With so many Cyber Threats it is easy to get confused about which one fits in where and what they actually do. Cyber Threats are continuously changing and protecting your business is more complicated than you would think. Here are some threats you are most likely to face and how to prevent them from affecting your business:
Socially Engineered Malware
Social engineered malware is the most reviled form of social engineering and it is the most used method of attack. It baits users using physical media where it is able to disperse malware. This method uses psychological manipulation where an end-user is lured into running infected programs such as a Trojan Horse program. The malware usually targets frequent internet users through websites they often use and trust. The website used is usually as innocent as the victim and is only a means to deliver the malware.
The best countermeasure for social engineered malware is the education of the end-user. The education means used should cover the most current threats. This is usually the best option with the best expected results. Further protection can be achieved through limiting users in enterprises from using elevated credentials to answer emails or answer the web. There are anti-malware programs available in the market which has to be up-to-date to function effectively.
Password Phishing Attacks
Approximately 60 to 70% of email is spam. Out of this percentage, most of them are phishing attacks. Phishing attacks target unsuspecting victims in order to get their personal information, which includes logon credentials and credit card details. This acquired information can be used in any way as the attacker pleases, but mostly for fraudulent activities.
The primary countermeasure is to have logons that cannot be given away. This means two-factor authentication (2FA), smart cards, biometrics and other out-of-the-band. Another way is through avoiding replying to unfamiliar and untrustworthy emails, avoid clicking on links or attachment from unknown sources and ensuring URL are well spelled with no grammatical errors before using them.
Unpatched client software is considered to be the most serious risk in cyber security for a business. The most common unpatched and exploited programs are browser add-in programs like Adobe Reader and Adobe Flash among other programs people often use, to make surfing the web easier. Other programs include Microsoft office and QuickTime.
The primary countermeasure is making sure that your patching is perfect. If that is not possible, ensure that patching around the most exploited products is perfect. It is common knowledge that a great way of decreasing risk is implementing better patching. An added advantage is becoming one of the few organizations that actually does it.
Social Media Threats
The world’s leading online social networks are Facebook, Twitter and Linkedln. The use of social media has evolved over the years and it can currently be used for sophisticated reconnaissance and social engineering activities. This is the basis of several attacks. The common problem with social media is the validation of friends or applications that request to be accepted. At any time, a person will be unlucky and accept one of the two which ends up being an attack to their social account.
Providing end-user education about social media threats is a necessary countermeasure. Once people are aware of the possibility of such attacks they are able to be on the lookout. The use of more sophisticated 2FA logons is also a helpful idea.
Advanced Persistent Threats
An Advanced persistent threat (APT) is an attack where an intruder or an unauthorized user is able to gain access into a network or a system and stay there undetected for a long period of time. The aim of this attack is to collect sensitive company data or intellectual property. Techniques that an attacker can use to gain access include; the use of the internet to deliver malware which helps in gaining access; physical malware infection; or the use of external exploitation for protected network targets.
These attacks are usually well planned and designed and cleaning them up are a royal pain. When it comes to an effective countermeasure, it is advisable to apply previous advice. Detection and prevention of ATP can be taxing, especially when dealing with a determined adversary. Understanding the legitimate patterns in network traffic for a given network can help in identification of unexpected flow. It is also important to understand the computers that communicates to each other in a network and which ones do not. An adversary would not know this and it would be their point of failure.