You probably know that cyberattacks are on the rise, and that they’re getting more sophisticated all the time. At nearly $1 trillion in earnings a year, the cybercrime business is now at record proportions.
Hackers usually go after confidential data like bank account info, credit card accounts, and social security numbers. If your small business is breached, it will be costly. When the confidential data of your customers is exposed, they’ll just take their business to your competitors. In many cases, this type of damage to your reputation is irreparable.
To stay one step ahead of the hackers, you and your employees must be educated about the different kinds of cyber threats, how to recognize them, and what to do to block them.
Hacker (Black Hat): A black hat is a person who looks for computer security vulnerabilities and exploits them for personal financial gain or other malicious reasons. This differs from “white hats”, who are security specialists that are employed to find security flaws that black hats may exploit.
Attack Vector: This is where hackers gain unauthorized access to a device or a network for nefarious purposes. Attack vectors help hackers exploit the vulnerabilities in your system or network, including your employees.
Ransomware: This is a malware program that infects, locks or takes control of a system and then demands a ransom to reverse it. The hacker encrypts your data and scrambles it so you can’t access it. Ransomware attacks and infects your computer with the intention to extort money from you. It’s installed via a malicious email attachment, an infected software download, and/or when you visit a malicious website or link.
Phishing: Phishing websites lure email recipients and Web users into believing that a spoofed website is legitimate. The hacker’s goal is to acquire private data, such as credit card numbers, personal information, account usernames, and passwords. The phishing victim then discovers that his personal identity and other vital information was stolen and exposed.
Spear Phishing: This is a variation on phishing where hackers send emails to specific, high-value targets, like CEOs. The spear-phishing email appears to come from a trusted source but in reality, helps hackers obtain classified information.
Worm: This is a type of malicious software (malware) that worms its way through your network. It infects your computer and replicates across other computers, leaving copies of itself in the memory of each it infects. Worms often originate from e-mail attachments that appear to be from trusted senders. Then they spread to your contacts via your e-mail account and address book.
Organized Crime (Like “Tony Soprano”): 80% of hackers are affiliated with organized crime. Hacking is a lucrative business for criminals.
Nation States (Russia, North Korea, China, etc.): Nation-state hackers target government institutions, industrial facilities, and businesses in order to interrupt operations and leak confidential information. Hacking can result in massive data and revenue loss.
Hacktivists (Anonymous and Shadow Brokers): Hacktivism is the act of hacking or breaking into a computer system for a politically or socially motivated purpose. Hacktivists organize on the deep/dark web to set up attacks.
Lone Wolves (Intelligent, Financially Driven, Unscrupulous): The majority of people hacking are just individuals who aren’t connected to a hacking network other than chat rooms and online forums.
Malicious Insiders (Disgruntled Employees or Contractors): This is an insider with authorized system access. They have an advantage over external attackers because they have the authority to access your IT and are probably familiar with your network architecture and system policies/procedures. Most organizations focus on external threats and don’t adequately protect their confidential data from insiders.
Hackers Get Into Your Network Via Attack Vectors
An attack vector is a technique by which unauthorized access can be gained to your computing devices or network by hackers. It’s used to assault or exploit your network, computer or device. Attack vectors help unauthorized parties to exploit the vulnerabilities in a system or network, including human elements.
Physical (theft, malicious USB drives, unsecured workstations): Hackers with physical access to servers may extract sensitive data while it’s in use and bypass traditional in-transit and at-rest controls. The can also simply remove a memory card from the server and read its contents on another computer.
Endpoints (remote attacks on vulnerable workstations): Hackers get into computers by convincing employees to click on malicious e-mail attachments, web links, and drive-by downloads.
Mobile Devices: Exploitation of iOS and Android systems. Bluetooth is one of the main security gaps by which hackers get into your phone.
The Cloud: Cloud services like Azure and AWS have become mission-critical for many organizations. Organizations’ administrative credentials for cloud services are of high value to hackers. Attacking an organization’s cloud administrator’s account and leveraging those credentials can lead to greater data exfiltration. This can put your entire organization at risk.
IoT: Internet of Things devices such as security cameras connected to the Internet are vulnerable to hackers. IoT hacking has been extremely successful, resulting in Distributed Denial of Service attacks that cripple infrastructures, systems, and business operations.
Human Attack Vectors: Humans are involved in nearly 100% of all attacks. Negligent employees are the number-one cause of data breaches in small and medium-sized businesses. Careless workers and poor passwords have led to a rise in ransomware attacks and other breaches at small businesses, which cost an average of $1 million per instance.
A cyber kill chain describes what a complex attack looks like in a step-by-step fashion. It shows exactly how malware or a cyberattack makes its way into a system to do damage and accomplish the goals of hackers.
This model of a cyber kill chain is based on a template from the defense company Lockheed Martin. It describes what happens in 7 steps:
Email is the easiest method of delivery in the kill chain. Hackers who use this approach cast a very wide net. Humans are involved in almost all malicious email initiations. Learning to identify fraudulent email is essential for every employee, technical or not.
Always ensure the following to stay safe:
As mentioned earlier, these are self-replicating attacks that spread without human interaction once the first machine is infected on a network. Before the widespread use of networks, computer worms were spread through infected storage media like floppy disks. Today these physical attacks are replaced by virtual ones!
The good news is that worms often use legacy vulnerabilities and can be remedied with active patching and proper endpoint protection. It’s much easier to have your IT provider patch your healthy IT system than it is to bring them in for a messy cleanup!
WannaCry encrypted target data by changing the extensions to wnry, .wcry, .wncry and .wncrypt. The ransomware then spread rapidly, like a worm, exploiting a Windows vulnerability in the Windows Server Message Block (SMB) service which Windows computers use to share files and printers across local networks.
Contact your IT Managed Service Provider for the following:
For more information about hackers, today’s exploits and cybersecurity for your business, call the experts at Nexus IT Consultants at (801) 839-7006 or (435) 659-2533. Or, complete our web form at https://www.nexusitc.net/contact-us/