Several cybersecurity threats are affecting the digital market, but these four are common within the corporate world – and crippling if they affect a company.
Ransomware is a type of malicious software. It is designed to block access to devices and systems until an amount is paid – with hackers literally holding company data at ransom. Once ransomware has infected a device, access to that device is then denied, and the victim is asked for payment to restore access. Unfortunately, once payment is given, the access may not be restored, and companies may lose significant amounts of data, as well as access to vital tools and services, during an attack. Ransomware typically infects devices via phishing, with victims opening emails or accessing files that look trustworthy but that have been engineered to trick users into enabling administrative access. More aggressive forms of ransomware affect devices without phishing, exploiting security holes – such as those left by unpatched software.
The increase of digital technology and usage has seen cyber attackers utilising the internet to obtain knowledge regarding companies vulnerabilities and potential routes for exploitation. Hacking a website is something that can be done relatively quickly, and sites are frequent targets for hackers. They may do this to steal data, with many attacks aiming to search and identify corporate vulnerabilities to obtain access to authentication data. They may also inject code to redirect users to other websites, predominantly phishing pages, or add links that corrupt user devices. An attacker may also do significant damage to a company by defacing their website or using their pages to spread viruses to users and site visitors. This can cause irreparable damage to a company’s reputation, and put their data at significant risk of exploitation.
Email threats have been around for a long time, with the two most common – and prevalent in business – being:
- Phishing: A generalised attack that aims to infiltrate as many users as possible, usually to apply malware or ransomware. Phishing is a common security risk, and they aim to obtain a range of information. This includes company passwords, financial information, and personal data that can be used to exploit a business – or sell to competitors.
- Spear phishing: A specific form of phishing that aims to target individuals within an organisation and obtain certain levels of administrative access and/or data. Spear phishing attacks are becoming more common on a corporate level, with attackers attempting to obtain confidential information via targeted means. The aim is to get a user to enter confidential company information and passwords, and/or provide financial details while making payments for fake software and downloads. This information can then be used for fraudulent activities – and exploit sensitive company information.
Attackers take advantage of vulnerabilities and loopholes in domain name systems (DNS) in domain attacks. DNS is a directory of names that match with IP addresses, which computers and mobile devices use to communicate with each other over the internet. However, they can be exploited to reduce company efficiency, and corrupt corporate websites to cripple operations. Types of DNS attack include:
- Zero Day Attacks: Whereby attackers use previously unknown vulnerabilities in DNS stacks or server software
- Denial of Service: An attack where malicious bots send above-anticipated amounts of traffic to an IP address, ensuring that the target cannot resolve legitimate requests and enquiries
- Fast-Flux Attacks: See attackers swapping DNS records with heightened frequency with the aim of redirecting requests.
- DNS Amplification: An attack that sees DNS servers that permit recursive lookups taken advantage of, allowing attacks to spread to other servers.
There are several things companies can do to protect themselves against modern cybersecurity threats. The first thing to realise is that cybersecurity in a digital age requires a holistic, multi-layers approach that begins with a comprehensive understanding of existing security infrastructure – and how it might be targeted. Vulnerability and penetration testing provide insight into these, but companies can also bolster their security by:
- Ensuring their operating systems are patched and up-to-date, as attackers attempt to exploit loopholes in unpatched and dated software. These updates also need to be applied across all employee devices – including BYOD - to remain effective.
- Installing anti-virus software to detect malicious programs as they arrive, and enable whitelisting software to prevent unauthorised applications from being able to execute.
- Develop clear lines of behaviour surrounding cybersecurity and the processes that need to occur in the event of an attack. Employee education is essential for ongoing corporate security.
- Only providing administrative privileges to people who require it, and make sure that previous employees have privileges revoked once they leave the company.
- Understanding who has access to what at all times with appropriate security management strategies.
- Ensuring that they have backups. Backups are essential for all attacks, and companies should be backing up their files on a regular basis. This will help reduce the impact of a ransomware event.
Get in touch with MOQdigital to find out more about how to improve your corporate security. Our team, in conjunction with Cisco, works hard to ensure that our clients – and their digital investments – are protected. Don’t risk your future to a common threat. Contact us today.
Not quite sure where to start on your security journey?
MOQdigital can help with a free Umbrella Proof of Value.