The modern business is drenched in technology – and that’s a good thing. The advent of cloud technology in particular has democratised many high-tech business processes that were once the sole reserve of the large corporation with a large budget.
These days, almost everything is Internet-enabled, and departments within companies are using cloud services, software and applications that other parts of their business might not even be aware of.From the smallest SME to the largest global enterprise, this heady mix of human beings, business processes and technology brings with it concerns.
As brilliantly convenient and computerised as the business world has become, this profusion of devices and data brings with it risks. The news headlines say it all, with regular stories about hackers stealing important company information, holding banks to ransom or trying to bring down IT systems.
Cyber attacks are on the rise. Cyber criminals are armed with sophisticated digital weapons and huge determination. From criminal gangs, politically motivated hackers to the maliciously-minded individual, they all have the ability to cause huge damage.
These are the cybercriminals and they want to exploit you and your business for all they can.
So what are the cyber threats we should be aware of?
Let’s start with some of the most common threats. The Denial of Service (Dos), and in particular Distributed Denial of Service (DDoS) attacks, have been growing in prevalence year by year.
DoS attack isn’t always used to extort or steal cash or information directly. A company or individual who comes under such attack will however suffer financial damage, and its users a reduction in service. The result is loss of revenue and reputation.
The DoS attack is carried out by an individual who uses a single Internet connection to either exploit a software vulnerability or flood a target with a high volume of fake requests in an attempt to exhaust server resources so that normal service is denied (hence the name).
The service might be a network service, such as a company email, which will experience a temporary outage during the attack. In other occurrences, a DoS attack may also seek to destroy files in computer systems. But by far the most common form of DoS attack is when more traffic is sent to a network address than it can handle, rendering it inoperative.
The purpose of these attacks may stem from business rivalry, some sort of hacktivism by groups who have a grievance with the company or a particular political view, or for straightforward extortion purposes – the business may receive a ransom note explaining that the attack will only cease if a certain sum of money is paid.
Distributed Denial of Service or DDoS attacks are slightly different. They tend to be much more devastating because they are designed to take a service down rather than effect a ransom payment. These attacks are launched from multiple connected devices that are distributed across the Internet, as opposed to using just a single Internet connection, as in a DoS attack.
DDoS attacks are often described as ‘brute force’ attacks. This is because they are essentially heavy barrages conducted by many people using many devices, and are generally much more difficult to defend against or deflect than a single-source DoS attack. The multiple devices that DDoS attackers use will not all be owned by them – rather they will infiltrate other people’s devices (often via phishing scams, which either contain a malware attachment or lure the victim to a website where the malware will be uploaded) and use these to launch the attack.
A computer that is under the control of a third party intruder is known as a bot or a zombie. When there are a group of co-opted computers all launching attacks, this is known as a zombie army or botnet. According to TechTarget, “both Kaspersky Labs and Symantec have identified botnets – not spam, viruses, or worms – as the biggest threat to Internet security.”
Described by Trend Micro as one of the biggest threats of 2016, Ransomware is a special kind of malware designed to essentially kidnap a victim’s data, encrypt it, and then demand payment – often in Bitcoin – for the decryption key.
Ransomware can spread through email attachments, or otherwise can be contained in apps downloaded from app stores, or found on compromised websites, or malicious websites that have been set up specifically to deploy ransomware to unsuspecting visitors.
Sometimes referred to as a cryptotrojan, cryptovirus or cryptoworm, a ransomware program on a victim’s computer or mobile device can be devastating, often leaving the victim with no choice but to cough up the ransom.
In some cases, the victim will receive a message saying that their data will be completely erased forever if they don’t pay up. Other times, if the information is more sensitive, the attacker may threaten to release it on the internet.
The many forms of phishing
One of the most basic cyber threats is from phishing. This is a multi-faceted threat and can affect an individual but also be a means to get into a whole network. For as long as there have been emails there has been phishing. As such, in many ways phishing could be considered a rather ‘old-school’ hack method compared to the more sophisticated attack methods above, but it’s still a firm favorite amongst cybercriminals. And the reason is simple – it’s easy.
Your business network may well be equipped with anti-malware, spyware and virus defenses, which make things difficult and time-consuming for a cybercriminal trying to remotely break into a computer and begin causing havoc.
But with phishing, the criminal lures the victim into a false sense of security and manages to extract sensitive information manually. Usually, a phishing scam arrives via email, instant message (IM), or via another communication channel such as a social network. The attacker poses as a reputable entity – such as a bank, for instance – and attempts to glean vital information about the victim’s account and login details.
Phishing is still popular. The IRS warned consumers of a 400% spike in phishing attacks during the 2016 US tax season, and in the UK phishing fraud victims rose by 21% in a year, with £174.4 million being stolen from consumers.
Rootkit is the silent assassin of cyber attacks. It is essentially a collection of software that masks its existence but compromises the whole operating system allowing viruses and malware to hide in ‘plain sight’. It can be sitting there for months or even years, quietly accessing and stealing business-critical information.
Zero day vulnerability
A zero-day vulnerability is a security hole in software that is unknown to those who made it or to anti-virus vendors. There is no fix and generally no antivirus signature to detect it. Hackers exploit this by getting through the hole in the software and planting a virus or other malware. As more software is created, zero day exploits are becoming more commonplace because of the market for them from cyber criminals and intelligence agencies.
Man in the Middle
And finally, the Man in the Middle (MTM) involves someone or something impersonating the endpoints in your information exchange, such as the connection from your smartphone to a website, to obtain information being transmitted between two parties.
These are just some of the many cyber security threats that are prevalent today and are compromising the security and privacy of businesses worldwide. Vigilance and education are the key to protecting your business as we transmit more data and carry out more transactions online.
Here are some measures to consider:
- Educate your employees about the threats and how to avoid them
- Keep your software updated
- Install firewalls
- Carry out regular penetration testing to spot vulnerabilities
- Monitor traffic on your network to spot inconsistencies
- Invest in and/or regularly update your threat protection solutions
Make sure your systems and data are protected by investing in the right security solution and above all, remain vigilant.
Please get in touch to find out more about how we can offer you protection against some of the biggest cybersecurity threats to your organisation today.