How to Prevent Cyber Attacks

How to prevent cyber attacks

The global cyber security landscape has been increasingly threatened in recent years. Last year, the National Cyber Security Centre (NCSC) – part of GCHQ – dealt with 63 nationally significant cyber attacks[1]. We’ve all seen and heard about large scale cyber attacks on the news – Royal Mail, JD Sports, the Guardian and WHSmith – all causing significant damage to these victim organisations. And these are only the newsworthy ones – there will be so many that we don’t hear about and even more that aren’t reported to the NCSC.

Previously, cyber attacks were only considered a real threat to big enterprises. Unfortunately, cyber criminals used the UK’s move to working from home to take advantage of the sparse or misaligned security measures in SMEs. Since then, the number of cyber attacks on SMEs has increased substantially with 54% of SMEs in the UK experiencing some form of cyber attack in 2022[2], meaning cyber security and having measures in place to prevent cyber attacks have become integral.

the importance of preventing cyber attacks

Cyber crime is a business and cyber criminals want to make money with minimal effort. The majority of cyber criminals’ first encounters with organisations are opportunistic and are not targeted against a particular business or sector. Once cyber criminals have identified a weakness, they then get to work exploiting it using methods such as spearphishing where the attacker researches their target to tailor their content and approach.

Having preventative measures in place significantly reduces your chances of an attack by minimising those weak points that attract cyber criminals in the first place. And if it does go further and you are targeted, you have everything in place to prevent the cyber attack taking hold.

So how do you prevent cyber attacks?

  • Use strong passwords. Have separate passwords for all your accounts and avoid patterns (ie. password1, password2, password3).
  • Enable Multi Factor Authentication (MFA). Everything that can have MFA, should, and ideally it should be using an authenticator app such as the Microsoft Authenticator.
  • Use Conditional Access instead of security defaults. This is a Microsoft 365 feature that provides security alerts and requires extra authentication if “out of the ordinary” access requests are made.
  • Block legacy authentication in Microsoft 365. The legacy authentication protocols (such as POP, SMTP etc.) that are often used for printers, scanners, and hardware monitoring like switches, don’t support MFA making them easy points of access for attackers. It’s important that when enabling MFA, you also block these legacy authentication methods.
  • Keep your devices and networks up to date. Use the most up to date versions, apply security updates as soon as prompted, and use antivirus to scan for known malware threats.
  • Disable external mail-forwarding. Following a successful cyber attack, cyber criminals have been observed to set up mail-forwarding rules to maintain visibility of their target’s emails. Disabling mail-forwarding will prevent this from happening.
  • Separate admin roles. If you’re performing an admin activity such as installing software or managing some infrastructure, you should use a separate admin only account for that, rather than apply admin permissions to the user account you use to check your email and create files.
  • Educate your users and remain vigilant. The single most effective measure to prevent cyber attacks is user education. Spearphishing emails are cleverly tailored to avoid suspicion. You might recognise the sender’s name but is their email address correct? Would you expect this type of contact from this person ie. have they sent an email from their personal mailbox rather than their corporate or vice versa? Can you verify the legitimacy of the email by another means before clicking any links? It’s always better to be safe than sorry, so if in doubt, don’t click, and contact your IT administrator.

Be aware that although anybody can be a victim of a cyber attack, people with a larger ‘splash zone’ are more likely to be targeted. A ‘splash zone’ is the amount of organisation-wide access an individual has – as an example, a global admin has a large splash zone – thereby leading a cyber attack to gain a much larger scope of access and information, and a bigger impact on the victim organisation.

Stay vigilant, if you need any further advice or information, please get in touch as we’re happy to help. 

#sme #cybersecurity #cybersecurityawarenessmonth #cybersecurityforsmes #Redstor #RedstorCloudtoCloud #microsoft365backup