Cybercriminals and hackers are rarely shy about the methods they use to attack their victims. Many of them are more than happy to share how they broke into a practice’s network or how they walked away with thousands of dollars after successfully extorting the owner of a practice whose company is now destroyed.
There are new stories out there to get your blood boiling as cybercriminals work to ruin people’s lives and livelihoods. These criminals don’t care what kind of damage they do. They only care about one thing: money. If they can get away with it – and many do – they’ll keep on doing it.
It’s up to the rest of us as practice owners (and employees) to stay at least one step ahead of these cyberthugs. The single best way to do that is to stay educated on the latest threats. The second-best way is to stay up-to-date with the latest technology designed to combat cyber-attacks.
Here are three tricks of the trade cybercriminals are using right now in an attempt to get their hands on your money:
Ransomware. This is very common. It’s a form of malware, and it can sneak onto your network and into your computers in a number of different ways:
- Ad Networks. These ads can appear on social media sites and on familiar websites. Someone clicks a compromised ad or pop-up, and it initiates a file download. It’s quick and it can be confusing. This is where anti-malware and anti-ransomware come in very handy.
- Malicious Links. The cybercriminal sends you a legitimate-looking e-mail, supposedly from your bank or a familiar online store. It may even be disguised as an e-mail from a colleague. The e-mail contains a link or file. If you click the link or file, it installs the ransomware.
- Hidden Files On Thumb Drives. This happens way too often where someone brings a thumb drive from home. While the user doesn’t know it, the drive has a malicious file on it. When the thumb drive is inserted into a networked machine, the file is installed.
No matter how the ransomware gets onto your devices, the result is basically the same. The ransomware goes to work and begins encrypting your files. Or it may completely block you from accessing your computer altogether. You’ll get a full-screen message: Pay up or never access your files again. Some ransomware programs threaten to delete all of your files. Others say they will never restore access.
DDoS Extortion. Short for distributed denial of service, DDoS attacks are a relatively easy way for hackers to take down your practice’s online presence and wreak havoc on your network. These attacks mimic online users and essentially “flood” your network with access requests. Basically, it’s as if millions of people were trying to access your website at once.
Your network simply can’t handle that kind of traffic and, as a result, it goes down. The hackers can continue the attacks until you take action. That is to say, until you pay up. If you don’t pay up, the hackers will do everything they can to keep you offline in an attempt to destroy your practice. If you rely on Internet traffic, this can be devastating, which is why many practices end up paying.
Direct Attacks. Some hackers like to do the dirty work themselves. While many cybercriminals rely on bots or malware to do the work for them, some hackers will see if they can break through your network security in a more direct way. If successful at breaking in, they can target specific files on your network, such as critical business or customer data.
Once they have the valuable data, they may let you know they have it. Sometimes they’ll ask for money in return for the sensitive data. Sometimes they won’t say anything and instead simply sell the data on the black market. Either way, you’re in a bad position. A criminal has walked away with sensitive information, and there is nothing you can do about it.
Except, that last sentence isn’t true at all! There are things you can do about it! The answer is preventative measures. It all comes around to these two all-important points:
- Stay educated on the latest threats
- Stay up-to-date with the latest technology designed to combat cyber-attacks
If you do these two things and work with an experienced IT services company, you can change the outcome. You can put the cybercriminals in their place and have a digital defense wall between your practice and those who want to do your practice harm.