Increased internet connectivity and increased business reliance on it has naturally led to a rise in online security vulnerabilities and the risk of cyber attacks. In a constant power-struggle, businesses need to remain vigilant to prevent cyber crime from costing them time, money, their reputation, and even their existence. Here are some of the most common cyber attacks and ways of preventing or handling them.
What is malware?
Malware is a code with malicious intent – typically destroying something on the computer or stealing data. Malware threats include various viruses, worms and Trojans and is generally introduced to a system through operating system vulnerabilities, email attachments or software downloads.
What you can do to prevent malware
Your IT provider should:
What is a DoS attack?
An attacker disrupts the service to a network by making lots of connection requests until the network becomes overloaded. The most common way of doing this is a distributed-denial-of-service (DDoS) attack, in which the attacker uses multiple computers to send the data that causes a system overload. The attack is normally in effect over a varying time period, and is intended to disrupt the functionality of a business, preventing clients from accessing services or information, or disrupting sales, and affecting network communication.
What you can do to prevent a DoS attack
Your IT provider should:
Case Study:
With large online retailer Moonpig, Conosco helped to resist such approaches by reinforcing the firewalls to handle high loads and using sophisticated techniques such as IPS appliances to control denial-of-service attacks and to prevent and detect security breaches.
What is a password attack?
When a third party manages to gain access to a system by cracking a user’s password, this is known as a password attack.
What you can do to prevent a password attack
Your IT provider should:
Case Study:
In July 2016, a Conosco client was affected when an external attacker managed to gain access to the network via a combination of brute force attempts to an open Remote Desktop Protocol (RDP) connection to an internal PC, and a weak domain password for a generic account.
The attacker scanned through the network to gain access to any network shared files, and proceeded to encrypt them and transmit the encryption key to an external server. Encrypted files are not decryptable without this key, and the attackers demand a ransom to provide the decryption key and application to allow users to restore the affected data (over 500,000 files)
Conosco removed the affected from the network and investigated, but the system was damaged beyond the point of a feasible repair, and it had to be reloaded. Conosco managed to restore all the files, re-enable backups and disable the compromised account to prevent further access.
To prevent a recurrence, Conosco insisted that all generic-named accounts susceptible to brute-force type attacks were disabled; and closed RDP connections, implementing cloud-based file-sharing software (Egnyte) for collaborative remote working instead. We also implemented account lockout policies and two-factor authentication.
What is phishing?
Phishing attacks are sent via email and often pose as a request for data from a trusted third party. The emails often ask users to click on a link and enter their personal data, which can then be used for malicious purposes.
Phishing attacks can also present as a spoofed email, where an external party modifies their email headers to appear to be coming from a high-powered internal staff member (MD/CEO/CFO), and places a request for a fund transfer to a specified recipient, or to send confidential information about the company or other clients. This is known as Whale-Phishing.
What you can do to prevent becoming a phishing victim
Results of a survey conducted by Conosco challenged respondents to spot fake emails used for phishing. The results indicated that 94% of respondents (including a number of IT professionals) failed to recognise email phishing attempts. The survey targeted a select group of senior individuals across a range of SME companies to gauge how well this ‘IT savvy’ group could identify increasingly sophisticated hacking attempts.
The ‘Real or Steal’ challenge involved participants judging a series of emails and trying to decide whether or not each email was genuine. Out of the examples, most people (93%) correctly identified a PayPal email as being fake. On the other hand, most participants were fooled by a phony LinkedIn message, with 63% getting it wrong.
Phishing is an increasingly worrisome problem, particularly in the UK, as the annual Internet Security Report from Symantec (April 2016) points out. In the report, the UK was ranked as ‘the most targeted nation for spear phishing attacks and ransomware in 2015’.
If you are ever uncertain about an email asking for sensitive or financial information, even if it is from a Director or Senior Management, it is always better to consult your IT team to validate the authenticity of the email, than to unknowingly divulge information or transfer money to the malicious external party.
Max Mlinaric, Managing Director of Conosco says, ‘When there is a security breach in blue chip companies you tend to hear of it, and can wrongly assume large companies are most commonly targeted.
‘SMEs often present easier pickings for the hackers, as IT skills, security levels, awareness and sometimes personnel training are sometimes lower than in large companies which have deeper pockets. It is crucial that SMEs ensure their IT is as secure as possible, that complacency is battled and their staff are regularly trained in resisting phishing attempts.’
What you can do to prevent an attack on your business:
If your business needs to improve its network security, Conosco can help. Schedule a free security consultation: Contact Conosco