Security Awareness training - Risk management
In learning more about information security, business leaders must first study the most common types of security breaches and how organizations have been impacted by these events. The following are common techniques that attackers use to breach the security of the modern company.
SQL ATTACKS
SQL attacks are considered the low-hanging fruit of the security field, as they are one of the easiest to prevent and yet remain among the most common techniques deployed by attackers. The SQL attack allows a hacker to enter malicious code in a piece of text, perhaps in an email or a Word document. The malicious code then allows the attacker to take over the device and extract specific data. Using this technique, cybercriminals have been able to gain access to company financial information, customer data, and other high-value items that might be stored on a server.
STOLEN PASSWORDS
Another common way in which attackers gain access to information is by stealing passwords from a company directory. They might gain access via a traditional SQL attack or simply by using social engineering to acquire information over the phone. Teams must learn more on about social engineering is being used to gain access to information. In this scenario, a person may call and say they are from the firm’s IT security department and require access to login credentials to update their computer. In many cases, employees simply trust the person on the phone and provide their details of their own free will.
A password can also be stolen easily if the user has kept their default password or if the password hasn’t been updated regularly. Hackers are now using botnets to brute force attacks using default passwords on millions of computers over a short space of time. Keeping the default username and password on the device leaves the user vulnerable to password theft and data loss.
MALWARE INSTALLATION
Another common form of attack in recent years is through the use of malware. Malware is a form of malicious software that, when installed on the target system, can be used to control system data and allow the attacker to steal all available information. The malware is often installed after an email is sent to the target. The email is usually designed to look as if it came from an authority within the company or a software manufacturer offering an update. By accidentally installing malware on their computer systems, users can then allow the malware to spread throughout the company’s network, infiltrating all data areas and causing significant issues. It’s part of the reason that companies are now educating their employees on how to spot the signs of a malware infestation and guiding them on mitigating the issue before it begins to cost the company and its customers.
DEVICE THEFT
In the BYOD era, companies are now giving mobile staff members the option of bringing their device with them and then using their personal device to communicate with customers and other employees. Data retained on these devices has become highly valuable to attackers as it often contains the credentials for logging into secure areas of the company network. And so, when a device is lost or stolen, it can put the company at risk of a significant financial loss. Proactive companies are now building policies that help to safeguard data in the event of theft or loss.
They are also encouraging employees to back-up their device data on cloud-based system to mitigate the threat and implementing BYOD policies such as document protection to ensure lost devices don’t lead to further financial loss for the company.
DOCUMENTATION ERRORS
Human error is another of the leading causes of security issues within the modern organization. With the vast amount of documentation being disseminated throughout the globe, companies are now focused on using these documents effectively and preventing private document data from getting into the hands of cyber criminals. Oftentimes, a security breach within a large company is the result of a simple documentation error by an employee.
The employee might simply make the mistake of publishing private data on a public resource, giving access to a website or the email address of a company employee which then leaves their data vulnerable. The forwarding of sensitive information is another common mistake. Choosing the wrong email address or adding information that should have remained on a private server to the email chain can have a significant impact on the company.
It’s why so many are now taking the time to teach their employees about how to work with documents and how to control the flow of information from their computer.
FAILURE TO BACK UP DATA
The failure to back up the data on the server could make a security breach costlier when teams have to add the data back into the system. Many security breaches not only result in the theft of data but also the loss of data for the company. In the case of a stolen device for example, this could leave the team with no understanding on which data was lost and who has been impacted. Take the time to back up data regularly and find out who is using which data on the system. This data retention process can help create a chain of custody for the data and prevent significant costs being incurred in the future. In view of these threats, what can companies do to safeguard their data? There are multiple steps that should be followed in ensuring that data is safe and security breaches are eliminated. Our team at Cyber Risk Aware specializes in advising companies on IT security and we recommend the following steps be taken to prevent data breaches:
• Craft a comprehensive encryption policy
• Perform regular vulnerability reviews with the team
• Apply patches regularly and review new patch options
• Back up all data regularly
THE THREATS FACING YOUR ORGANIZATION
In safeguarding their company in the current landscape, business leaders must learn more on the common threats to their organization and its data. Each industry faces varied risks from threat actors, each with their own motivation and intent. As leaders in the cyber security marketplace, Cyber Risk Aware staff regularly work with our clients in mitigating threats to their business and we have found the following threats to become a growing issue within today’s organizations:
MAN IN THE MIDDLE ATTACKS
One of the more common modern techniques hackers use is a sophisticated version of the traditional man in the middle attack. The attacker finds their way into the organization and then places a keylogger or another tracking system on a computer. New attacks use IOT devices to listen in on all wireless communications across the network. They then gain access to a company email address and watch the communications that take place between the user and others in the company. Because they have access to the user’s credentials and their passwords, they can then act as the person in emailing others for financial information and private data.
PHISHING SCAMS
A recent phishing scam conducted by a Lithuanian cyber-criminal cost Facebook and Google more than $100 million combined7. There are still rich rewards for phishing attacks and firms must be prepared to mitigate the issue. Companies continually fall victim to phishing scams, despite this technique being one of the more common and widely understood issue within the security marketplace. The typical phishing attempt involves a simple email which is designed to look like it came from an authority within the company. The email might ask the person to download a document or click a link within the content. Once the desired action has been completed, the attacker is given control of the device and can then access device data and act as the user of the system.
BOTNETS
A botnet attack begins with a single computer virus. The virus then spreads to connected computers on the network, and then sends a signal back to its command center, which is operated by the cyber-criminal. From their command center, the criminal can then control all the computers within the botnet, and use any data they discover as the review the network. Botnet attacks are on the rise across the globe and many skilled hackers are even now offer botnets for hire for others to use. It’s a billion-pound industry that is only set to grow with the increasing success of botnet events.
MALICIOUS JAVASCRIPT
The websites that we click on every day during work hours can detail specific information about our location and our computer. Those with criminal intent can create sites that have a malicious JavaScript written into the programming to allow the instant download of a virus once the user opens the site. One click from a user within a company network can cause the download of a virus that shuts down the entire network, and potentially costs the company thousands of pounds in lost revenue. This is yet another reason behind the importance of secure web use and for installing the latest virus scanning and removal products.