.  Your IT Team or MSP can log everyone out of your account and determine if any login attempts were successful.  They can also reconfirm you have Multi-factor authentication enabled.
2. Change your password but only if someone was logged into your email account. Ensure the new password is unique, long (14 characters is considered strong), and store it in a password manager.

Bonus: New ransomware only requires a single click to bypass your Password and MFA authentication by stealing your active session token (what prevents you from having to authenticate every action in your email inbox). Be very wary of clicking and study the indicators of a phishing attack.

6. Social Engineering

Experience: A friendly person calls, claiming to be from IT support, asking for your login credentials to “fix” an issue.

Immediate Steps:

1. Do not disclose any information and verify their identity by contacting your IT department or MSP directly.
2. Report the call to your to alert others and potentially block the caller.

Bonus: Not all social engineering happens via email.  Vishing is the term used for voice-based phishing attacks.  Smishing represents SMS based social engineering text messages.  And Quishing represents QR Code phishing attacks.  Click the links for more details on each.

7. Distributed Denial of Service (DDoS) Attacks

Experience: Your website becomes unresponsive, and you receive complaints from customers about not being able to access your services.

Immediate Steps:

1. Notify your MSP to start mitigation procedures.
2. Keep your customers informed through alternative communication channels about the issue and estimated resolution time.

Bonus:  Though less common in the SMB community, some DDOS attacks occur as hackers are testing their capabilities.  There may not always be a financial motivation to DDOS attacks.

8. Malware Infections

Experience: Your computer starts acting strangely, running slowly, and displaying unusual pop-up ads.

Immediate Steps:

1. Disconnect from the network to prevent further spread.
2. Run a full system scan with your antivirus software and report the issue to your IT team.

Bonus: Endpoint detection and response services can go beyond traditional antivirus software with real-time monitoring for attacks and collaboration across 100’s of thousands of devices.

9. Insider Threats

Experience: You notice a colleague accessing sensitive files without proper authorization.

Immediate Steps:

1. Document the suspicious activity but only if you are not putting yourself at risk.  Your physical safety is most important.
2. Report the behavior to your supervisor or IT department for further investigation.

10. Zero-Day Exploits

Experience: Your software vendor releases an emergency patch for a critical vulnerability that’s being actively exploited.

Immediate Steps:

1. Ask your IT Team or MSP to apply the patch immediately to all affected systems.
2. Monitor for unusual activity that might indicate an exploit attempt.

Bonus: vulnerability and network scanning services provide up-to-date listings of all the software and hardware running in your environment.  This allow you to react quickly or not at all to critical advisories with confidence.

Conclusion

In today’s digital landscape, protecting against cyber threats is a top priority for every business. Understanding these top 10 cyber attacks and knowing how to respond can significantly reduce the risk and impact of a cyber incident. The initial steps you take upon identifying a potential threat are crucial in mitigating damage and protecting your business. Stay alert, stay informed, and be ready to act swiftly whenever you encounter something suspicious.

Secure your business with CyberHoot Today!!!

Sign Up Now