We know that organisations fall victim to cyber-attacks daily. Cyber-attacks can take different forms, from phishing and malware to exploiting vulnerabilities and ransomware. The threats and modus operandi are different, but the one thing they all have in common is that they all represent a significant business risk.
|
Malware
|
Malware refers to various types of malicious software, such as viruses. Malware can allow criminals to force entry into someone else's computers, to take control of your computer, monitor your actions on your computer, and steal data.
Malware may be distributed via phishing emails, where the attacker asks you to download and open a seemingly harmless file or attachment (.docx, .pdf, etc.) that contains malicious code. The malware can then spread quickly to other computers within the same network and organisation.
|
|
Ransomware
|
Ransomware is a specific type of malware that encrypts all your data and makes it inaccessible. When this happens, a sum (ransom) is requested to be paid to decrypt your files (which, in the end, does not always happen).
The most famous versions of ransomware are CryptoLocker and WannaCry.
As with malware, ransomware is often distributed via phishing emails and will spread quickly to other computers.
|
|
Vulnerabilities and unpatched software
|
Outdated date software is one of the main cyber threats to an organisation.
There are two types of vulnerabilities: known and unknown.
- Known vulnerabilities are published on the internet, and there is a good chance that an attacker will know and use them.
- Unknown vulnerabilities, or zero-day vulnerabilities, are less likely to affect your organisation.
Software suppliers periodically provide patches to disable known vulnerabilities. Therefore, patches should be installed as quickly as possible to reduce the risk of cyber incidents.
|
|
Social engineering
|
This is a technique used to mislead and manipulate users to gain access to their computer, credentials, or bank information. Social engineering is a type of psychological manipulation. The attacker will persuade you to undertake several actions or provide information that may seem innocent to you by pretending to be someone else. There are many forms of social engineering:
- phishing emails
- invoice fraud
- CEO fraud
- fake social media profiles.
|
|
Human error
|
Not all security incidents or data leaks are caused by attackers. In reality, many incidents are caused by human error and could have easily been avoided:
- A user accidentally sends information to the wrong person or email address.
- Computers and smartphones are lost or stolen.
- Passwords are written on post-its or shared with other colleagues.
In recent years, human error has represented more than half of the data leaks.
In principle, they are easy to avoid, but the reality is that human behaviour and habits are the most difficult to influence.
|
|
Distributed denial of service (DDoS)
|
If you flood a website with more traffic than it was built for, you will overload the server and make the website unavailable for its intended purpose. This happens when a website, web shop, login page or service becomes the victim of a DDoS attack. The difference between a DoS and a DDoS attack lies in the number of computers that simultaneously perform the attack.
|
The above mentioned are the predominant types of cybercrime and the vulnerabilities that are exploited. These vulnerabilities must be addressed by taking appropriate remediation measures.
In part three, we will look at the practical remediation measures that organisations can put in place to mitigate the above vulnerabilities and reduce the resultant business risk.
For more information on this, please contact your local Moore firm.