What should be done when a hacker attack occurs? A guide to the weapons of cyber pirates and the possible countermeasures to be put in place.
We tend to think that hacker attacks are things from movies that concern most large companies or individuals unaware and without some knowledge of the network. NOW , attacking individual users is no longer in use. While it may seem some tempting to attack a large insurance business, it is very profitable and widespread to attack a small business.
The favourite victims of cybercriminals are hospitals, schools, financial institutions, but above all, SMEs, which often do not have adequate defences.
Types of cyber attacks
The hacker attacks are being carried out for two main objectives: extortion or theft of information. To achieve one their goal, they use various techniques/tools, including:
- malicious software, such as malware, among which the most popular is ransomware, which encodes data and makes it unavailable to the owner, who is then asked for a ransom ;
- phishing, i.e. a subterfuge – such as a fake link – through which the unfortunate person is pushed to hand over personal data ;
- DDoS attacks, which consist of an excessive stimulus to the attached device, which makes it unusable ;
- Social Engineering, a method that involves studying the victim in advance, looking for his weaknesses, and then creating ad hoc stimuli, such as e-mails, or telephone messages, to extort data or money (similar to phishing).
The most usedfor hack in 2020 is malware, in 42% of cases.
What can we do in the event of a hacker attack
When you are attacked, the first thing to do is to identify the source and the PC, or group of PCs, that was hit. Both to try to isolate and combat the threat, and to be able to collect and preserve evidence of the attack, in view of recourse to legal action. It is not recommended to give up and pay the ransom in case of attacks such as those with ransomware.
How can we avoid hacker attacks
Prevention, in this case, is certainly better than cure. For all those at risk – in particular, as mentioned, SMEs – it has become a necessity to invest in IT security. In fact, in the event of an attack, it costs much more to normalize the situation and repair the damage rather than spending money upfront for cybersecurity. Among other things, some techniques and measures can be implemented free of charge, or in any case with minimal economic effort, such as:
- use company computers rather than personal computers ;
- check e-mails carefully, avoiding clicking on suspicious links;
- change passwords often, using as few as possible numbers and words that can be traced back to themselves;
- make a backup of the external hard disks, not connected to the network to avoid data loss;
- always update system software and applications that are used.
These measures, free of particular costs, are essential to make your company safer. However, to make your defences even more efficient, it is advisable to purchase an antivirus and use corporate firewalls. If not, even hire a specialist for cybersecurity, or rely on a company in the cybersecurity sector.
Italy among the favourite victims
Italy now among the top 10 countries affected by hacker attacks. As CLUSIT reports in its 2021 report, from 2017 to 2021, there was an increase in attacks of the order of 78%. The Italian trend is confirmed by the world trend, especially in 2020 (1871 serious attacks in the public domain), with the outbreak of the Covid-19 pandemic. If the data are not convincing, remember the recent attack suffered by the Lazio Region in the second half of August, which still leaves some aftermath.