Posted by Wind River Financial on Wednesday, October 30, 2019
Although October is National Security Awareness Month (NCSAM), we think it’s important to highlight the importance of data security every month. Part of that is keeping a close watch for emerging threats to our customers and their data.
We’ve compiled a list of six current cyber threats that can inflict significant damage if not proactively addressed. In this article, we’ll review each threat and briefly detail some of the protective measures you need to enact to keep your business safe.
What is It – Ransomware is a type of malware that prevents users from accessing their system by locking the users’ files unless a ransom is paid. Although it’s not a hack in the strictest of terms since no data has been stolen, the attackers were still able to breach your network to encrypt your data. This is usually done through some form of phishing attack.
What Can You Do – The best defense is going to be multi-layered. This includes creating both hot and cold back-ups. Hot back-ups are connected directly to your network and allow for quick restores. Cold back-ups are stored offsite. Additionally, proper training can keep your employees aware of and alert for the signs of a phishing attack. Along with that, make sure you’ve installed recent patches and updates to your network, maintain a least privilege strategy, and install endpoint security software.
What is It – Phishing is the act of presenting a victim with an email purporting to be from a legitimate individual or entity. The intent is to either directly obtain sensitive information from the victim or trick them into opening an attachment or clicking a link with malware attached. The attacker is then able to gain access to and control of the victim’s network.
What Can You Do – In order to avoid becoming victim to a phishing attack, education and training are key. Be wary of any emails that contain links or files, and always think twice before clicking, even if an email looks like it came from a legitimate source.
What is It – An attacker eventually gains access to a target organization through a service provider of the target. Service providers are often easier to breach as they often have lesser security controls.
What Can You Do – To avoid this type of attack, vendor management is key. Make sure you enforce security and access policies. Only open your internet ports when your vendors need them, and ensure that your vendors carry up-to-date certifications required by your industry.
What is It – This attack occurs after hackers have successfully compromised the email of a senior-level employee. This can potentially be the most damaging, especially in cases where an attacker is able to trick a finance employee into wiring them funds, seemingly at the behest of an employee whose email was compromised.
What Can You Do – Work with your financial institution to disable wires or require dual control, in which two employees are required to authorize a wire transfer. You can also check all wire requests via telephone with the person purporting the request. Additionally, make sure all computers have the latest patches and updates as well as running the latest anti-virus and endpoint security software. You should also require multi-factor authorization for email logins. Lastly, there is another option called the Financial Fraud Kill Chain, a service implemented by the FBI if the circumstance meets certain requirements.
What is It – Attackers obtain “dumps” of stolen login credentials on the dark net and try to use them on various websites. Since a lot of people have developed a habit of using the same login credentials on different websites, stolen credentials often work.
What Can You Do – First and foremost, DON’T repeat passwords. Instead, use a password tool such as LastPass or DashLane. There are applications and browser extensions to check to see if any of your passwords have been compromised such as haveibeenpwned.com or Chrome Password Checkup Extension. Also, consider using a U2F device. U2F are USB or NFC devices that use two-factor authentication to communicate with your host computer without the need for typing in a password. Think of it like a house key that unlocks your front door.
What is It – Cryptojacking is the use of someone else’s computer, without their permission, to mine cryptocurrency. Often, access to the computer is gained through phishing or infecting a legitimate website with cryptojacking code.
What Can You Do – Since this can involve a phishing attack, some of the same tips are applicable here. Be careful of what you’re clicking in emails. Also, making sure your computer is patched, updated and running the latest anti-virus and endpoint security software. Lastly, ensure whatever internet browser you use is updated as well. Companies like Microsoft and Google make sure that each new browser update is built to combat the latest cryptojacking attacks.