ILMA Compoundings April 2017 - 32

widely in the last few years. This virus encrypts your data,
and the only way to get the data back is to either completely
wipe out the machine or pay a ransom fee in bitcoins.
Employee abuse of internet service privileges: Giving
employees open access to the internet has two potential
problems. The first is that employees may access websites
that contain viruses and malware which can infect your
internal network. The other issue is the employee can be
wasting tremendous amounts of time surfing the web
instead of doing his or her job. The abuse of internet service
privileges is an extremely common problem that can have
devastating effects on your bottom line. However, simple
preventive measures can be taken to limit the use of the web
to specific sites that are work-related and safe.

"Insiders have certain privileges that
make unauthorized access to information
far easier for them than for an outsider."

Unauthorized access by outsiders: Unauthorized access
by outsiders is hacking from an external source. It is just like
unauthorized access by insiders, except the perpetrator is
working from outside the company's computers or systems.
There are three types of cybercrimes:
Denial of Service: Denial of service (DoS) attacks occur
to shut a business down or limit access to its data. This can
occur when a cyberattack floods a company's machines or
systems with requests, overloading the systems and preventing other requests from being fulfilled, or it could be that
a virus shuts down the network so that the business can't
access it.
Theft of proprietary information: Stealing proprietary
information has become very prevalent. This can be cases
of corporate espionage, where another company is hacking
into your system or having a current or former employee go
into your system and steal information, or it can be done by
individuals stealing proprietary information for their own
financial gain.
Sabotage of data and/or networks: Data sabotage
occurs when an attacker manipulates a company's data
simply for the satisfaction of destroying it. This is like graffiti or destruction of property; it serves no purpose other
than destruction.

THE TWO TRANCHES OF RISK

Unauthorized access by insiders: Perhaps more commonly known as hacking, "unauthorized access" is a term
used to describe incidents in which a company's data has
been compromised. Insiders, or people from within a company, pose a greater threat than outsiders because of their
knowledge of the business. On many occasions, insiders are
able to access information they should not or would not
have access to because the company has failed to implement
the proper safeguards to protect itself and its information.
Insiders have certain privileges that make unauthorized
access to information far easier for them than for an outsider.

APRIL 2017

| COMPOUNDINGS | ILMA.ORG

Most of the risk of cyberattacks businesses face can be
attributed to two broad tranches:
Human Behavior: People are not perfect. Companies
open themselves up to attacks when employees send or
respond to emails from the wrong person, lose devices, open
programs or messages on their devices that contain malware
(such as viruses, worms or Trojan horses) and surf the web
in a negligent manner.
Infrastructure: A weak infrastructure can increase a business' risk of getting hacked or being negatively affected by
malware. Hackers look for easy access to systems, so if you
don't have firewalls around your network or your server tied
down with restricted access you are an easy mark. It's like
leaving your front door open.

PROTECTING YOUR COMPANY
The access points businesses should be protecting include:
individual PCs, phones, tablets, networks and servers.
There are several strategies and techniques every business
should employ in order to protect these access points from
an attack:
Run spyware and keep it up to date: Spyware is usually
used to collect information about how an individual or
company uses its computers. Spyware has a negative connotation associated with it, because it is usually used to steal

http://www.ILMA.ORG

ILMA Compoundings April 2017

Table of Contents for the Digital Edition of ILMA Compoundings April 2017