What types of cyberthreats are there and how do I prevent them?

What types of cyberthreats are there and how do I prevent them?

2017 has been quite a year for cyberattacks: the Locky ransomware attack on Amazon, the Petya attack in Ukraine which disabled automated radiation monitoring in Chernobyl and the WannaCry attack that spread to 180 countries and brought the NHS to a standstill. It doesn’t matter how large or small your business is, cyberthreats concern everyone.

A study released by the British Chambers of Commerce (BCC, 2017), revealed that 20% of UK firms have fallen victim to a cyber-attack in the last 12 months. Of those targeted, 42% were businesses employing more than 100 staff.

There are many types of cyberthreats that can affect your business and without the correct solutions in place, you’re putting yourself in a position where you could be vulnerable to them. By understanding the different types of infection and the ways in which they’re spread, you can put into practice solutions to prevent them from attacking your business.

It’s important to realise that most software, at some time in its life, will have vulnerabilities – a security ‘fault’ or ‘hole’ in the software – due to the way it’s built or compatibility with the operating system it runs off – and it’s these ‘holes’ that viruses take advantage of in order to access the PC or Server the software is installed on.

With access, the results of infection are varied ranging from taking your usernames, passwords or personal data, sending out spam without the user knowing, encrypting data for blackmail purposes, or stealing sensitive data to sell on the dark web. Scarily, viruses can run in the background without the end user even realising they’re infected. So what types of cyberthreats are there and how can you prevent them?

Methods of Infection

Whilst there are various methods of infection, typically human error is the cause and starting point of how the infection is spread. Let’s look at the different types and what your end users can look out for.

Phishing (mass spamming)

Phishing campaigns are emails that appear in your inbox which look genuine. They will be sent out to hundreds or thousands of email addresses often promoting a service to encourage you to click on a link that will then cause an infection. Sometimes these can be hard to spot, however a good rule is to click on the sender email address. If the sender address isn’t exactly the same as the person signing the email, then it isn’t genuine and you can safely delete it.

Spear phishing

Spear phishing is a more targeted version of phishing that uses individuals’ personal information to construct an email to entice you to open a link. This information is often gained from trawling through individuals social media accounts or information available publicly on the web.

As we share more information about ourselves across social channels the easier it becomes to construct seemingly genuine personal emails. Over the last year we’ve seen a huge rise in spear phishing attacks. Interestingly, when Yahoo was attacked in 2016,  considering information from 1 billion users’ accounts were leaked, the industry took little notice as the vast number of accounts affected where dormant. However, what was missed was the type of information leaked: timeless security questions such as your mother’s maiden name, where you were born etc, and their answers.

When combined with information available publicly, it doesn’t take much to construct a convincing ingenuine  email.

To counter this rise in Spear Phishing, Microsoft have released the add on Advanced Threat Protection for Office 365. This scans any links, isolates  anything malicious and simply removes any potential of infection.

Trojan horses

A trojan horse is a seemingly innocuous and legitimate file containing malware or a virus. Once opened, the infection is spread. Unfortunately, it’s incredibly hard to detect these files manually. But by having up to date Virus and Malware protection your machines will be protected.

Ransomware

Ransomware is, at present, the biggest threat out there and its use is on the rise as seen in the recent attack on the NHS. Once infected, key data on your machines and your network are encrypted and, without a solution in place, you’re left with no other option but to pay a ransom in Bitcoins to decrypt it. The solution chanced upon with the NHS really is the exception to the rule as the type of encryption used with Ransomware is nigh on impossible to crack.

Antivirus and Malware protection can prevent infection but a tried and tested solution and your first and last line of defence is offsite backup. You can simply delete your data and restore it from previously backed up data prior to the infection. It’s important to state that your data should be backed up offsite so that it can’t be encrypted across your network in the event of an infection.

Solutions

There are many types of cyberthreats but only a few measures to put protection in place. At Risc IT Solutions we recommend the following:

  • Endpoint antivirus that can eliminate all forms of threats, including viruses, rootkits, worms and spyware, has low system demands, auto-scans removable media and provides cross-platform protection
  • Office 365 is Cloud based, meaning you can work from anywhere at any time. One license can be installed on up to five devices. There’s a monthly fee with no upfront cost and with Advanced Threat Protection (ATP) you can ensure that any spurious links and attachments will be blocked.
  • Clunk Click Online Pro is your first and last line of defence. Data is encrypted at source, in transit and at rest in our data centres. It provides instant data recovery in the event of a disaster.

 

Want to find out more?

Click here