Major Cybersecurity Threats That Could Affect Your Business
Would your business be able to handle a cybersecurity breach? Many business owners and managers make the assumption that they’d be fine, but the truth is that a network breach could ultimately cost a company everything, especially if the business is small. Because hackers assume (often rightfully) that small businesses are easy targets due to lack of security, these same small businesses are the target in a staggering 43% of all hacks! Meanwhile, fewer than half of all businesses are actually equipped to handle a network infiltration.
While at BrickHouse Security we offer cybersecurity services to ensure our clients’ business networks are safe and secure, we believe education is an equally important part of ongoing security. It’s essential for business owners to know the types of threats that could affect them. The list below is always expanding, so please save this page for your own and your employees’ continuing education about the most common cybersecurity threats.
Cybersecurity Threats: Table of Contents
First Things First: What is Cybersecurity?
Cybersecurity is a buzz topic found across the internet and every field of business. All businesses have heard about the necessity for it and have been provided with multiple solutions to these ‘unknown threats’...but what IS cybersecurity? The official definition according to Dictionary.com is “precautions taken to guard against crime that involves the Internet, especially unauthorized access to computer systems and data connected to the Internet.”
This then begs a few questions. What are these crimes, how can they affect my company and what should I do to protect my business and my customers? The process of building a cybersecurity plan and having the confidence that you are doing enough can seem overwhelming, leaving you unsure which is scarier: 1) the security threats themselves, or 2) the thought of needing to guard against the attacks themselves. BrickHouse Security is here to help you navigate this intimidating, yet vitally important topic.
A Few Cybersecurity Basics to Keep in Mind
Start even the smallest company with good habits by setting a good precedent early
As you grow, how do you define when you are ‘big enough’ to be tempting prey? (You can’t)
Once you’ve been attacked it is already too late. Damage to data and reputation to clients and business partners.
Crimes of opportunity. You might not think anyone cares about what your company has stored, but if it’s easily accessible, why would they not take it?
Inadvertent attacks. Unknowing clients and employees spread havoc and large amounts of damage without malicious intent.
What are Botnets?
Cyber attackers looking to spread spam and malware far and wide have become very clever. They have stepped away from the idea of one person behind one computer and instead use an army of zombies to cast a wider net, attacking multiple targets at once. This may seem like the plot of the next sci-fi film, but this is exactly how botnets operate.
One centralized operator gains access to your computer through malware and spam, embedding ‘zombie code’, which operates according to the directions of the originating computer, spreading havoc far and wide. Not only is your computer infested, it then becomes a threat to every other computer on your business network and client you interact with digitally. The code is designed to spread via emails or other avenues as simple as a USB flash drive plugged into your computer and moved to another one.
Once this network of computers operating as a hive mind starts to grow, it becomes a very powerful tool in the hands of a hacker. Criminals use botnets to access information and steal data on each zombie computer, perform DDoS attacks designed to shut down entire servers and websites or send spam mail through your email accounts to entice contacts to open infested attachments.
Botnets don’t necessarily take control of your computer in any way that you can see on your screen and you still may be able to operate some functions as normal as the zombie code operates in the background. Often times the biggest symptoms of a botnet attack will be slowing of your computer, freezing applications and systems, and frequent reboots and shut downs. Guard against such threats with up-to-date antivirus and antimalware programs and avoid plugging in external devices from unprotected or unknown sources, which could be carrying these devious bits of code.
What are Brute Force Attacks?
Slow and steady wins the race. This is the principle behind brute force attacks. They use time, probability and the predictability of humans to crack passwords and other security measures. Let’s be honest, we have all been annoyed by sites that ask you to create a password that is unique from any others used before, contain an uppercase and lowercase letter, a number, a symbol and a hieroglyph while typing with one hand tied behind your back. While sometimes cumbersome and slightly irritating, these efforts are incredibly important in protecting against these sorts of attacks.
The tactic behind brute force attacks is fairly simple: creating a program to try as many combinations as possible until the correct password, security key, or pin code is achieved. Sometimes this means trying every word in the dictionary, using a database of the most commonly used passwords (I’m looking at you, Mr. “Password123”) or harvesting the personal information of you and your employees and manipulating it to find birthday-, address- or name-based passwords.
There are several ways to protect your business information from such attacks. Require complex passwords that cannot be repeated when resetting and require password resets at regular intervals. While sometimes a mild frustration for employees, these precautions make it infinitely harder for ‘slow and steady’ to work when the bot has to start the process from scratch every few months with large amounts of variables to sort through. Limit the number of attempts at a password before access is denied, pending further review or within a certain period of time. The law of probability is greatly challenged when a bot is allowed only 3 attempts versus unlimited attempts to find the correct combination. Lastly, educate employees on the importance of choosing unique passwords not based on personal information or favorite patterns they may have used elsewhere. Criminal minds are smart. They realize that weak security on an employees home computer may lead to the discovery of a duplicated password at work.
What are DDoS Attacks, or Distributed Denial-of-Service Attacks?
Not all malicious internet activity is designed to gather information or spread viruses from device to device. Oftentimes it is as simple as disrupting or interrupting a server’s ability to function. This is what a Distributed Denial-of-Service (or DDoS) attack is designed to do. When someone wants to visit your website they type in your URL, which is your ‘www.YourCompanyName.com’ web address. Their computer is then requesting access from the server on which your website is run. Your server looks at the request and decides if they have all the right permissions to access your website and then either shows them your site or an error code, telling them why they aren’t allowed.
In a DDoS attack a main controlling computer sends signals out to zombie computers (computers that unknowingly store programs that can be controlled remotely by the main controller) and floods your server with requests to access the website. Your server is designed to be able to handle a certain amount of requests at once. Once that amount is exceeded the server either slows down or shuts down completely, denying access for legitimate customers attempting to access your site and all other sites stored on that server. Because of the wide net of attacking computers distributed across the world this becomes both an effective bombardment tactic and one that is very hard to trace the source.
When starting your business you will often need to begin by purchasing server space or using a service to house your website platform. In these cases, attacks designed to take out other companies stored on the same servers as yours will result in your website being collateral damage. Luckily large platform providers are used to these sorts of attacks happening often and have large teams designed to detect, identify, stop, or rectify them quickly, resulting in little to no interruption of service. When you are operating your own servers you regain a lot of the control back, but the responsibility of protecting your information and systems from DDoS attacks and other threats falls solely on you and your technology team.
What is Hacking?
This is a term you have undoubtedly heard before, but defining such a seemingly broad term can be difficult. Hacking is the unauthorized gaining of access to your business’s data and electronic devices. While there are many types of attacks, hacking usually implies direct intent. One person or a group of people deliberately trying to hijack servers, computers, WiFi networks, databases, personal information, financial information, client information...the list goes on. Hackers often use a lot of the tactics listed here as tools to achieve their end goal of harnessing access and information.
The best way to safeguard against hackers is to put smart cyber security policies in place. Password protect all possible information and require employees to use hard-to-crack passwords and pins. Remove access for all former employees immediately after their departure from the company. They may have left their passwords somewhere accessible and simply forget about them once they are gone from the company. Disgruntled former employees can also pose a large security threat. Install trustworthy antivirus and antimalware software and keep it up to date! These sorts of programs have frequent updates to deal with newer threats created by increasingly devious hackers and patch up possible weak links in previous versions of the software that hackers might have found they were able to exploit. Never consider your antivirus software as a set-it-and-forget-it product.
Some companies have found how to use hackers to their own advantage. So called white-hat hackers can be hired to hack your system in a controlled manner. Unlike malicious hackers, their purpose is to expose any and all weaknesses in your system that malicious hackers might exploit. Sometimes it takes a ‘criminal mind’ to defeat a criminal mind.
What are Honey Pots?
In the war against increasingly clever and ever-evolving threats to your business and the customer information that has been entrusted to you, sometimes it is easier to catch a fly with honey than with vinegar. This is where honey pots come in to play. The best defense is often a strong offense and that is why cyber security researchers set up baited decoys to study and entrap would-be hackers.
Hackers and cyber terrorists are looking for an easy win. They would love to find easily exploited flaws in your system, easy ways to install backdoors for revolving door access to equipment and information, large pools of credit card data, personal information, or proprietary business information which can all be sold to the highest bidder, available for the taking. Honey pots are designed to look like easy prey. They are seemingly vulnerable networks and databases teeming with juicy tidbits just waiting to be snatched up. In reality, these are hardened servers and databases with false information with no actual consumers accessing them, meaning that any attempts to access them are easily identified as threats. Oftentimes these banks of information are like holograms and don’t actually exist in a physical form anywhere so if they are breached the attackers can be dealt with, their attempts can be studied for prevention techniques and they can be quickly put back up into operation, ready to catch the next would-be threat.
These types of programs take a lot of expertise to create and run successfully on a consistent basis and therefore can be rather expensive to run for a small business. When you are purchasing server space on a larger platform that is responsible for millions of websites, honey pots become an expense worth taking on to stop threats before they occur, helping you stay one step ahead. As a small business owner it is important to know that there are lots of tactics in place to not just shield against incoming attacks, but to predict, seek out and eliminate threats before they even have a chance to become viable.
What is Malware?
In the simplest of terms, malware is a combination of the words ‘malicious’ and ‘software’, meaning it is a program or coding that can be put onto a computer, phone, server, storage device, or just about any electronic device for the purposes of doing harm. The harm it is trying to cause varies wildly from one situation to another. Attempts at gathering payment and credit card information gathered by your business are a big draw to hackers. Personal information such as phone numbers, addresses, email addresses, and social security numbers are all useful in spreading more havoc and attempting identity theft. Proprietary business information and confidential data can be sold to your competitors, losing you your edge in your market or field. Access can be gained to your networks, servers, and equipment, allowing threats access to your clients via the spreading viruses or even shutting down of the operations of your company. Important files can be corrupted or even deleted, losing years of stored information if it was not previously backed-up on an external source.
Malware comes in lots of different forms. Viruses are designed to spread easily from place to place, infecting not just one device on your network, but quickly taking out large chunks of your business and possibly spread to clients or partner companies. Worms are stored in the memory of a device and slow down or disable operations. Trojan horses allow constant backdoor access for nefarious activities. Spyware sits in the background silently and collects important information like passwords, pins, codes, and any personal, business, or client information that gets typed in. Adware creates pop-ups warning you about bogus threats to your security or imminent danger to your systems, attempting to get you to download even more deadly malware.
The best way to safeguard your company and all of the information that you are entrusted with by clients and business partners is to install and regularly update trustworthy antivirus and antimalware software on all company devices. Don’t be fooled into thinking that one download of these protection software safeguards will protect your company for life. Just as the threats and techniques of hackers and cyber terrorists are constantly evolving, so must your defenses.
What is Phishing?
Most of the electronic criminality that we have discussed so far relies heavily on hidden code and software to manipulate your business systems to get their end result. Cyber pirates have learned, however, that if they are clever enough, you and your employees will simply hand them all the information they could ever want! Who would do that? Millions of people do this every single day without even realizing it.
All it takes for unsuspecting employees to give over vital information is a convincing enough copy of a familiar email, website, or text message, often employing scare tactics along with them. These hackers have gotten really good at creating messages warning that some horrible thing will happen if you don’t act now! “There is a virus attacking your computer! Save yourself and download this software to protect it now!” Once permission is given, the ‘protecting’ software they’ve insisted on is actually the virus itself. “Your account has been compromised! Click here to confirm your information!” You input your actual login information to ‘confirm’ it and BINGO! They have just been handed your keys to log on to the real site. “Your subscription has expired! Enter your credit card information to avoid interruption of service.” Tada! They have your credit card information.
How are such attacks to be avoided? Educate your staff to THINK BEFORE THEY CLICK! Most email providers offer a spam filter that sorts out a lot of the more common and bigger threats. If you have any doubt about a message sent to you, verify it first. Instead of clicking on a link to verify your information, open up a browser and navigate directly to the website you usually access for that service and see if it’s giving you the same error or warning. If it’s not, report it! All companies want to know if their transmissions are being maliciously duplicated to ensure that their real messages are trustworthy. If the message specifically references the company you work for, mention it to your technology team. They will want to know if company information is being targeted. Lastly, never open attachments from untrusted sources and make sure that your installed antivirus software scans all attachments before they are allowed to be opened on a company device.
What is Ransomware?
Viruses come in all forms and one of the particularly evil ones is ransomware. These are bits of code or software that infect your computer or parts of your business servers and hijack partial or total control of operations or data. Then you are told that you will not be allowed to retrieve data or regain access to the operation of your computer unless you do some sort of task first, usually to pay them money.
These scare tactics work on a lot of people and not only provide hackers with the requested funds, but also the credit card information that was entered to pay them. Once paid they have absolutely no incentive to release the control or information back to you. Instead, they often keep insisting on more and more.
If you or your employees ever encounter ransomware, NEVER pay them! Despite their assurances, this will not resolve the issue and will usually just make the situation worse. Instead, find a trained electronic security specialist who is able to work towards removing this malicious software. Unfortunately, in the process of removing ransomware, files will become corrupted or deleted altogether and are irretrievable. This is another reason why all information should be backed up regularly to an external source such as an external harddrive or cloud storage. If ransomware or other malware strikes and infected files have to be deleted they can be retrieved from the most recent undamaged back-up and restored to the computer with minimal information lost. Files that have not been backed up in one or multiple ways will often be lost forever.
What is Spam?
Whatever your opinion is of the meat product, electronic spam is annoying at best, and at worst, poses a security threat for you and your company. Spam is the term given to electronic messages which are sent in large quantities, overwhelming day-to-day operations and often spreading malware, ransomware, trojan horses, spyware and more.
As cyber security advances to protect us against these threats, cyber criminals modify their tactics, becoming more wily. Most email providers offer a spam filter, which sorts out a large bulk of threatening emails, but vigilance is still important because even the best filters can’t eliminate everything. Never click on an attachment unless you know for a fact that it is from a trusted source and that your antivirus software is up-to-date and able to scan all attachments before allowing them to be opened.
Electronic communications have evolved over the years and spam has followed them to each new platform. You are a rather lucky person if you have not received any form of spam text messages or robocalls, which are all newer versions of that old friend spam. Beyond being annoying, these messages often carry malware designed to steal information, corrupt data or shut down operations. Vigilance and up-to-date antivirus and antimalware software goes a very long way towards avoiding these common threats.
What is Spyware?
When things start functioning differently it is easy to tell that something is wrong with your computer or smart device. Not all viruses are quite as obvious, however. Spyware is malware that is designed to stay hidden and undetected, surreptitiously collecting your information. Commonly this type of software tracks any keystrokes typed into your computer, providing the operator of the spyware with usernames, passwords, pin codes, a list of websites visited by you and your employees, lists of applications your company uses and downloads, and security settings.
Once this information is obtained it can be used against you to not only gain access to password protected programs, but to see which systems are most vital to the operations of your business and thus most worth a hacker to target. This also becomes an easy way for cyber criminals to survey your electronic security practices and find weaknesses and easily exploited back doors into your system.
Robust antivirus and antispyware software is crucial to detecting existing hidden threats and preventing new ones from entering your business environment. Make sure that this sort of software is updated as frequently as patches are offered because an out-of-date antimalware program can be even more dangerous than no software at all, for the false sense of security that it provides.
What are Trojan Horses?
Those who do not learn from history are doomed to repeat it and modern cyber attackers have read up on their Greek history. In the classic tale of the Trojan War, the Greeks were frustrated and weary from a 10-year siege against the city of Troy. Cleverly, they constructed a gigantic horse and hid elite forces inside it and sailed away. The Trojans, thinking they had finally won, brought their new victory trophy into the city. That night the Greek forces emerged from the horse and opened up the gates from the rest of the Greek troops who had secretly returned, finally defeating the Trojans and ending the war.
This is precisely what the modern electronic trojan horses accomplish. Hackers present you with what seems to be a legitimate and useful piece of software, but there is a secret hidden inside. Once this program is downloaded or installed it opens up a gateway for all sorts of nefarious activity, including deleting files, using your computer to hack others in your network or business contacts list, watch you through your webcam, or even log keystrokes to obtain credit card info or other personal or sensitive business information.
The easiest way to prevent these hidden attacks is to look a gift horse in the mouth. If you are being offered a free version of a program that usually has a cost associated with it, it is often too good to be true. Only download software and attachments from trusted sites and sources and only do so after they have been scanned with your up-to-date antivirus and antispyware software.
What are Viruses?
An electronic virus is an overarching term which covers a lot of the different topics we have already covered. They can be defined as computer programs or bits of code with malicious intent which come from attachments, downloads, visiting malicious sites, or inserting unprotected hardware and external storage devices into your computer (think plugging in a flash drive or external hard drive that belongs to someone else).
Viruses can have a wide variety of intents, including accessing personal or sensitive information; hijacking files and data; shutting down operations of an electronic device, a website, or entire server; collecting passwords, pin codes, and login information; spreading spam; or even using your computer to attack other devices or networks. The common theme with viruses is, like their namesake, they spread very easily.
Unlike medical viruses, no amount of handwashing will prevent the spread of these pests. What will prevent them is robust antivirus software with updates as often as they are available by the software creators. Make sure to choose a program that scans all attachments and downloads before they can be opened to avoid new threats appearing. Good communication about attempts to send your company viruses can also go a long way. Often times, viruses are crimes of opportunity, but if each threat is reported to your technology team, they may find an orchestrated effort being attempted against the company thanks to commonalities and be able to do more to thwart larger threats.