This Site Requires JavaScript Enabled.
Toolkits
  • IN Individuals Toolkit
  • SB Small Business Toolkit
  • ET Elections Toolkit
  • JO Journalists Toolkit
  • MBO Mission-Based Toolkit
Small Business / Update Your Defenses
Cyber Threat: Phishing and Ransomware - Risk and Mitigation Tips for Small Businesses
By Carl S - CyberFirst Student
08/04/21
Cyber Threat Blog Image

This post is dedicated to alerting small businesses to a few of the ongoing cyber risks. Many of the risks can be mitigated by following a few steps. Cybersecurity is in reality, managed-insecurity, and so there is not always a 100% guarantee that an attacker won’t break-in using enough force.

This is comparable to traditional crime. Comparing a brick and mortar store to that of a modern bank, the security level would likely be vastly different. The assumption would be that the bank is harder to break in to, and that is largely correct. The issue is that a modern bank has heightened exposure due to the nature of what service it provides.

What is common between both of these is that basic security measures must be adhered to. If this does not happen, the skills needed to break in would be substantially lower, increasing the risk factor dramatically. This means that by implementing good security hygiene, many attackers will simply look elsewhere!

Phishing Campaigns – RISK

Phishing is the act of sending emails with suspicious attachments that when downloaded and executed, load unexpected and dangerous code that can result in many nasty scenarios. This can include ransomware, theft of sensitive data, or even your devices joining a criminal “army” to conduct nefarious activity online.

The emails are intended to look convincing, often recreating a page that you would be familiar with in order to harvest login information, to be used all over the internet.

These attacks differ in difficulty. Some have broken English, and some have been especially crafted to catch a board member or somebody with access at an opportune time, using information gathered from the internet (spear-phishing).

Phishing Campaigns – MITIGATION/ACTION

    • Ensure you carefully read the “FROM:” field, and check via phone call if unsure.
    • Have a healthy relationship with your coworkers and IT. Have the ability to admit accidents – with a clever enough email, anybody can be caught!
    • Have a plan in case somebody does get phished (Incident Response).
    • Ensure you are familiar with available help Iines and reporting procedures/authorities within your region1.

Review our  Prevent Phishing and Malware Toolbox and Prevent Phishing and Malware Backgrounder for more information

Ransomware – RISK

This is a particularly popular form of malware (malicious code) that scrambles all the data in every meaningful part of the computer, rendering it useless. This would mean that photos, documents, spreadsheets, databases, and other important information would be essentially gone. The attackers also may attempt to sneak these files out of the system to their own computers to create a two-pronged extortion approach.

They may request money in the form of cryptocurrency, often under time and/or reputational pressure. There is no guarantee that payment of such a ransom will return data to its normal state or prevent future attacks. In fact, investigations have shown numerous cases of reinfection

Ransomware – MITIGATION/ACTION

    • Ensure ransomware / antivirus protection is active. Check the Prevent Phishing and Malware Toolbox for help.
    • If caught by such a threat, decryption may be worth a try. It is possible a weak scrambling system was used, or that the keys were leaked online. Both may be found here if they exist here: No More Ransom alongside with preventative guidance and recommendations.
    • Ensure that important data is regularly backed up in multiple places, versioned/incremental, tested, reliable and not connected when idle. Use the tools in the Backup and Recover Toolbox to  help.
    • Follow general cyber hygiene including being wary of email attachments and suspicious links.
    • Ensure any software installed is up to date if possible. Use the tools in the Update Your Defenses Toolbox to help.
    • Ensure you are familiar with available help Iines and reporting procedures/authorities within your region1.

The author Carl S is an NCSC CyberFirst University Bursary Student on an eight-week summer placement with GCA.

1. Reporting in Europe: https://www.europol.europa.eu/report-a-crime/report-cybercrime-online

Reporting in Americas: https://www.dhs.gov/sites/default/files/publications/Cyber%20Incident%20Reporting%20United%20Message.pdf

Back to Blog Next Post
  • About
  • Community Forum
  • Submit a Tool
  • Privacy Policy
  • Terms of Service
  • Legal Notice
  • Artificial Intelligence Policy
    and Disclosure
  • Invest in Us

Copyright @ 2024 Global Cyber Alliance | Sitemap

Scroll to top

Tool Types

Policy Document
Instructions
Third Party Scan
Video
Third Party Tool

Time

“Time” defines the approximate time it will take to implement the tool, including installation and setup. Based on your system and experience, the time may be longer or shorter than the time estimated.

Tool Levels

Level 1

Requires minimal technical knowledge to complete setup. Users with little-to-no familiarity with computer systems will still easily be able to implement Level 1 tools.

Level 2

Requires basic technical understanding of operating systems and settings controls. Users with a basic understanding will be able to easily implement Level 2 tools.

Level 3

Requires an intermediate level of understanding to implement. Users will need an intermediate understanding of computer systems and code languages.

Level 4

Requires advanced levels of understanding of computer systems, settings and code languages. Users will need experience with advanced system configurations.

Support

Contact Us
[email protected]

Community Forum
https://community.globalcyberalliance.org/