A significant and growing cybersecurity threat to businesses and government agencies comes from their own employees or business partners, usually due to ignorance or carelessness. Therefore, education and awareness-building are crucial to minimize cyber risk from one’s own staff.

Ransomware, or extortion software, poses the greatest threat to corporate networks. However, close behind is phishing, which involves attempts to obtain account details or passwords through fake emails or to infiltrate corporate networks via email attachments and links. Cybercriminals exploit the naivety or ignorance of employees in companies, government agencies, and public offices. These individuals increasingly open the door to hackers, as shown by an international study conducted by the British insurance company Hiscox.

Significantly More Cyberattacks

The study is based on a survey of 2,150 executives from the USA, Germany, and six other European countries. Two-thirds of the respondents (67 percent), somewhat less in Germany at 60 percent, reported that the number of cyberattacks had increased over the past 12 months.

Following publicized incidents, 43 percent of affected companies subsequently lost customers. Therefore, cybersecurity specialists like Axians Deutschland are pushing for employees to be trained to enhance their awareness of phishing and so-called honeypots – enticing offers on the internet.

A Human Firewall Prevents Fraud Schemes

This is also referred to as building a human firewall. How companies can strengthen this is outlined in a free whitepaper on cyber security awareness created in collaboration with KnowBe4.

A relatively new scheme that is causing companies increasing concern is CEO fraud, also known as executive impersonation or “fake president.” This involves emails that appear convincingly authentic as if from superiors or directly from the executive suite, aiming to obtain company data or even secure large money transfers.

In the industry, this is referred to as social engineering. “This means manipulating employees to gain access to sensitive company data,” explains Gisela Kimmerle, head of cyber insurance at Hiscox Germany.

Acting on payment demands rarely pays off

Incidents aimed at redirecting payments to the attacker’s own account are far from isolated. 58 percent of the companies surveyed for the Hiscox study reported significant damages due to payment fraud. This makes it already the largest form of damage, as ChannelPartner puts it.

According to Kimmerle, ransomware, or online extortion, is also an increasing threat to businesses. Attackers encrypt company networks and demand ransom for their release, which they often do not grant because paying ransom gives them more hope.

Many experts therefore advise against paying ransoms. And Kimmerle also notes: “Ransom payments rarely pay off in most cases.” Many affected companies, however, simply do not know how else to help themselves.

It is better not to let it get that far and to take appropriate measures for more cybersecurity in advance, both through technical solutions and through the special training of one’s own employees. Companies receive support from experienced partners like Axians. Further information on the IT service provider’s cybersecurity portfolio can be found here.

Source title image: Adobe Stock /  ArtCraft