top of page
Writer's pictureCasey at The D.K.I.A

The Dark Side of The Interwebs

Updated: Jul 10, 2020



The cyber world is home to many wonderful things. Including all of us. Our businesses, bills, family, even our jobs have found a comfy place to call home. The best part? You never have to leave your home to visit there. Before you call it utopia consider this:


You just put all of your data in the hands of the interwebs in the name of convenience. But at what cost? For some, it costs them everything. Internet outlaws are hiding everywhere and if you're not careful you become a victim.


Cyber attacks are becoming a sign of the times that affect everyone. Take a look at some statistics provided by Varonis that might surprise you:


  • 64% of Americans have never checked to see if they were affected by a data breach. (Varonis)



  • In 2017, 147.9 million consumers were affected by the Equifax Breach. (Equifax)


  • 43% of breach victims were small businesses. (Verizon)


  • 82% of employers report a shortage of cybersecurity skills. (ISSA)



  • Security breaches have increased by 11% since 2018 and 67% since 2014. (Accenture)


What exactly is a cyber attack?


Cyber attacks come in many forms and are always evolving. Chances are by the time you're finished reading this there will fifteen new attacks to watch out for. But for now here's a look at the more common types of cyber attacks hackers use:



This type of attack usually begins after an unaware user clicks on a malware infected link or email attachment. Malware is a broad term used to describe malicious and harmful software, more specifically, malware consists of any of the following:


Ransomware- malware designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.


Spyware- collects information from a computing system without your consent such as keystrokes, screenshots, credentials, various personal data


Phishing- an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques


Viruses- program that spreads by first infecting files or the system areas of a computer or network router's hard drive and then making copies of itself


Worms- worms often spread from computer to computer and take up valuable memory and network bandwidth, which can cause a computer to stop responding



This type of attack is also known as an "eavesdropping attack". A hacker will interrupt the network traffic of a two-party transaction to steal data. There are two commonly used points of entry for this type of attack:


  1. Unsecured Wi-Fi network, (e.g. public Wi-Fi with no password)

  2. Malware infected device that an attacker can then use to install software that will process victim's information remotely



This type of attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber attack.



A distributed denial-of-service (DDoS) attack occurs when multiple machines are operating together to attack one target. Attackers often leverage the use of a botnet (a group of hijacked internet-connected devices to carry out large scale attacks) to take advantage of security vulnerabilities or device weaknesses to control numerous devices using command and control software. Once in control, an attacker can command their botnet to conduct DDoS on a target. In this case, the infected devices are also victims of the attack.


DDoS attacks have increased in magnitude as more and more devices come online through the Internet of Things (IoT) (seeSecuring the Internet of Things). IoT devices often use default passwords and do not have sound security postures, making them vulnerable to compromise and exploitation. Infection of IoT devices often goes unnoticed by users, and an attacker could easily compromise hundreds of thousands of these devices to conduct a high-scale attack without the device owners’ knowledge.



Structured Query Language (SQL) injection is an attack technique that attempts to subvert the relationship between a webpage and its supporting database, typically in order to trick the database into executing malicious code.


This type of attack usually involves a combination of over-elevated permissions, unsanitized/untyped user input, and/or true software (database) vulnerabilities. Since SQL injection is possible even when no traditional software vulnerabilities exist, mitigation is often much more complicated than simply applying a security patch.



A zero day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched. An exploit that attacks a zero-day vulnerability is called a zero-day exploit.


A zero day exploit occurs when an attacker takes advantage of a publicly disclosed or undisclosed vulnerability prior to vendor acknowledgment or patch release. Vulnerable systems pose a much higher risk and are often targeted by cyber criminals.


If you're a business owner chances are you use the internet to transact. Which means you could be target. If you're not properly mitigating cyber crime it could be devastating for your business. But how do you protect yourself?


Cybersecurity is essential!



Establish basic security practices and policies for employees, such as requiring strong passwords, and establish appropriate Internet use guidelines that detail penalties for violating company cybersecurity policies. Establish rules of behavior describing how to handle and protect customer information and other vital data.


Keep clean machines: having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Set antivirus software to run a scan after each update. Install other key software updates as soon as they are available.



A firewall is a set of related programs that prevent outsiders from accessing data on a private network. Make sure the operating system's firewall is enabled or install free firewall software available online. If employees work from home, ensure that their home system(s) are protected by a firewall.


Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password-protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment.


Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly and store the copies either offsite or in the cloud.


Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel.


If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden. To hide your Wi-Fi network, set up your wireless access point or router, so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.


Work with banks or processors to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations pursuant to agreements with your bank or processor. Isolate payment systems from other, less secure programs and don't use the same computer to process payments and surf the Internet.


Do not provide any one employee with access to all data systems. Employees should only be given access to the specific data systems that they need for their jobs, and should not be able to install any software without permission.


Require employees to use unique passwords and change passwords every three months. Consider implementing multi-factor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multi-factor authentication for your account.


No matter how efficient you think your network security is you could still be at risk. Cyber criminals are developing new attacks everyday. Before you panic, talk to your insurance agent and ask them about cyber insurance.



What is cyber insurance?


Cyber insurance is designed to help you mitigate losses incurred due to cyber attacks. Coverage for this type policy will depend on your cybersecurity. The more protected you are, the more coverage options available. So its absolutely crucial that you do everything you can to protect your data. Inadequate protection could mean a denial of coverage and unpaid claims.


Talk to your agent today about setting up a risk management plan for your business!








Resources:














53 views0 comments

Comments


bottom of page