Businesses of all sizes face a wide variety of cyber security threats, ranging from seemingly innocuous incursions like spam to highly targeted email attacks that can create major breaches of sensitive or confidential information.
The first step in securing your information is to know what the threats are that you’re up against. The following are 13 key cyber security threats everyone responsible for securing their information technology should be aware of...
One of the more common recent examples of ransomware is the CryptoLocker malware that encrypts victims’ files and then demands ransom to decrypt them. Victims who choose not to pay the ransom within a short period of time will have their files remain encrypted permanently. CryptoLocker typically extorts a few hundred dollars per incident and is normally delivered through email with a PDF or .zip file disguised as a shipping invoice or some other business document. Again, although a type of threat the real exposure here is the ransomware itself – it’s the end user clicking on something they shouldn’t have.
2. Phishing Emails
Phishing emails are comparatively unfocused email messages that are designed to get sensitive information from users such as login credentials, credit card information, Social Security numbers and other valuable pieces of information. Phishing emails look to be from trustworthy sources like banks and credit card companies with which potential victims already have established relationships. Phishing attempts these days are so sophisticated that they now use corporate logos and themes designed to fool even the most educated victims into believing that the phishing emails are real.
3. Spearphishing Emails
A spearphishing email is a targeted phishing attack that is generally directed at a small group of potential victims such as the senior leadership within a company. Spearphishing emails are generally quite focused, reflecting the fact that a cybercriminal has studied his or her target and has crafted a message that is designed to have a high degree of believability and a potentially high open rate. One of the reasons this is becoming more and more effective is that potential victims provide cybercriminals with the information they need to craft believable messages simply by scouring their Facebook, Twitter, and LinkedIn accounts which is then incorporated into the spearphishing emails.
4. Unsecured Remote Users Accessing Corporate Resources
Employees, contractors and others who remotely access resources on a company network, are another key source of threats. An unprotected user accessing a corporate asset, such as Outlook Web Access that is not accessed via a VPN or an infected laptop connected to the corporate network is a serious threat. This is becoming more and more of a serious threat for most businesses as more and more business employ BYOD devices.
5. Employee Errors
Human error is one of the biggest entry points causing computer chaos. Most of the time, it’s the employees who have installed malware or compromised code on their computers without even knowing it. This occurs when they install some sort of shareware, update, ActiveX control, or any other sort of application that are intended to address some perceived need. Scareware is a particularly dangerous form of malware because it preys on users who are attempting to do the right thing – to protect their platforms from viruses or malware. Even the most experienced of users can be fooled by a well-designed scareware message.
6. Consumer Grade File Sync and Share Tools
Closely related to the concept of remote access, is the growing use of consumer file sync and share tools like Dropbox, Microsoft OneDrive and Google Drive. These tools are commonly used by employees to make their files available on all of their desktop, laptop and mobile platforms for remote access when away from the office. For any IT or security conscious professional, this is complete no-no.
These tools are meant for individuals to access their own personal files across various devices, not for staff to share corporate information. While these tools are useful (in the appropriate setting), they represent a huge security gap! Can you say "data leakage"?
For example, an employee who accesses his corporate files on a home computer may not have the latest anti-virus updates there. Or may not be properly secured behind the appropriate firewall solutions.So, when the files are synced back to the employee’s desktop, malware can easily infect the network. In addition, more often than not the access to these files is not controlled by any sort of security mechanisms. This is what allows for the significant potential of data leakage.
Malicious internet advertising is intended to distribute malware through advertising impressions on Web sites. Malvertising has become a big problem. A study by RiskIQ for the period January to September 2013 found that 42% of malvertising is carried out by drive-by exploits that did not require interaction by end users (58% of malvertising involves users clicking on malicious advertisements).
8. Keylogger Software
Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program. A keylogger can be either software or hardware.
While the programs themselves are legal (with many of them being designed to allow employers to oversee the use of their computers), keyloggers are most often used for the purpose of stealing passwords and other confidential information. We've seen keyloggers used to impersonate staff, coopting their online personalities to engage in corporate theft.
9. Mobile Malware
The growing use of smartphones and tablets, particularly fueled by BYOD, is increasingly being exploited by cyber-criminals. Alcatel-Lucent found that 16 million mobile devices were infected with malware during 2014 with the vast majority of infections happening on Android devices.
10. Mobile Copycat Applications
Within the Android platform, many developers distribute their mobile apps through vendor and third party stores that offer varying levels of security, much of it inadequate. The Apple app store is a highly secure operation and requires developers satisfy rigorous standards before their apps can be offered. However, Android standards are significantly less stringent and create the opportunity for serious security risks. The result is that many third-party app stores are susceptible to a number of security and related problems like the distribution of copycat apps and malware distribution.
11. Compromised Search Engine Queries
Valid search engine queries can be hijacked by cyber-criminals to distribute malware. This form of attack relies on poisoning search queries, resulting in the display of malware-laden sites during Web searches. Search engine poisoning is particularly effective for highly popular search terms such as information on celebrities and current events.
This is a form of specialized cyberattack in which cyber-criminals use a number of techniques in an attempt to breach a company’s defenses. An example of a successful hacking attack is the recent incursion against Sony Pictures that may have been carried out by an operation of the North Korean government.
13. Gullible Users
Users represent THE number one security exposure – mostly due to a combination of specific personality types and inadequate training. Research findings strongly suggest that people who overshare on Facebook or Twitter for example are more likely to become victims of phishing scams and other online fraud than those who are more introverted, share less or who don’t have social media accounts. Another study found that users in the younger age spectrum (ie: 18 - 25) are more likely to fall for phishing scams than their older counterparts.
Similar to how there are so many different attack vectors, your response to cyber security needs to be multi-faceted as well. This is why for of our clients we manage, we start with the FPA Stack at the core and add on other additional layers of protection in the form of Managed Security for our clients - things like user awareness training, dual factor authentication, security incident & event monitoring, and encryption.
There is no one size fits all solution to cyber security, but at the same time it does come down to one thing – your approach. If you understand that these threats do exist and you act appropriately – ie: you implement the correct anti-virus, firewalls, policies, and procedures; you implement a rigorous training program; you implement the appropriate management approach to your computing resources - you can navigate these waters safely and securely.
It’s all about being well informed and managing the appropriate risk with the appropriate safeguards. Implement the right approach and your business should be well protected.
Hopefully this info's been helpful. Let us know in the Comment box below or shoot me an email if you’d like to chat about cyber security in more detail.
Here's to a safe and secure National Cyber Security Awareness Month!