Engineers can live in a bubble, so sales quickly pointed out that there are people who have heard the terms but may not know much about them. This post isn’t intended to be a deep dive on any of these subjects, but it will serve to provide an introduction into each area of cybersecurity.
Our goal is to arm you with enough knowledge so you will walk away with two things, knowing how serious these threats really are, and what you can do to combat them.
Email remains and will continue to be the number one tool hackers use in their attempt to exfiltrate data or steal money. Email is also a primary tool for the delivery of malicious software. Phishing is a technique hackers use to send emails that appear to come from reputable companies in order to trick users into revealing confidential or sensitive information. These emails will mimic the logos, sometimes the URL’s and use similar language to the emails sent by the company they are
Phishing emails will often contain a malicious link or file, that if a user follows the link or opens the file will result in the deployment of ransomware or other destructive software. The user of Security Awareness Training will greatly reduce your company’s risk of phishing attacks. Teaching your employees what to look out for, will go a long way into reducing the effectiveness of phishing emails.
Social Engineering has two components, and only one is referenced when talking about social engineering. Social engineering typically refers to hackers attempting to extract information from your employees via email or phone.
The side of social engineering that is often overlooked is the reconnaissance hackers will use. Hackers will scour your social media posts looking for every bit of detail they can use to run their social engineering campaign. You’d be surprised as to how much information is readily available. The longer a company has been in business and has a presence on the web the more likely there is lingering information out there. Hackers can use this information to build a profile and have a better chance of correctly answering security questions.
The more they know about your company the easier it is for them to trick your employees. If they know enough about the history of your company and can gain historical knowledge, they will come across as either an employee or someone who can be trusted.
This trusting mindset is precisely what the hacker is looking for. Putting you at ease allows them to ask for personal information and bypass objections. If a hacker can gain your trust, they may be able to get you to violate your own safeguards.
Business Email Compromise
Business Email Compromise can be a devastating attack that can have real financial consequences for your company. BEC usually involves Office 365 or G-suite and involves hackers gaining administrative access to your business email.
Once they gain access, they can create their own account with administrative rights. They will typically set up a filter to forward copies of email to an online account. Since they have access to all your email they can reply and intercept important emails and prevent you from ever seeing them. BEC can be used to hijack data, steal your customer information, and target your customers. The most malicious BEC attacks attempt to steal data and money. These attacks are aimed at your customers and appear to come from your email accounts.
Apart from the financial component, this can truly compromise the reputation of your business. If you are a cybersecurity firm, and your corporate email is hacked and turned into a weapon, you can imagine how credible you’ll seem. Not to mention BEC could lead to both PCI and HIPAA violations if you deal with financial or health data. Steps should be taken to secure your Office 365 or G-suite environment to limit the exposure to a BEC event.
While not foolproof, enabling two-factor authentication is a good first step to take in locking down your Office 365 or G-suite portal. Set up your two factor to utilize a third-party application such as authy, or Microsoft authenticator, over a text message.
Malware in the broad sense is defined as software meant to damage, disrupt, or provide unauthorized access to a computer system. Malware covers a wide array of malicious software from viruses to trojan horses, and everything in between.
Steps should be taken to limit your risk of malware. Using anti-virus software in addition to behavior-based mitigation software could help prevent a malware attack. Spam filtering will help strip attempts to use email to deliver the payload.
Finally, a firewall with a unified threat management component will identify most threats. Since spyware, ransomware, worms, and scripts also fall into the malware category, it may be necessary to utilize DNS filtering and URL blocking to prevent access to compromised websites.
Ransomware is the malware that perhaps has the most public awareness. Most people have at least heard of ransomware, and know the potential risk.
The aftermath and risk of ransomware, however, are downplayed. Not enough attention or focus is put on how much damage ransomware can do. The financial devastation from a ransomware attack is real as are the risks of production loss due to the inability to access necessary systems.
If recent ransomware attacks are any indication of future trends, we see that hackers are now stealing the encrypted data. The reason behind exfiltrating the compromised data is to use it as leverage. The groups behind this form of ransomware seek to use intimidation to force their victims into paying their
Failure to pay results in the stolen data being leaked online. The stolen data could be released en mass, or sold on the dark web. One way or another, the hackers are determined to profit from their work. Make no mistake, they take their work seriously. You should be as determined to prevent them from stealing or compromising your data as they are to steal it. You can’t afford to relax or drop your guard. Any blind spot or vulnerability is going to be discovered and
Work with a team of experts to identify the weak points in your cybersecurity. The team at N2Net has the skills and expertise to analyze and assess your network and can make recommendations to keep your data secure.