5 Cyber Attacks Everyone Should be Aware of
Cyber Attacks in the World of Business
Most of us are under the assumption that powerful cyber attacks are not a threat. But the truth of the matter is, you are a target—and should be taking serious precautions to counteract these risks. Here are the five most common cyber attacks we see today.
Cyber Attack No. 1: Socially Engineered Malware
Socially engineered malware, lately often led by data-encrypting ransomware, provides the No. 1 method of attack. An end-user is somehow tricked into running a Trojan horse program, often from a website they trust and visit often. The otherwise innocent website is temporarily compromised to deliver malware instead of the normal website coding. The website tells the user to install some new piece of software in order to access the website, run fake antivirus software, or run some other “critical” piece of software that is unnecessary and malicious. The user is often instructed to click past any security warnings emanating from their browser or operating system and to disable any pesky defenses that might get in the way.
Cyber Attack No. 2: Password Phishing Attacks
Coming a close second are password phishing attacks. Approximately 60 to 70 percent of email is spam, and much of that is phishing attacks looking to trick users out of their logon credentials. Fortunately, anti-spam vendors and services have made great strides, so most of us have reasonably clean inboxes. Nonetheless, we receive several spam emails each day, and a least a few of them each week are extremely good phishing replicas of legitimate emails. Effective phishing email are like a corrupted work of art: Everything looks great; it even warns the reader not to fall for fraudulent emails. The only thing that gives it away is the rogue link asking for confidential information.
Cyber Attack No. 3:Unpatched Software
Coming in close behind socially engineered malware and phishing is downloaded software with unpatched vulnerabilities. The most common unpatched and exploited programs are browser add-in programs like Adobe Reader and other programs people often use to make surfing the web easier. It’s been this way for many years now, but strangely, not a single company has ever had perfectly patched software.
Cyber Attack NO.4: Social Media Threats
Our online world is a social world led by Facebook, Twitter, LinkedIn or their country-popular counterparts. Social media threats usually arrive as a rogue friend or application install request. If you’re unlucky enough to accept the request, you’re often giving up way more access to your social media account than you bargained for. Corporate hackers love exploiting corporate social media accounts for the embarrassment factor to glean passwords that might be shared between the social media site and the corporate network. Many of today’s worst hacks started out as simple social media hacking.
Cyber Attack No. 5: Advanced Persistent Threats
There has been only one major corporation that has not suffered a major compromise due to an advanced persistent threat (APT) stealing intellectual property. APTs usually gain a foothold using socially engineered Trojans or phishing attacks.
A very popular method is for APT attackers to send a specific phishing campaign — known as spearphishing — to multiple employee email addresses. The phishing email contains a Trojan attachment, which at least one employee is tricked into running. After the initial execution and first computer takeover, APT attackers can compromise an entire enterprise in a matter of hours. It’s easy to accomplish, but a royal pain to clean up.
With all of this information Windward cannot stress enough the importance of good communication if you have a suspicion of an attack happening to you.