Everyone is aware of the need to be diligent when it comes to keeping our computers and information safe from cyber threats both inside and outside our organization and homes. Recent news stories from the Sony entertainment security breach to the damaging ransomware virus that encrypts all of your files unless the victim makes a payment to the attackers to unlock the encrypted files makes the threats and damage much greater than ever before. This series of articles will help you and your organization stay safe while traveling the ever important information highway.
In this article we will identify examples of cyber threats that exist and how they can affect your firm’s productivity, image and competitive advantage. All of these items can have a profound effect on the bottom line.
- Email is a critical and essential tool in today’s business world. However, email also allows for an attacker to enter your facilities and homes virtually without your knowledge. Attacks can come in the form of virus payload in an attachment, a phishing link to an infected site or a page that poses to be from a legitimate business partner or government entity requesting sensitive information.
- Unwanted software installations are common today especially from “Free” software links. Many free download services not only provide links to this free software but the installation includes additional unwanted software that can change your browsers operation including pop up advertisements, modified search providers as well as invalid antivirus software and computer optimizers. Some of this software can come right from a legitimate vendor. For example the Adobe Flash player install wizard includes an option to install McAfee antivirus software by default. Although both the flash player and the McAfee are legitimate software, having an additional antivirus program on your system can cause performance problems.
- Drive-by downloads are unwanted software downloads and installations that occur when visiting an infected website. These website may be legitimate business sites that have been attacked and infected to deliver malware and virus’ software unknowingly to the end user. Many times a pop up may be displayed that appears to be a legitimate windows error and when the user clicks on a button to acknowledge the error, the software is unknowingly installed.
- Fake Support scams are becoming more popular as a targeted way of gaining access to your computer and sensitive information. This typically comes from a phone call to an end user posing as internal support or what appears to be a legitimate software vendor like Microsoft. One example, which is more effective in larger organizations is someone calls an end user posing as someone who works for the company and that there is a crisis and the CEO needs the persons credentials right away. Another example is someone calling claiming to be from Microsoft indicating that they are getting notification that the end users computer is infected with some type of virus and requests access to the computer through a screen sharing tool.
- Internet targeted attacks are attacks that originate outside the organization and scan your internet connection for vulnerabilities to exploit holes in your firewall and applications. Software communication is handled by specific “ports” for computers to talk to each other and trade information. Some software if not properly patched or nonexistent or improperly configured firewalls can allow a hacker to gain access to your organizations computer resources by exploiting these vulnerabilities.
Although cyber security has come a long way since the early days of business and personal computing, it continues to be a cat and mouse game where hackers continually find new ways to exploit vulnerabilities. Having the correct protection and educating yourself and your employees will go a long way in helping to prevent attacks on your organization and keep you systems and employees operating efficiently while protecting sensitive information.
The experienced team at IAS can help prevent these attacks as well as repair infections if they do happen. If you think you may be infected or are not adequately protected, call us at (267)661-8362 Extension 702 or email us at email@example.com
In next month’s article we will review ways to prevent the many different ways a hacker can gain access to your systems and data.