Cybersecurity: practical tips to avoid 99% of cyber attacks

The weakest link in any system is usually the USER.

Cybersecurity must be a topic of interest for every company member, not limited to the IT department.

We should know some cyberattack statistics:

• Every 10 seconds, a new device is the victim of ransomware or digital hijacking.

• One out of two cyberattack victims is successfully attacked again in less than a year.

• In 2021, the number of officially reported digital identity thefts increased by 54%.

• In 2021, 14 million spam emails related to sextortion were detected. Sexual extortion is when the person is induced or blackmailed with an image or video of themselves naked or performing sexual acts.

• 69% of malware (malicious software) variants target Windows-based devices.

• Malware variants increased by 47% compared to the previous year.

• Phishing scams (impersonation) increased by 667% compared to previous years.

• Last year, $16 billion in ransoms were paid to release ransomware-hijacked devices.

• $19.2 million is the average annual cost of cybersecurity incidents caused by disloyal employees.

Top nine motivations of cybercriminals

1. Install unwanted programs (virus-type malware, spyware, adware, keyloggers)

2. Hijacking data, devices, or loss of information (via Ransomware)

3. Leakage of passwords on the Dark Web (obtained with Phishing)

4. Connection monitoring, fingerprint, and device control

5. Theft of money, money laundering, or financing of terrorism

6. Hijacking of user accounts or bank accounts

7. Industrial espionage or competitive intelligence

8. Modification of data and critical information

9. Denial of service

Among the most common attack channels:

1. Clicking on a link: emails, files, websites, or social networks.

2. Clicking on an image: emails, USB keys, websites, etc.

3. When downloading or opening files: pop-up windows, advertising banners, emails, or files.

4. By not having controls or measures: trained people, secure programs, systems, networks, etc.

5. Through misconfigured or outdated programs or operating systems.

6. Through social engineering, tricking or manipulating victims.

These are the eight most severe consequences of suffering a cyber attack:

1. Contagion or infection to other devices connected to the same network or external

2. The decreased trust of your environment, other users, or customers

3. Personal or business reputational crisis

4. Possible legal repercussions

5. Reduced productivity

6. loss of information

7. economic damage

8. Waste of time

12 practical tips to avoid 99% of cyber attacks:

1. Have an antivirus program installed and always updated.

2. Be suspicious of all downloads and attachments.

3. Be suspicious of all strange emails or emails that you don't expect to receive, especially if they are from an unknown sender or if they include files with unusual extensions (ex .EXE).

4. Always keep your operating system updated, check with your technology area.

5. Manage your passwords well: choose them with a certain degree of complexity and change them often.

6. Your cell phone or tablet is as or more vulnerable than your computer: protect them

7. If you share a device, create a user for each person.

8. Before buying online, check the reliability of the website.

9. Do security back ups in multiple sites and frequently.

10. Sign out when finished, especially on shared or public devices.

11. Always be suspicious of the security of third-party WiFi networks.

12. In cybersecurity, the best prevention is continuous training.

If you have any questions, contact the IT department of your company.

Contact: Mario Barboza | mbarboza@grupocomeca.com