Many think of cyber-attacks as something that occurs to specific organizations because they are specifically targeted by hackers or terrorists. But the reality is that regardless of size and sector, most organizations should consider themselves targets and take action to protect their assets and values.
According to the Norwegian Police Trend Report for Organized Crime 2016, these are the most common IT-crimes:
- Phishing: E-mails that are sent to a great number of people with the intent to trick people into clicking links, opening attachments or attempting to get recipients to give up confidential information.
- Vulnerabilities in common software: Links or attachments in e-mails may be used as vessels for viruses that are designed to exploit vulnerabilities in common software applications.
- Ransomware: Often installed when opening attachments in e-mails. Ransomware may be used to prevent your business from access to files or other applications until a ransom is payed.
- Unauthorized access to IT-systems: This can be hacking or theft of login information with the intent to get access to e.g. passwords or confidential information.
- Denial of Service (DoS): This is often an act where a legal service is intentionally overloaded to negatively impact an organizations ability to deliver normal services.
- Fake web-pages: Fake web-pages may be set up in an attempt to get access to login data to e.g. online banking.
Be prepared and take appropriate action to avoid or handle attacks on your IT-systems before they happen.