Whether you’re the CEO of a large corporation or the founder of a small start up, you likely have data you would prefer to keep away from prying eyes. However, cybercriminals are indiscriminate in their attacks. All they care about is gaining access to sensitive information.
Strong cybersecurity measures can help deter cyber criminals, but that doesn’t guarantee the safety of your network. If your systems were to succumb to a security breach, would you know what to do? Don’t worry, we’ve compiled a list of steps you can follow to defend your organization from further damage.
What is a network breach and what should I do about one?
A network security breach is when someone gains unauthorized access to your systems. A breach can result in malware, data loss, data theft, money loss, lost productivity, and reputational harm. You can protect yourself with strong passwords, multi-factor authentication, regular software updates, and user training. It’s also smart to create an incident response plan in advance, so that you know what to do — and who will do it — if something goes wrong.
A network security breach is when an outsider finds a way to bypass your security to get inside your network. Once inside your system, they can gain unauthorized access to data, applications, and devices. You can think of it like a burglar eluding security systems to break into a bank.
Sometimes, “network breach” and “data breach” are used interchangeably — but there is a difference. In a network breach, someone gains unauthorized access to your systems. While a hacker can steal data after gaining access, they do not always do so. On the other hand, sensitive information is extracted in a data breach.
Compromised cyber security is not rare in the business world. When a big corporation is invaded by an unauthorized user, it tends to make headlines for all the wrong reasons. Here are just a few of the most infamous breaches in the last 10 years:
OPM: In June 2015, the federal Office of Personnel Management announced that background investigation records of 21.5 million current, former, and prospective federal employees had been stolen. This information included usernames, passwords, social security numbers, and fingerprints.
SolarWinds: In December 2020, it was reported that a Russian state-sponsored hacking group covertly added malware to an enterprise software tool. The tool was then downloaded to secure systems owned by Microsoft and the US federal government, among others. This ultimately gave the attackers broad access to those networks.
Reddit: In February 2023, the social media platform stated that a single employee’s credentials were compromised in a phishing attack. As a result attackers gained access to ‘internal documents, code, dashboards and business systems.’
While these are high profile network and data breaches, you should know that most incidents aren’t so flashy. Even though we usually hear about events that affect huge corporations, many of these incidents target small businesses. Consider some common risks that affect businesses of all sizes.
Cyber criminals deploy a variety of techniques to infiltrate your network. Consider a few examples.
Social engineering exploits trust and social norms to get information or access. It can happen in person, online, or over the phone. An attacker might pose as technical support, a vendor, or some other trusted person in an attempt to get employees to disregard standard security practices.
Phishing is a type of social engineering that tries to trick a user to click a link, follow instructions, or provide sensitive information like a password or credit card number. Phishing links are also used to install malware on computers.
Malware like viruses, worms, ransomware, and spyware can cause a host of problems ranging from mild to severe. While some may just be annoying or cause performance issues on your machines, others can result in data loss, money loss, and reputational harm.
Bots are automated programs designed to complete tasks online. While some can be helpful—like a customer service chatbot—others are malicious. They can be used to attack a computer or network so that it is overwhelmed and cannot respond (called denial of service).
Man in the middle attacks happen when an attacker interrupts network traffic, usually between you and the internet. These attacks allow data to be stolen, wrong data to be sent, or malware to be installed. They are a real risk on public Wi-Fi.
How to protect against a network breach
Since anyone can approach your virtual doorstep over the internet, good digital security is essential. There are several practical steps you can take to protect yourself against network and data breaches. Seven things you can do to protect yourself are:
- Using unique usernames and passwords
- Enforcing multi-factor authentication
- Implementing geolocation-based blocking
- Providing user awareness training
- Patching and updating software
- Making good use of threat protection and other security tools
- Considering a cyber liability insurance policy
We cover these important steps more extensively in our post, How to protect yourself against cybercrime. If you’re a defense contractor, you’ll also want to make sure that you comply with DFARS and prepare for CMMC. The US Small Business Administration has additional tips and resources to strengthen your cybersecurity.
Despite your best efforts, an experienced or determined hacker could still gain access. So it’s vital to have an incident response plan that explains how you will deal with an incident. If you suspect your computer system has been compromised, you should act quickly and calmly. Here are some steps to follow to reestablish network security:
Evaluate which systems were accessed and take steps to prevent further damage.
Investigate how your network was breached and decide how you will strengthen security to prevent a similar incident in the future.
Restore systems and data. Servers and workstations may need to be rebuilt to eliminate the threat of malware. After making sure backups were not compromised and no malware is present, data can be restored.
Recovery and improvement may take some time. As you restore systems and data and make improvements to your security, look for ways to improve your incident response process.
Notify appropriate government agencies and anyone whose data may have been included in the breach.
You can learn more about incident response in our article, How to respond to a cybersecurity incident.
Get the Incident Response Plan worksheet
Developing an incident response plan requires that you have access to multiple resources. Don’t scramble for this info when you have a cybersecurity incident — keep it organized and in one place with our free IRP Worksheet.
Don’t have time to fill out the worksheet right now? Enter your email address (totally optional!) and we’ll send you a link so you can download it later or share it with your team.
If you want to prevent security breaches, the best way to do it is by taking a proactive approach to your cybersecurity. E-N Computers takes your security seriously, so we:
- remotely monitor your network 24/7 to discover suspicious activity immediately,
- quickly remediate any potential issues,
- develop a backup and disaster recovery plan,
- help you develop an incident response plan,
- encourage best practices regarding usernames, passwords, and multi-factor authentication, and
- keep your software updated.
Contact us today to learn more about how E-N Computers keeps your business safe.