The U.S. has seen a series of high-profile cyberattacks in recent years, from hackers hijacking systems for ransom payments to phishing scams targeting vulnerable businesses and individuals.
Yiddy Lemmer, who owns IT support and cybersecurity firm CompuConnect in New York City, says his company has seen a massive spike in attempted attacks against its clients in recent months and that the threats are "very, very real."
While he can't say for certain who is behind all the breach attempts, Lemmer attributes the timing of the surge to Russia's invasion of Ukraine and the U.S. sanctions against Russia that followed.
But regardless of cyber criminals' intentions or locale, he says there are several ways businesses can bolster their cybersecurity to protect themselves.
Train employees on how to spot phishing scams
Lemmer says the vast majority of breaches occur through email, so being vigilant about threats and teaching employees about those dangers is the first step in being proactive against cyber threats.
Common scams used by malign actors include sending links through email that can hijack systems when clicked, posing as the worker's boss to obtain banking information, or simply guessing easy passwords in order to gain access to company data.
Use strong, unique passwords and multi-factor authentication
Businesses and individuals alike should utilize password managers such as LastPass or Bitwarden that can generate secure passwords on the fly and store them for future use, Lemmer says.
He warns that using the same password for multiple sites leaves people vulnerable because of how frequently company sites are breached and their customers' data end up for sale.
"Hackers will dip into that dark web page base to grab credentials and try to unlock as many doors as they can," he told FOX Business.
Conduct a cybersecurity audit
Even companies with a dedicated IT specialist can have holes in their online protection, Lemmer says. He recommends having an independent third party conduct an audit to look for weaknesses, because firms like his that conduct such assessments inevitably find something that needs to be rectified.
Have proper backups in place
"One misconception people have is that keeping their files in the cloud means they do not need additional backups," Lemmer told FOX Business. "The truth is that files in the cloud are just as susceptible to getting destroyed in cyberattacks and can get deleted remotely."
He says there are direct-to-consumer services that provide secure online backup, and the one he recommends for consumers is Cloud Ally. But businesses should seek higher-grade protections that include compliance services.
Obtain cyber insurance
Lemmer highly recommends that businesses obtain a cyber liability insurance policy, so that if they were to get hacked, the insurance company can help.
Insurance companies that offer these policies are incentivized to get involved not only to reduce or prevent the risk of any payouts for ransom demands but to assist in forensics to see how cybercriminals were able to gain access to a system in the first place.
However, Lemmer says firms that could benefit from those protections should act quickly. He explained, "More and more companies are stopping to offer cyber liability insurance because of the vast amount of cyberattacks happening."