While people and businesses adapt to the COVID-19 pandemic, cybercriminals wish to profit from this changing of the norms.
As the reliance on the internet increases, the threat of cyberattacks does as well. The Ponemon Institute's 2018 Cost of a Data Breach study for IBM states that the average time it takes to identify a data breach is 196 days.
With the digital arena forever changing, businesses and individuals must be able to recognize ongoing cybersecurity attacks and respond accordingly.
Below are five common cyberattacks hackers use to disrupt businesses.
1. IoT attacks leverage a business's use of internet-connected smart devices to place Malware on a network. This type of cyberattack targets IoT devices because of its weak security patches, making them more vulnerable than the usual laptop or mobile phone.
The total number of IoT connections will reach 83 billion by 2024. (Juniper Research)
The Internet of Things (IoT) has enabled small businesses and their employees a way to focus on more productive goals. Smart devices are becoming more prominent in businesses and homes (remote working). Internet-connected instruments allow for creativity and efficient workflow. These same devices also give cyberhackers an opening because of the strength or lack thereof, of its built-in security patches.
IoT machines differ from one another, so to secure all the different devices, systems and networks will take an all-embracing multilayered cybersecurity strategy and maintenance plan.
But, there are some initial deterrent steps organizations can take:
- Replace and adjust any passwords or security settings.
- Disable or turn off any unused features.
- Use only valid third-party application vendors.
- Limit permission to applications.
- Update the application and firmware of the device.
Protecting your network and routers is also a vital concern.
The following steps will help secure an IoT enabled environment:
- Make sure all internet-connected devices have the proper settings credentials, firmware versions, and applications.
- Follow router Best Practices ( i.e., use WPA2 as your encryption protocol, Turn off WPS.)
- Change the name of your network.
- Make sure your firewall is on.
- Segment private and public access.
- Put your router and IoT devices in a secure location.
2. Malware attacks are any software created to cause harm to a computer, server, or network. Once installed, the Malware can block access to your network, obtain valuable information from the hard drive, or interrupt your entire system making it unusable.
Computer Viruses, Worms, Trojan, Spyware, Malvertising, Ransomware, and other malicious software fall under-the shield of Malware.
Common Types of Malware
Ransomware is a billion-dollar a year cybercriminal industry. Hackers encrypt your hard drive and files (usually via phishing emails), then demand payment often by Bitcoin (because on anonymity) in exchange for the decryption key.
Ransomware prevention consists of scanning all emails, keeping firewalls and endpoints up-to-date, and providing VPNs for users outside the network. Keeping backups and protecting personal information should be of high priority.
Malvertising is the spread of Malware via credible Advertising Networks. Hackers will place an ad with an Advertising Network with the hopes of a user clicking the ad on a malicious website. Sometimes that is all it takes for the Malware to be embedded (drive-by download malvertising). A clicked link on that site is not even necessary for a breach to occur.
Malvertising prevention consists of using ad blockers, patch systems, and a credible antivirus program to increase your business IT Security.
Spyware is a malicious program that tracks and Records your computer or mobile activity. Cybercriminals use spyware to collect personal information and data.
Types of spyware include:
Adware — Forces your browsers to display advertisements while you browse the internet with the hope of installing Malware.
Keystroke Logging — Everything you type into your computer, tablet, or smartphone is tracked, including usernames, passwords, and text messages.
Cookies — While useful for ethical tracking, cookies can be a black hat method. Those with the right knowledge can do evasive actions like recreating your login session. Deleting your cookies should be considered best practices and done often.
Spyware prevention consists of updating your system, device, and browser often. Paying attention to what you download, especially attachments in emails, is a simple way to avoid a costly mistake. Keep clear of pop-up ads and use a reliable anti-virus program.
3. Phishing attacks are one of the oldest forms of social engineering. It deceives the user into downloading an infected attachment or clicking a malicious link through SMS or email.
At least 32% of all data breaches occur from phishing attacks (Verizon's 2019 DBIR). Crafted and targeted digital messages which appear to come from reputable sources are pollinated throughout the internet to steal sensitive data like log in or credit card information.
Phishing attack prevention consists of hovering over links before clicking on them, double-checking an email source, two-factor Authentication, and making sure you have the latest security patches, and updates.
4. A man-in-the-middle attack (MITM) happens when a cyber thief intercepts communications between a device and the network. MITM allows a hacker to appear as a legitimate source while also disturbing, filtering, and stealing data and traffic.
Let's say you receive an email from a business you trust. For some reason or another, they need you to log into your account. You proceed to click the link in the email which takes you to the website of the company.
While this does have a degree of a phishing attack mixed in, the email received and the company website is not from a trusted source. Both come from the man-in-the-middle who created a replica of the company's email campaign and website. When you sign in to the fake website, your login as well as other private information will have been compromised.
3 common MITM attacks include:
Email Hijacking - When a hacker is able to gain control of your email and quietly monitors your activity in order to get access to other accounts for malicious purposes.
IP Spoofing - When hackers mask their IP address to gain entry to unauthorized networks.
DNS Spoofing - When a cybercriminal is able to break into your local network, this is an opportunity to intercept any of your DNS requests and return addresses and point it to the server of the hacker which allows for the theft of private information of you and your customers.
These types of eavesdropping attacks can occur because of an unsecured Wi-Fi or a breached device. Spying, monetary gains, or disruption are all motives that can do extreme damage to a business's livelihood and reputation.
MITM attacks prevention consists of using encryption on access points as well as secure router login credentials. Using a Virtual Private Network will help stop the deciphering of traffic. Using forced https prevents hackers from you using any data they may be looking to steal.
5. Raising employees' cybersecurity awareness is key to identifying, informing, and eliminating cybersecurity threats.
According to the 2019 Verizon DBIR, public sector companies accounted for 79% of all breaches, with 30% of that being human misuse or error.
Human error is a prime reason for most violations. Providing proper training creates shared accountability. As the eyes and ears of your company, employees can give you hints about any malware, viruses, or phishing scams.
Cybersecurity training best practices should include updated and mandatory education for every employee. Topics should cover the different types of security threats, the importance of password security, and how to identify and report cybersecurity warnings. Guidelines on email and internet browsing habits will help with the implementation of protocols.
As we navigate one pandemic, we will have to endure the technology greediness of another one as well. Cybercrime is as big as a threat as it has ever been. As industries extend their networks and remote work increases, business IT support and protection from cyber-attacks should be a top priority.
Network Connections offers a Free Consultation that will reveal your strengths and opportunities in addition to your weaknesses and threats to your current information technology system. Please contact us or call 586.948.0030 to see how our IT solutions will secure and scale your business.