Businesses, whether large, medium or small-scale, are now reliant on computers and internet technology in almost every aspect of their operations.
Regardless of what the process involved is, may it be web design, the procurement of supplies, storage, delivery, and payments and collections, an enterprise will always have software or two running. The main purpose is to help streamline and organize the business process.
Despite all the benefits a company can garner from using software programs, however, the tools also open the company to high tech threats from external and internal sources.
In fact, the past years brought on massive breaches on major networks like Facebook, Uber, and Wells Fargo, and ransomware attacks like WannaCry.
So, what can businesses do to strengthen their cyber defenses while watching out for the rapidly evolving cyber underworld?
Here are three of the major cybersecurity threats to watch out for this year.
1. Drive-By Downloads
This type of threat involves the introduction of malware from a legitimate website. Just a visit to this site triggers an unintentional download of the program.
This could also be in the form of a pop-up window or an email attachment.
As a result, a code snippet runs in the system and reaches out to another computer to get the rest of the code and the whole program is downloaded.
Thus, malware is accidentally installed in your business’ system. It exploits the vulnerabilities in your OS or in programs like Adobe or Java.
Some malware will just change your browser settings or home page or redirect your searches to another site.
However, some of the drive-by downloads can be connected to botnets that turn your computers into zombies and direct them into more malicious attacks like DDoS.
What you should do: Make sure that your OS and all software are up-to-date. In addition, you can minimize the number of browser add-ons that can be installed on your computers’ browser.
Another way to address this threat is to disable pop-ups and limit access to sites that your business does not actually need to visit.
This is cyber attack designed to steal personal and financial information, contacts, logins, credit card details, and other vital data.
The attacker impersonates a trusted or well-known site. Once you enter your credentials, reply to emails or click on a link, your personal information is sent directly to its source.
This could result in identity theft, financial losses, and even prevent you from accessing your accounts.
These are some of the latest phishing trends:
Attacks through Messaging Apps
Slack, Skype, and Teams are now the usual modes of communications among team members — even with clients.
This also includes Facebook Messenger which is used in sending messages privately. These platforms, though, are not as secure compared to emails with their link scanning.
What you should do: Run an employee awareness program. That way, everyone becomes aware of these tools and the possibility of them being entry points for cyber-attacks.
You could also install and implement a Security Information and Event Management (SIEM) software to identify security threats in your network. Because an SIEM can help you with real-time monitoring, you can prevent your network from falling prey to cyber attacks, or, at the very least, keep the attacks from further causing damage.
Attacks on SaaS Credentials
The attacker impersonates SaaS services that you usually use — Dropbox, Office 365 or Slack.
In some cases, the cybercriminals will send you a message saying that your password is expired, or your account has been logged into suspiciously.
Once your account is compromised, the hacker gains access to all the information, emails, and files of your entire organization.
What you should do: You can leverage multi-factor authentication in all units and accounts of your organization. A SIEM security software or service is your best investment for this.
Shared Files Phishing
Many attackers have now resorted to embedding their shared files with malicious links. They then use trusted sites like DropBox to send these out through emails.
Since the URL of a trusted provider like DropBox does not usually receive deeper scrutiny from email security scans, the malicious link gets to be sent to unknowing recipients.
What you should do: Use a password manager like Password Boss or LastPass. These password managers will prevent you from sharing your password to fake sites.
Business Email Compromise (BEC) Attacks
This form of attack does not include a clickable link. The hacker targets a specific company, usually one that undertakes wire transfers or have foreign suppliers.
Also known as the man-in-the-email attacks, BEC attacks acquire access to a corporate email and defraud employees, business partners or customers of money.
There are several ways that this is done:
- Fake invoicing where a request to change a payees’ information is made, thus, transferring the payment to the attacker’s account
- The attacker requests for emergency payments in the pretext of being one of your executives
- Attackers may also use a compromised account to gain access to personally-identifiable information that can be used in fraudulent activities in the future.
What you should do: Institute a “channel-switching” policy where specific types of communication use predefined communication channels.
For example, a request may be sent via email but replies are sent through Slack, or a phoned-in request can be replied to by an email.
You can also arrange a predetermined response like “Did you ask Admin for this” would be sufficient to thwart a BEC attack.
3. Distributed Denial of Service (DDoS) Attacks
In a DDoS attack, hackers transmit a large volume of traffic or data to a network by using multiple computers until it is overloaded with requests, thus, it can no longer function properly.
Also, be wary of IoT (Internet of Things) Botnets. They are controlled by their C&C (Command and Control).
Hackers usually run their malicious software through them to flood a targeted system.
The main purpose of this kind of attack is to disrupt your operations, to make a “political statement,” or simply as a form of cyber vandalism.
What you should do: To prevent DDoS attacks, it is best to regularly update your software and online security monitoring system, you can install DDoS Protection solutions for this.
Be vigilant in monitoring spikes or unusual traffic and address them as early as you can. A managed SIEM can provide security alerts and analysis on real-time for you.
You should also monitor your network physically.
Ensure that your cabling and server connections are intact since any physical disconnection to the network can cause disruptions in your business’ operations.
If you are truly serious about having a successful online business, then you need to invest in protecting your online assets against cyber attacks.
When you think about how persistent and crafty these online scammers have become, you can’t help but agree that having ample website security measures in place is no longer a luxury for a company — it can now be considered as a need.
If you have questions or suggestions that you’d like to share about helping businesses protect themselves against cybercriminals, feel free to comment below. Cheers!