How cyber attacks against businesses work
Cyber security is a major concern for businesses of all sizes. According to the Australian Cyber Security Centre, victims of cyber crime submit a new incident report to the organisation once every 10 minutes. There are many more people who do not even realise their data has been stolen or compromised, which makes it difficult to ascertain precisely how many businesses have suffered data breaches in recent years.
That being said, the most recent research available found that Australian consumers lost $2.3 billion to cyber crime in 2017.
Despite the very clear and immediate threat that cyber crime poses, there remains a great deal of confusion regarding hackers, cyber criminals and data thieves. Let's demystify cyber attacks a bit by pulling back the curtain and looking at the techniques hackers use against businesses.
A portmanteau of "malicious" and "software," malware is an application or executable software designed to infiltrate cyber security defences, access internal systems and exfiltrate data. It's a very broad category, covering spyware, computer viruses, Trojans and more.
Cyber security solutions can identify malware with recognised threat signatures, removing them from your system or network. It's important to keep your anti-malware software up to date at all times so it can spot the latest threats and remediate them before they can cause any damage.
This technique is especially worrisome because it takes advantage of poor security hygiene and preys upon people who are unable to recognise malicious activity. Phishing attacks usually involve sending emails containing malware to unsuspecting targets. Phishing emails may have a downloadable attachment or an embedded link that redirects the user to a compromised website.
A more sophisticated approach, known as spear phishing, employs social engineering to target specific individuals. In those cases, cyber criminals will pull in personal details and other information that's publicly available to customise their phishing emails.
The best defence against this threat is to train your employees to spot red flags that commonly appear in phishing emails and exercise a little restraint and scepticism when going through their inbox.
Distributed denial-of-service (DDoS) attacks overwhelm available resources, impacting network performance and potentially causing downtime. Here's how they work: Cyber criminals will use botnets, which are compromised machines that can be easily manipulated, to collectively submit a large volume of traffic requests all at once. These surges in user traffic and activity far exceed standard usage levels, straining the network past its breaking point.
DDoS attacks are often intended to disrupt business operations rather than steal data, but that's not always the case. Hackers may use this technique to draw attention and resources toward the DDoS attack, leaving other entry points vulnerable and largely unattended.
Businesses need to act fast when a DDoS attack happens, so it's essential that you have a detailed response plan in place. Assign specific roles and responsibilities so your employees understand what they need to do if such an event occurs.
Increased system monitoring will be extremely helpful as well. Your IT team can use monitoring solutions to identify unusual surges in traffic and activity before they completely overwhelm your network and systems.
This type of malware is one of the most damaging because it not only steals data, but encrypts it so owners are unable to access it themselves. Perpetrators will demand a ransom in exchange for the encryption key, forcing victims to either pay up or lose those files and documents forever.
Even worse, there's no guarantee that cyber criminals will hold up their end of the bargain. Paying the ransom may simply embolden them to ask for more money. Once they have the payment, there's really no incentive to remove the encryption. There's a good chance hackers will drop all communication after they've gotten their cash.
Cracking the encryption would be virtually impossible without the key, leaving businesses with very few options. The best way to defend against ransomware is to minimise the threat. You don't need to gain access to encrypted files if you have already created backups of all that data. With data recovery solutions in place, you can retrieve archived versions of the affected files.
Businesses will still need to contend with the repercussions of a data breach, but as long as you keep recovery systems up to date, a ransomware attack won't seem like the end of the world.
As noted earlier, anti-malware solutions use threat signatures to detect known malware strains and eliminate them on sight. The obvious concern with these defences is what happens when a malware strain that hasn't been identified pops up? Without a threat signature to identify, traditional cyber security tools are unable to stop new malware strains from infiltrating their defences.
Cyber criminals use zero-day attacks to take advantage of this fundamental weakness, compromising machines, networks and databases before businesses have the tools to respond. Zero-day threats aren't always malware strains, either. Vulnerabilities in software, networks or systems can be exploited, giving hackers access to business platforms and sensitive data.
There are two important steps to take to protect against zero-day threats. First, diligently follow patch management best practises to keep your systems up to date. Software companies release new patches to address identified vulnerabilities as soon as possible, but you still need to download and instal those updates.
The second step is to implement network and system monitoring tools that can identify suspicious behaviour and activity. Anti-malware solutions will catch a large number of strains, but there isn't much they can do to stop brand-new threats. Security monitoring software can spot unusual patterns that suggest a potential network intrusion. When it comes to data breaches, you want to respond as quickly as possible to mitigate the damage.
Understanding what threats lurk out in cyber space is the first step to protecting your business. Biztech security experts understand the cyber security landscape better than anyone and can help you boost your defences, fix vulnerabilities and improve your security posture. Contact our team today to find out more.