Like many businesses, you use social media to advance your marketing efforts. And why shouldn't you? It's affordable, easy to use and a great way to interact with prospective customers or die-hard followers.
On Monday, you visit your Facebook page to discover dozens of offensive posts coming from your account along with the logo of a prominent hacking group. Yikes! You quickly delete the posts, sign out of all devices and reset your password. But it's too late. The damage has been done.
Cyber vandalism is a big problem for brands because it directly impacts public perception of your company. Thankfully, there are steps you can take to reduce your chances of being vandalized. Remember, if your organization ever succumbs to cyberattack, cybersecurity liability insurance from CyberPolicy can bail you out.
The first thing you need to understand about cyber vandals are their motives. Otherwise, how will you know what to protect and why?
There are essentially three types of cyber vandals: script kiddies, grey hat hackers and black hat cybercriminals.
The first group is made up of newbie hackers in their teens or early twenties who are learning to test their skills. Generally, they find hacking kits or "scripts" on the dark net to fire at easy targets (such as a small business' Twitter page).
But just because script kiddies are low-level hackers doesn't mean they aren't dangerous. Some experts believe that an inexperienced script kiddie and disgruntled PlayStation user was responsible for 2016 Dyn DDoS attack that knocked dozens of websites and services offline.
The second group straddles the line between ethical hacking outright cybercrime (something that the tech community refers to as "grey hat hacking"). Take for instance the hacking group OurMine. In late 2016, this group infiltrated several highly visible social media profiles including Netflix's Twitter account, Facebook CEO Mark Zuckerberg's Pinterest page and Google CEO Sundar Pichai's Quora account.
Their goal? To promote OurMine's cybersecurity consultation service. Even if they didn't post anything insulting to these pages, this sort of vandalism reflects badly on the victims' cybersecurity efforts.
The final group is unequivocally the most destructive. Black hat cybercriminals want nothing more than to harm your brand. For example, the black hats could compromise your social media pages, post dozens of inflammatory comments and change your sign-in credentials so you can't access the account... Well, not until you pay a ransom fee in Bitcoin at least.
The best thing you can do for your brand is learn how to avoid these incidents altogether.
-Start by employing strong and unique passwords on all your accounts. Simple passphrases can easily be cracked by brute force attacks, and redundant passwords are quickly exploited through credential stuffing scams.
-Make sure you implement two-factor authentication to prevent unauthorized users from accessing your social accounts by requiring an additional sign-in permission from an approved email account or mobile device.
-Whatever you do, do not try to challenge or taunt the attacker. This can only end in disaster.
If, however, you do fall victim to cyber vandals - sign out of all devices immediately, change your passwords, delete the offending posts and reach out to your cybersecurity liability insurance provider. They can help you assess the financial damages (if any) and recommend next steps - such as reporting the incident or inspecting your network for other signs of intrusion.
Don't delay - Visit CyberPolicy for your free cyber insurance quote today!