Cyber criminals have many means to attack your network and make life miserable for businesses. When this topic is discussed, there are a lot of terms that may sound as nefarious as their actual purpose. This blog will review what these attacks actually are and what is most common.
In a report published by McAfee earlier this year, it was determined that the following means of attack defined the total percentage of all:
Browser – 36%
The most common of all attacks usually try and trick users to click on something that looks like a software download. This can either directly download malware, or it can target vulnerabilities within the operating system.
Brute Force – 19%
This is a targeted attack that tries to crack your password codes. By using large computing resources, attackers can try and crack your code with a tremendous amount of guesses. This is why so many web platforms are demanding such diverse passwords these days.
Denial of Service – 16%
A Denial of Service attack or Directed Denial of Service attack (DDOS), is when an outside entity takes control large amounts of computing resources (often hijacked) and floods the victim’s network crashing their systems. Companies have various tools and software to help mitigate these attacks.
SSL – 11%
Secure Sockets Layer (SSL) is a link that gets established between a website and a browser/mail system, it enables safe delivery of information. SSL attacks intercepts this data and delivers it back to the attacker. Valuable data such as credit card information is often the target.
Scan – 3%
Scans are hostile searches that exploit vulnerabilities on open ports within a network. These are not traditionally an attack, but more of a way to infiltrate the network, gather information and set up a future attack.
DNS – 3%
Domain Name Server Spoofing is when foreign data enters a domains cache and tricks it to return it’s requests to the wrong IP address – normally a computer accessible by the hacker. They can then direct imitation websites to appear where users can be subject to malicious data. Most small businesses do not address this as they do not realise that the threat is present.
Backdoor – 3%
These attacks are facilitated by applications that allow the computer to be accessed remotely.
Everything Else – 9%
Ransomware or Cryptoware is another subject that has been making headlines. This is when a foreign entity can take over, or shut down your network. They can then hold you ransom, asking you to pay them with untraceable Bitcoins before they relieve you of the pain. For smaller businesses, the ransom is usually more attractive than trying to determine another solution because they have no protection set-up to deal with such a thing.
These attacks are generally elaborate, can be delivered by multiple means. Email is the most common delivery mechanism, where users are tricked into sending valuable info or to open something they shouldn’t (like a malicious Zip File). There are also websites that are either malicious, or have been hacked, that will provide a means for the ransomware to be injected. Because these computers are networked, as soon as it is in, it can infect much more including the file servers.
There are many ways to protect your business from attacks. The following practices outline ways that your employees can help protect the network:
|FlexIT is an IT Consulting firm that specializes in System engineering and management. We work with our clients to lock down their data and keep intruders out. Every organization has different needs, we help match technology to yours. To lean more about our security solutions, visit: http://theflexit.com/managed-firewall-security-services/|