What are the threats and what can I do about them?
This article aims to highlight some of the different threats and some of the actions business can take to reduce the risk.
There are a variety of different threats to business that need to be considered when reviewing your cyber security process. The most common source of threats, which we will discuss further in this article, are Insider, DOS, D DOS and Malware.
Businesses know that they should protect the information that they hold but as the threats become more and more advanced business need to develop their security at the same pace. Most businesses don’t do anything until it is too late or fail to ensure with any bespoke software that security is a crucial part of the design work.
Statistics announced recently make some shocking reading, whether it is in terms of the abundance of breaches (74% of SMEs suffering breaches) or that the average cyber-attack lasts for 31 hours with the knock on effects lasting for months.
Different types of threats to business
Insider
Insider attack is when an individual accesses information/systems from within the company firewall. This could be disgruntled staff, untrained staff or even an individual impersonating a member of staff to gain access to the server room or network points.
If you think about it your staff have access to the most valuable of companies’ assets, your client data, company details and even passwords to access the system remotely.
The best way to protect your organisation from insider attacks is to have privilege rights set up. This allows you to restrict what information staff have access to and what they can do in the system. Some companies only allow certain staff to load or save certain file types. This will help reduce the risk of an internal attack from a member of staff. It is also crucial to train your staff how to spot potential risks. Without this ongoing training, it is almost impossible to create the culture required to improve cyber security.
The training itself must also be sufficient. A significant amount of the training that companies provide tends to focus upon what employees should do and the consequences of not complying. What also needs to be properly explained are the reasons as to why the training is so crucial.
It is also crucial to ensure anybody on site has the correct clearances and is accompanied by a member of staff. Recently we heard about a case where a penetration testing organisation went to the next level and tried to access the client’s server room. They were able to gain access to the building by knowing a few key names, available from the company website or LinkedIn, and accessed the whole building without being questioned. They accessed the sever room and were able to access the network. If this had been a malicious individual they could have done untold damage to the company. Again, training staff to be aware that visitors should not be able to access the full company system and setting up security measures for the server rooms is an easy step to take. You can ensure that the server room is always locked and only key staff have access. It is also possible to set up a log on check to ensure computers have the correct authentication to access the network, if not they are pushed to the visitor section with dramatically reduced rights. Files in the visitor section should be held on a different server from your main company data, therefore reducing the risk of contamination.
DOS – Denial of Service
This type of attack has been published recently throughout various news outlets. There is no need for a hacker and no need for them to send any malware to your organization. All they are doing is sending so much data at the service you are providing, normally an online service or shop, to a point where the service can no longer operate. The result is that real customers cannot access the service your organisation is promoting. Competitors could use this to their advantage by stealing potential customers or devaluing your reputation in the market.
DDOS
DDOS attacks are normally done through a group of infected computers, often the owners of these computers won’t know that their system is being used for such an attack. It follows the same process as a DOS attack by sending mass data to your service but this is harder to defend against and also harder to trace due to the amount of different computers used. What is more worrying is the fact that hackers are advertising the cost of a DDOS attack and it is surprisingly low!
* The price for 1 hour or DDoS attack is $5
* The price for 24 hours of DDoS attack is $40
* The price for 1 week of persistent DDoS attack is $260
* The price for 1 month of persistent DDoS attack is $900
Malware
Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. Most forms of malware require somebody inside the organization to do something e.g. click on a link in an email. One of the most recent types of attacks is Ransomware. This is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. This has become more popular with many saying
they had no option to pay the ransom to get their files back. More and more business are being targeted by ransomware as without many of the files or data the company would struggle to trade making payment more likely.
Most people know that Malware can be sent via email right? How many of us have been to an exhibition and received a free gift of a pen drive? You get back to the office and plug it in but have you ever thought what might be on the pen drive before you plug it in?
Conclusion
The easiest way to protect against malware is :
- training your staff to spot warning signs
- remove administration privileges from user accounts