Cyberattacks and What You Need to Know!

Cybersecurity  is an increasingly trending topic in the news. The most popular stories seem to be with large companies who have had major data breaches with over millions of consumers personal information being compromised. However, what the public sees less often is when small businesses fall victim to hackers because it is not public record. This leads to the misconception that SMB’s aren’t as vulnerable to cyber attacks like other big corporations are.  Small businesses account for over 61% of all malware victims according to a report by Verizon. It is important that every type of business owner knows about cyber attacks and is proactive to ensure their business will not fall victim.

There are a variety of end goals hackers have when deploying a cyber attack. Many times, these attempts are financially driven, leveraging sensitive online data to get some type of monetary gain. The list below are just some of the most popular methods hackers use, but with an ever changing digital landscaping more new methods are emerging at an alarming rate. Here are some of the most recent attacks every business should be aware of:

Inside Attack

This is someone with administrative privileges from within an organization purposefully uses their credentials to access confidential company information. Usually this issue arises with former employees that have left on bad terms. Fixes include updating your users consistently within your organization.

Password Attack

There are three main types of password attacks: a brute-force attack, which involves guessing at passwords until the hacker gets in; a dictionary attack, which uses a program to try different combinations of dictionary words; and keylogging, which tracks a user’s keystrokes, including login IDs and passwords.

Zero-day Attack

Unknown flaws in a software and system discovered by a hacker before the developers and security staff even know of the issue. These loopholes can go undiscovered for months or even years until they are repaired.  Patch management is an extremely important practice to ensure you have the latest software with the latest security updates.

Ransomware

This type of malware infects your machines and locks up your data. The hacker responsible holds your data hostage for some type of ransom. The usual payment is in untraceable digital currencies like bitcoin. Ransomware is the fastest growing cyber attack today.

Phishing

The most commonly deployed form of cyber theft, phishing involves collecting sensitive information like login credentials and credit card information through a legitimate-looking (but ultimately fraudulent) website, often sent to unsuspecting individuals in an email. Spear phishing, an advanced form of this type of attack, requires in-depth knowledge of specific individuals and social engineering to gain their trust and infiltrate the network.

Malware

This is an overall term for “malicious software” that covers any program that intent is to target a computer and intent is to cause damage. Malware can include worms, trojans, ransomware and spyware.

APTs

Advanced Persistent Threats (APTs) are longer term attacks in which the hacker attacks a system in phases and makes sure to target devices across a network. If a breach is detected and repaired, the attackers have still secured other routes into the system.


As always, ECMSI offers top-of-the-line layered security to keep their partners and their customers safe. Our security suite provides the skilled IT resources, domain expertise, centralized monitoring and management facilities, and proactive approach to ensuring the protection of your desktops and laptops against the ever-present threat of viruses, spam, and malware attacks. Call today (330) 750-1428 or visit our website at www.ecmsi.com/security!