IT NEWS NIGERIA:
… To know how to dispel these myths REGISTER for Sophos/Sidmach Lunch & Learn. Email: email@example.com
Cyber security threats are real. The cyber traitors penetrate every facet of the economy.
For instance, the Nigerian Inter-Bank Settlement System, NIBSS), disclosed that the banking industry lost the sum of N12.30 billion to various frauds between 2014 and 2017, with male accounting for 73 percent of the total fraud committed.
The Managing Director of NIBBS, Mr Adebisi Shonubi, made the disclosure at the third Annual Banking Security Summit organized by MAXUT Consulting in partnership with OneSpan, a global data security company in Lagos, recently.
Specifically, he noted that 2014 fraud volume stood at 1,461, 10,743 (2015), 19,531 in 2016 and 25,043 in 2017.
Speaking on “Industry fraud overview with focus on mobile & payments related frauds,” Shonubi said the industry lost N6.22 billion in 2014 on attempted fraud value of N7.76 billion. Thus, because of these trends companies are even falling prey to two myths that often cloud the judgement of business owners when it comes to Cyber-attacks.
Whilst they mostly think they are safe, the myths actually increase their chances of falling in the hands of cyber-criminals and hackers.
The first Cyber Security Myth is that many business owners still believe that all cyber attacks are targeted.
This means that unless they’re specifically selected as the prey of a hacking attack, they won’t fall victim.
It is not uncommon to see businesses that believe they will not be in the sights of cybercriminals, so aren’t at risk from suffering the negative effects of a cyber-attack. You may even be one of such people with this belief, but if you ask the Western business leaders that were hit by NotPetya in 2017, they would definitely have stories to tell you that would change your mindset about cyber-attacks.
To quickly recap what NotPetya was about – it was a malware campaign launched against Ukraine by Russia, which quickly spread around the world, knocking businesses offline and doing vast amounts of damage to people who weren’t primary targets of the attack in the first place.
The original target of the attack was Ukrainian infrastructure, but it damaged — amongst other things — British advertising and pharmaceutical companies, as well as the shipping giant, Maersk!
The impact of NotPetya forced Maersk to reinstall 4,000 servers and over 45,000 PCs, with losses caused by serious business interruption estimated to amount to over $300m, despite the shipping firm never being the intended target of the attack.
Another example of how unsuspecting organizations can find themselves the victims of a major cyber attack is the incidence of WannaCry Ransomware.
The UK’s National Health Service found itself an unwitting victim of the campaign spread via an aggressive worm-like virus launched by North Korea in an effort to extort ransoms.
Despite the fact that you would wonder about the absurdity of attacking a body like NHS, yet they weren’t spared. This means that when it comes to cyber attacks, there is really no one that can be spared!
The second Cyber Security Myth is that some businesses don’t engage with cybersecurity because they believe it to be too complicated.
This is quite an irony as businesses usually have to deal with complicated issues every day, and it begs the question of why understanding cyber-security should be too complicated to figure out. Actually, it isn’t even complicated!
If your company can deal with complex data, millions of financial transactions, transportation of goods from one end to another, provision of services to diverse customers, or anything at all, cybersecurity is not something you should not be able to comprehend and deploy.
Even simple activities like ensuring systems and software are up to date can go a long way to protecting organizations from cyberattacks.
This approach could have helped organizations around the world avoid becoming victims of Cloud Hopper, a data-stealing espionage campaign, which Western authorities have attributed to China’s state-backed hacking group APT10.
Much of the campaign was based around distributing phishing emails containing malicious Word documents, which — when opened — ran macros that retrieve malware.
If the targeted organizations had applied relevant patches, the vulnerabilities exploited by the attackers wouldn’t have had any effect. And you can only blame this on poor cybersecurity or understanding of it because while the APT in APT10 stands for ‘Advanced Persistent Threat’, the attack wasn’t that advanced.
Dispelling these two cybersecurity myths from your mind can go a long way from keeping you safe against attacks that may put your business data and infrastructure at risk of loss or ransom.
To know about more myths that need to be forgotten, or get exposed to different ways to mitigate cybersecurity threats, make it a date to the Sidmach-Sophos Lunch and Learn event happening this February.
At the event, you will also learn about cost effective security dynamics, get introduced to tools that mitigate latest threats, have complete visibility and control of your IT Infrastructure.
To register for this event kindly email firstname.lastname@example.org
Attendance is strictly by registration!