The Human Firewall

When it comes to defending against cyber attacks, staff training is key

Photo: Western University’s Colin Couchman

OVER THE LAST year, our region has seen many reported malware and ransomware cyber attacks, leaving companies, organizations and municipalities devastated, and customers and clients shaken. And those are just the incidents that have been publicly reported.

But no matter the industry or the location, the widespread threat of cyberattacks means companies should be extra ­vigilant in their cybersecurity awareness and strategy.

While IT tools have become more capable and ­sophisticated in preventing attacks, there’s still a crucial element in the system that can’t necessarily be fixed through with new hardware or software: human decision-making. Ensuring that your employees know how to identify and respond to an innocuous but malicious email can mean the difference between safeguarding your business or halting operations altogether.

Colin Couchman, Western University’s director of cyber security and business services, is educating the public about threats like these, warning that devices and staff at all levels of an operation can fall victim to malicious threats, and in turn, risk collective security.

“Well-defined and tested disaster recovery and ­continuity of business plans will go a long way in helping to restore compromised systems” —Colin Couchman

“The computer devices in question are internet-­connected and can range from a personal computer to an IoT [internet of things] device to enterprise-level servers,” says Couchman. “The targets of these attacks can be individuals as well as small businesses and whole organizations, and the requested ransom is typically paid in the form of a cryptocurrency—Bitcoin, for example.”

With these transactions orchestrated entirely online by highly technical, anonymous users, Couchman warns that the frequency of these demands is contributing to the ­emergence of a “digital extortion economy” that can pose recurring threats to the unprepared.

So, how does one avoid falling victim to these attacks? Couchman encourages users to empower themselves and their organizations with the knowledge to understand signs when receiving deceptive online communications.

“There will typically be a few things notably ‘off’ about the message,” he explains. “For instance, the message often comes from someone unknown to the recipient, with some sort of plea to read the message in the subject line. Or, the message seems to be from someone known, but it might be noticed that the email address is not quite right or the grammar and syntax of the message is just a little bit strange.”

While a ransomware attack can infiltrate many areas of one’s personal life, businesses face a flurry of issues with these exposures. If an attack puts sensitive documentation and customer privacy at risk, attacks can be crippling.

In the fight against cyberattacks, Couchman says the best strategy is to ensure that an organization develops a “cyber resilient culture,” starting with awareness and thorough comprehension of potential risks and weak spots, ­developing a strong backup strategy and ensuring that employees are trained to handle corporate data according to structured prevention policies designed to protect the organization’s systems.

“Well-defined and tested disaster recovery and ­continuity of business plans will go a long way in helping to restore compromised systems,” he says. “Instead of paying the ransom, the infected systems are rebuilt with the applications re-installed and the data restored to them. If all goes well, the downtime is minimized and the organization is not out significant funds paid to the criminal in question.”

That said, Couchman notes that it may not be prudent to immediately turn to a quick fix, as attackers are familiar ­perpetrators in the digital extortion economy. “There are plenty of examples that can be found where a ransom has actually been paid and there are many reasons for doing so,” he says.

“Cybercriminals have a vested interest in helping you get your files back,” he adds, pointing out that a repeat customer is easier to manage than finding new prospects. “But it should be noted that payment may identify a payee as a recurring future mark. It is important to note that one is still dealing with criminals in these cases, and trust is not something that should be taken for granted.”

Share via