ny network-connected business is at risk for cyber attacks. With ongoing hacks suffered by gigantic corporations, companies are scrambling to understand the risks involving their computers and networks.
Cyber attacks come in 6 distinct forms divided into 2 categories; each attack requiring a unique approach to protect your business. We’ll cover each of them below.
Social engineered cyber attacks rely on duping the user in order to gain access through their computer. Often the attacker poses as something or someone harmless, encouraging the victim to click a button or answer a question. Your first line of defense for socially engineered attacks is educating your users. A savvy user is a safe user.
Malware is a term applied to malicious programs installed on a PC. Common forms include trojans, worms, or adware. These programs are often designed to siphon data or destroy networks.
HOW TO PREVENT MALWARE FROM INFECTING A NETWORK:
Malware prevention starts with education. Training employees to not click malicious links in emails will help prevent, on average, 18% of malware infestations. The lion’s share of malware is infected remotely, after the attacker has gained access to the system (often via socially engineered attacks).
Keeping your network up-to-date on security patches is also incredibly important. Security vulnerabilities are often patched as soon as they’re discovered, and made available to install very quickly afterwards.
Phishing is an attack that uses social engineering to learn a user’s password or personal data. Often taking the form of an email that appears to be from a trusted source, the user is instructed to enter their password and personal information into a website that captures the information. Usually, this will lead to malware installation. Equifax was recently a victim of this in addition to the massive data breach earlier in the year.
HOW TO PREVENT PHISHING FROM GAINING ACCESS TO A NETWORK:
Educating users to not blindly trust links sent via emails is a great start. If an email suggests action is needed on an account, users should go to the site the usual way and log in through their normal method. Updates pushed out through the central network if you are running VDI also limit your risk potential.
Technical attacks use nothing but the power of a computer to break into your network. As a result, they target your infrastructure: databases, DNS servers, or routers.
3- BRUTE FORCE PASSWORD ATTACKS
Brute Force attacks are where a computer tries every possible combination for a password until it finally finds the right one.
HOW TO PREVENT BRUTE FORCE ATTACKS FROM BEING SUCCESSFUL:
Strong passwords are virtually the only way to slow down brute force attacks. Strong passwords constitute the following: your password is 8 or more characters long, include symbols, numbers, capital and small letters. Limiting the number of password attempts adds another hurdle to would-be hackers.
Regular password changes are also a great prevention method. Most attacks aren’t smart, so they won’t know if it changed during the brute force attacks.
4- DENIAL OF SERVICE (DOS) ATTACKS
DoS attacks disrupt a network by overwhelming the network or servers with high volumes of traffic. Once overwhelmed, all services are disrupted.
HOW DOS ATTACKS CAN BE BLOCKED:
DoS attacks are rare for companies that aren’t Fortune 500 or larger, or have some symbolic power. However, services you use (like Google, or Amazon Web Services), may be targeted because they are highly popular services.
Monitoring traffic spikes and blocking traffic from certain sources is a great way to brace your company for the impact. When attacks are incoming, you can shut down the services that are getting hit until the attackers stop.
5- MAN IN THE MIDDLE (MITM)
This form of attack is the hardest to discover. The attacker pretends to be the destination and copies all the information. They then pass the information onto the real destination. It works both ways, they grab the info on the way back, copy it again, and then send it back to the origin. The entire process is invisible to both destinations.
HOW MITM ATTACKS ARE AVOIDED:
Encryption is the most effective solution. Man in the middle attacks can’t read the packet information in encrypted connections. If the attacker interrupts the message flow, the data is locked so attackers can’t access it.
6- ROGUE SOFTWARE
Rogue software is software that installs itself to do something that wasn’t originally intended. Often, it poses as something beneficial, like security software or a movie player. They are designed to appear as legitimate software programs and are often difficult to detect.
HOW ROGUE SOFTWARE IS BLOCKED:
Firewalls help prevent software from making it through the network and onto a computer. If the software does slip through ( because it’s taken into the system through another entry point that isn’t the network), firewalls can detect the malicious activity before it does any damage.
Firewalls alert the user or the network administrator to the breach and appropriate actions can be taken to purge your system. It’s a tough task because once the program embeds itself into your system, it can spread quickly.
For rogue software that gets past or around your firewall, endpoint protection (such as antivirus software) is the next line of defense. Because of this, some endpoint vendors have added AI to their existing suite. This allows them to monitor what the software does, not just what the files look like when they are downloaded.
A well-rounded network with a suite of security solutions is the best way to mount a defense against malicious users. Education, firewalls, monitoring, password policies, endpoint protection, and patches are the first line of defense. There’s a cost of time, money, and technology to keep your business safe. On the flip side, imagine the cost to your company if you suffer a data breach.