Protect your company against data breaches

Four tips to protect your company

• Never click on links or attachments in emails if you are not sure of the sender.
• Back up critical business information and software regularly. All copies should be stored offline, for example on an external hard drive or USB stick. Restore the information regularly to make sure everything is working properly.
• Enable automatic updates of programs and applications.
• Have an incident response plan in place. By assuming that sooner or later you will experience a data breach, you can prevent incidents rather than reacting to them once they have happened.

What is a data breach?

A data breach is when someone has gained unauthorised access to information in a data collection, such as a computer system. It also includes unauthorised manipulation, deletion, modification, or addition of data to a system.

How does a data breach occur?

Data breaches are most commonly committed through stolen login information. Attackers gain access to login details through phishing or the like. The victim may, for example, be tricked into providing login details by a login page that looks genuine, or get malware on their computer by clicking on what looks like a legitimate attachment.

Initially, the attacker's main goal is to get the victim to click on the link or download the file that executes the malicious code. Once the victim has performed the action required to execute the malicious code, the victim's computer begins to become infected.

The computer is now vulnerable, and soon the attacker can control it remotely and access sensitive documents, files and contacts without being detected.

Why do data breaches occur?

Unfortunately, the simple answer to this question is that cybercrime is and remains extremely profitable, and the risk of detection is relatively low.

For various reasons, almost all companies avoid reporting the breach to the police, and often choose to pay all or part of the ransom demanded by the attacker. In this way, unsuspecting companies and organisations continue to finance criminal activities.

In parallel with digitalisation and rapid technological development, cybercriminals have also become organised. Today's criminals are often organised in company-like structures.

There are also government-funded hacker groups whose role is to attempt to fund their own government's military needs or spy on other nations.

In nearly 85% of cyber attacks in 2021, the data breach was caused by human error. Phishing was the most common method used by attackers. Spear phishing accounted for more than half of phishing emails. Scammers identify their intended victims – their role in the company, their interests and the structure of the company – and then use this information to deceive their victim.

How can you protect your company against a data breach?

There are several elements to a company's protection against data breaches: the knowledge and awareness of its employees, its procedures and working methods, and its technical protection.

Teach your staff to recognise the signs of a data breach

To protect your company from a data breach, it is important to train staff in basic cyber security, have anti-virus protection and put IT policies into place.

Train staff to recognise fake emails through exercises and information.

Have clear procedures and a permissive culture in relation to what actions staff can take if they have the slightest doubt about an email or text messagre about data breaches and ransomware.

What is ransomware?

Ransomware is a type of virus that locks all computers and mobile devices, or encrypts files. To regain control, the company has to pay a ransom. If your company becomes a victim of ransomware, you should never pay the ransom, as there are no guarantees that this will make the problem go away.

Report it to the police and get help from the resources available at nomoreransome.org . More information about ransomware is available on the Swedish Police's website. Under the GDPR, all concerned parties must be informed of any data breach that has occurred if there is a risk of identity theft, leaked personal data or fraud. This means that data breaches must sometimes also be reported to Integritetsskyddsmyndigheten (Swedish Authority for Privacy Protection).

There are many examples of well-known companies that have been victims of ransomware here in Sweden, for example in the grocery trade. One of the companies that was a victim of ransomware had no crisis plan in place when they were locked out of their systems, and were unsure of how to communicate with each other when their emails and phones were not working. Should they use their private email addresses? Have an incident response plan ready in case of a ransomwareattack.

More tips on how to protect your company:

• Start by deciding who is responsible for security issues.
• Make a checklist of all the security issues and work through them. You do not need to have all the answers from the start.
• If you do not have the knowledge in-house, consider using an external cyber security company, both as a preventative measure and when an attack occurs.
• Enable multi-factor authentication on all systems with this capability. If you use social media for advertising, for example, it is important to also have multi-factor authentication enabled for private accounts as well.
• Continuously update (patch) all software.
• Use antivirus software and firewalls.
• Stay abreast of what risks and threats exist.