Hackers have no qualms about whom they attack. Targets include various industries, including construction, glass, glazing and manufacturing. In fact, Brad Spiess, vice president of Union Insurance Group, says the construction industry is the third most common industry targeted by hackers.
Types of Cyberattacks
Spiess told a packed room at the 2023 North American Iron Workers / Ironworker Management Progressive Action Cooperative Trust (IMPACT) conference in February that cyberattacks are not only here to stay but are expected to increase in frequency in 2023. That’s because the process has become easier. Believe it or not, he said, hackers have business models that streamline the process.
This includes intercepting emails to extort money. Hackers also send deceptive emails to lure organizations or users to collect sensitive information. This is called phishing, and Spiess said 90% of cyberattacks start this way. He added that phishing nets cybercriminals an average of $17,700 per minute.
Additional types of cyberattacks include:
- Malware: Reaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that installs risky software.
- Man-in-the-Middle: Also known as eavesdropping attacks. Common points of entry include unsecured Wi-Fi and a malware breach.
- Denial of Service: Floods systems, servers or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests.
- Zero-Day Exploit: A zero-day exploit hits after a network vulnerability is announced before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window.
An Increase in Attacks
Cyberattacks have only increased since the pandemic.
McAfee Enterprise and FireEye reported in a 2021 study titled Cybercrime in a Pandemic World: The Impact of COVID-19 that 81% of global organizations had experienced cyber threats, with 79% experiencing downtime due to a cyber incident.
Despite that, the report found that organizations have not effectively prioritized security. As a matter of fact, 33% of organizations have reduced technology and security budgets despite rising cyberattacks. That’s the opposite of what companies need to do, Spiess said.
He stated organizations need to promote a security-focused culture. They need to invest in cyber security insurance and implement multi-factor authentication and endpoint detection.
How to Prevent Cyberattacks?
Preventing cyberattacks is not a feat for the unwilling. The process involves constant communication and determination. Norton, a provider of database security products, lists various ways to protect organizations and users from cybercrimes.
The list includes using a full-service internet suite, implementing strong passwords, updating software, limiting employee access to data, managing social media settings, strengthening networks with a VPN and training employees on how to use email and what to look out for.