Protect Your Business Against Social Engineering Data Breaches

Advancements in the internet and technology have revolutionised the way we work, live, and communicate. But with these advancements comes space for cybercrime to flourish. Government statistics indicate 70% of UK businesses have experienced a security breach. As cybercrime continues to advance, it is inevitable that the remaining 30% of businesses will experience a security breach in the future.

It isn’t all doom and gloom though. There are many effective strategies and software tools available to ensure these security breaches are brief and minimally destructive. They allow your business to recover instantly. But, the best data protection strategies combine technology and other methods for solid protection. You and your staff should take personal steps to keep your business and its sensitive data secure.

A recent news case revealed that a British citizen gained access to the email accounts, social media accounts, computers, telephone numbers, and other sensitive information of many high-profile US individuals. These people include the secretary of the US Department of Homeland Security, the White House deputy national security adviser, FBI agents, the deputy director of the FBI, director of National Intelligence, and police officers. Due to the public prominence of these individuals, and the advanced security measures employed by the US government, it is surprising to find out how these cyber attacks were carried out by a British teenager, Kane Gamble.

How did he do it? Visions spring to mind of faces hidden beneath dark hoodies inserting memory sticks into computers by steady hands wrapped in leather gloves, or the notorious Guy Fawkes masks worn by the members of the Anonymous hacker group. But this portrayal of hacking that we see in shows like Mr. Robot does not reflect the everyday experience of cyber attacks. Kane Gamble didn’t do any of this. He was just 15 years old, sitting in his bedroom in Leicestershire as he got access to information about intelligence operations in Afghanistan and Iran, simply by asking.

Gamble used social engineering. This is where someone builds a profile of information and uses it to manipulate others into handing over more. He pretended to be the director of the CIA to gain access to his data. He also pretended to be the deputy director of the FBI to access an intelligence database. This type of attack involves manipulating people such as call centre or help desk staff to divulge confidential information. By doing so, he continued to gather more personal information which he used to harass his victims in their own homes. Social engineering is the most common method used by cyber attackers. So how can you protect yourself and your business?

Make sure you and your staff are aware of social engineering techniques so you can recognise and avoid them. Look for things like phishing emails. These look like they are from credible organisations but are not. Always check the sender address. If an email seems fishy, contact the legitimate organisation to check if they are the sender. If something looks too good to be true in an email, it is likely that it is. These emails also lead to the installation of malware or ransomware on your computer which steal your personal data. Protect yourself and teach your staff to do the same. Never give out sensitive data, like usernames, passwords, card details, or answers to security questions online. This endangers you and your business. Cybercriminals are cunning. Even the best security technology can’t protect you from all of the ways they attempt to manipulate you, especially when your personal data is given out freely.

Preventing cyber attacks on your business starts with you. Having the most effective and up-to-date network security reduces the likelihood, impact, and recovery time of your business when data breaches do occur. To find out more about how we can help protect your business online, give us a call today on 01204 860050.

Free eBook
Test your Internet Security IQ