What are some examples of cyber security measures taken by companies? Damage Impact Also Explained

Cyber crimes such as unauthorized access and data tampering can involve all companies, and it is important to take measures on a daily basis. This article provides specific examples of cybersecurity measures taken by companies and the impact of damage.

What are cyber security measures?

Cyber security measures are a genre of information security. It refers to measures to protect data, computers, networks, etc. from threats including unauthorized access, data falsification, and even removal of malicious people from within the company.

Necessity of Cyber Security Measures

Cyber attacks, which can target anyone with an Internet connection, tend to be more vulnerable and cause more damage. Cybersecurity measures are essential for all companies that use the Internet.

Measures against Information Leakage

Leakage of confidential information related to corporate sales, research and development, or personal information handled by a business can cause significant losses to the company. If a company that handles personal information suffers an information leak, it will lose the trust of not only business partners but also consumers, and in the worst case scenario, it may even lead to a lawsuit.

Protection of Core Systems

Cyber attacks can not only cause information leaks, but can also disrupt a company's mission-critical systems and bring operations to a halt. Not only are business opportunities lost, but the time loss and costs incurred to restore the system can also put pressure on operations.

Preparing for Supply Chain Attacks

A supply chain attack is a cyber-attack that attacks a company's supply chain, which is the supply network from the procurement of raw materials to the delivery of products to consumers. Rather than directly attacking large corporations, these attacks target small and medium-sized enterprises with which the company has business dealings and which have lax security measures, a technique that has been increasing in recent years.

Countermeasures against Internal Fraud

Cyber-attacks are not only external, but also often internal, such as employees tampering with the system or retirees taking confidential information. Another problem is that recently, teleworking has led to a loosening of surveillance. To deter criminals, it is important not only to prevent unauthorized removal of data, but also to provide security education to employees.

Specific examples of cyber security measures that companies should take

How should companies tackle cyber security? We will explain with specific examples.

Examples of technical measures

• Implementing two-step authentication and access control
  Implement technical measures such as access control and multi-factor authentication to restrict entities such as users, services, and devices that can access important information.

• Prohibit access to unauthorized websites
  There is an increasing number of ways to infect people by leading them to unauthorized sites that are so cleverly designed that they are indistinguishable from real websites. Countermeasures such as using filtering services and restricting accessible sites in advance are also effective.

• Access log management
  Thoroughly manage access logs so that any attempts at internal fraud can be detected and dealt with immediately.

• Regular backups
  Backing up data after it has been infected with malware will result in the data being stored in an infected state. It is important to take regular backups on a daily basis before infection occurs.

• Implement and properly manage EPP (anti-virus function)/EDR
  The use of EPP anti-virus features and EDRs is the most typical way to prevent infection. Different products offer different functions, such as malware detection, identification, removal, and quarantine. Some can be used online, but make sure the functions are available offline, as they must be shut off from the network as soon as the infection is discovered.

• Regular OS and software updates.
  Operating systems are often found to be vulnerable after their release, and continuing to use an older version is the same as leaving vulnerabilities found in the past unchecked. Update your software regularly to keep it up-to-date.

Specific Examples of Human Countermeasures

• Conduct cyber security training
  Raise employees' security awareness and knowledge by establishing and thoroughly enforcing guidelines and providing opportunities for security training. It is also important to prepare manuals on initial responses, such as who to report to and how to respond in the event of a cyber attack.

• Alert employees to targeted attack e-mails and prohibit access to unauthorized sites.
  The possibility of inadvertent malware infection via e-mail can be reduced by improving employee IT literacy. In addition, regularly raise awareness and alert employees by prohibiting access to unauthorized sites or sites that appear to be unauthorized.

• Prohibit the use of external storage media.
  Prohibit external devices from connecting to the internal network, since if a private device is already infected with malware, the connected internal devices may also be infected.

• Beware of spoofed Wi-Fi access points
  Be aware of spoofed access points that use the same or similar names as legitimate access points. If you connect to one, there is a risk of unauthorized intrusion into your communications, interception of your communications, and theft of your information. Especially when away from home, it is necessary to prepare a VPN designated by the company or disable automatic Wi-Fi connections.

Examples of physical measures

• Thorough access control
  If office access can be recorded using IC cards or other means and monitored for suspicious activity, this will not only help identify the leakage route in the event of an information leak, but will also serve as a deterrent.

• Ensure Locked Room Management
  Avoid leaving important files unlocked or storing them in locations where it is difficult to detect a leak. Locking files in a cabinet where their contents are visible is a good measure.

• Assign security guards and install surveillance cameras.
  Even in situations where data cannot be accessed or physically taken out of the computer, it is still possible for criminals to extract information by, for example, photographing the screen. Strengthening analog surveillance systems, such as assigning security guards and installing surveillance cameras, is also an effective cybersecurity measure.

Examples of cyber attacks

This section describes specific examples of cyber attacks that companies should take countermeasures against.

Malware

Malware is a term coined by combining the words malicious and software, and is a generic term for malicious software created with the intention of operating in an unauthorized and harmful manner. There are various types of malware, including Computer Virus, which is a malicious program intentionally created to attack other computers, and Spyware, which is installed on a PC or other device without the user's knowledge and collects and leaks personal information and passwords. There are various types of spyware.

Ransomware

Ransomware is a term coined by combining the words "ransom" and "software." It is malware that encrypts files on an infected computer, rendering them unusable, and demands a ransom in exchange for their restoration. In recent years, ransomware that threatens to disclose stolen data if the ransom is not paid has also become popular.

Targeted Attacks

A targeted attack is a cyber-attack that targets a specific individual or company and attempts to steal confidential information, intellectual property, or account information such as IDs and passwords. The targeted attacker collects and analyzes the target company's information in advance, and then sends out a sophisticatedly disguised e-mail that leads the target to a malware-infested website.

Phishing Scams

Phishers send e-mails pretending to be from real financial institutions, credit card companies, shopping sites, etc., and direct users to fake websites that look similar to the official websites of these companies, and then ask them to enter personal information such as addresses, names, bank account numbers, credit card numbers, etc., in order to defraud them.

DoS Attacks/ DDoS Attacks

A denial of service attack (DoS attack), also called a denial of service attack, is an attack that sends a large number of packets of service requests to the target website or server to overload it and force it to take down its system. On the other hand, a DDoS attack (Distributed Denial of Service attack), also called a distributed denial of service attack, uses malware to bring multiple computers under its control and attack them simultaneously. It is a cyber attack that poses a serious threat to businesses because it is difficult to identify the origin of the attack and distinguish it from normal access.

Damage Impact of Cyber Attacks on Businesses

This section describes the damage and impact of a cyber attack on a company.

Increased damage response costs and human resources

Depending on the size of the company, normal business operations may be overwhelmed by urgent costs and human resources required not only to recover data and strengthen security measures, but also to investigate infection routes and damage.

Business performance will deteriorate due to loss of public trust.

Cyber attacks, such as privacy breaches and leakage or misuse of personal information, can disrupt trust relationships with customers and business partners. If the company also loses social credibility as a company that has neglected security measures, a deterioration in business performance will be inevitable.

Corporate activities will become impossible due to system downtime.

There is a risk that the entire organization's operations and services may stop or malfunction. For a manufacturing company, a production line could stop running, and for a hospital, electronic medical records and reimbursement systems could be affected, making it impossible to continue medical care.

Risk of lawsuits and damages due to information leaks, etc.

In addition to losses due to business stoppages and loss of trust, there are also legal risks depending on the data handled. If a company is legally liable for a leakage of personal information, for example, it may pay a large fine.

For initial response to cyber attacks, FRONTEO's "Cyber Security Investigation Package" can be used.

In order to minimize the damage from such cyber attacks, initial responses must be handled with the utmost care and speed. With FRONTEO's "Cyber Security Investigation Package," which boasts a large number of fraud investigation results, we provide high-quality cyber security investigations that are recommended by several insurance companies.

We provide not only EDR investigations, but also Dark Web investigations in one package, and can conduct additional investigations such as Wi-Fi vulnerability investigations, NDR investigations, and penetration tests. For companies that do not have personnel with specialized knowledge, concerns remain about the speed and expertise of contingency response. Based on the know-how gained from our overwhelming track record, FRONTEO will support your initial response to cyber attack damage.