What you need to know now!
Ransomware & other potential threat scenarios
Occupational safety and the capability to ensure delivery and business operation are among the most significant success factors in companies and organizations. Unfortunately, potential threat scenarios that pose serious risks continue to emerge.
We have summarized the most recent threats, particularly in the field of cyber security, as well as some ways to prepare yourself.
”Ransomware, a type of malicious software, has a very high damage potential for management system documentation, as it could affect the entire company, including the areas of quality, environment and safety”, says Eckehard Bauer, MSc, Executive Vice President Business Development Safety Management, Business Continuity, Risk, Security, Compliance and Transport, Quality Austria.
Other cyber threats from 2021
Looking back to 2021, the independent information platform on Internet fraud and fraud-like online scams “Watchlist Internet” categorized the top 5 cyber threats that can be dangerous for individuals as well as entire businesses:
- Fake stores have been around for a long time and were usually recognizable by poor spelling, missing imprints or prices that were too low. However, scammers are increasingly adapting to seasonal demands and copying websites of reputable providers. Therefore, it is advisable to pay even closer attention to the imprint and experience on the Internet.
- Dubious drop shippers actually send their goods to the customers (in contrast to the above mentioned fake stores). However, the goods often arrive with great delay or high cost traps occur, such as customs and expensive returns.
- “Smishing” is a new fraudulent practice using SMS (short message service). Here, text messages are sent by supposed banking institutions or parcel services and ask the recipient to click on a link or enter personal data. This may trigger unintentional payments or install viruses. Significant signs to identify “smishing” activities include spelling and grammatical errors, a direct request to click on a link, or requests for package tracking without packages having been ordered.
- Investment platforms: high profits, low costs and personal support attract more and more users to dubious trading portals. The loss of capital (fraud) is often followed by a “recovery scam”. In this case, the recovery of the previously lost capital is offered in exchange for money. However, this is almost always another form of scam.
- Tech-support scam: these are classic scammers who want to gain access to the people‘s PCs, usually through malware. Therefore, do not trust any alleged Microsoft employee or other supposed service offers where you are contacted personally via phone to close security gaps.
Better safe than sorry
In addition to using secure software and tools, it is important to raise employees’ awareness of the problem by developing their skills in a targeted manner, and also to consider the factor “human“. This includes, on the one hand, further training and education, for example in the areas of risk, security and compliance. Such training courses provide a practical approach to these topics and prepare the participants for possible emergencies.
Another effective protective measure, on the other hand, is to systematically address the issue, for example in the context of a business continuity management system (BCM) acc. to ISO 22301, ÖNORM D 4901 (risk management) or an information security system acc. to ISO 27001. In the event of an emergency, a BCM can help to improve the course of the incident and to quickly and systematically regain the operational or delivery capability. Organizations with a certified BCM are in a position to resume the interrupted or impaired business processes much more quickly if the worst comes to the worst.
Existing emergency systems, in the sense of a holistic and sustainable approach, must therefore also be expanded to include cyber issues and be recognized as an overall framework.
qualityaustria trainings in this context:
The "Watchlist Internet" keeps you updated about Internet Fraud, Traps and Fakes. Learn more here!
Contact person
Team
Ms. Claudia Kerpe, MSc
Head of HR, Business Development Risk, Business Continuity, Compliance and Anti-bribery
