Samir Alam

Samir Alam is a writer and researcher with over 10 years of experience across multiple domains and industries. His current areas of specialization include Business Process Outsourcing (BPO) research, Information Technology Outsourcing (ITO) and Data Governance. Samir holds a graduate degree from City, University of London (previously The City University, London).

Written by

Samir Alam
February 27, 2019

5 Types of Cyber Attacks and How to Prepare for Them

“There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.” - Former Cisco CEO, John Chambers

2018 began with the cryptojacking hack of over 4,000 websites and ended with a month-long series of attacks on ISP and internet infrastructure by hackers of purportedly Chinese origin. These two cybersecurity incidents book-ended a year brimming with multiple digital security revelations: Facebook’s data breach, the loss of 21 million users’ data at Timehop, the theft of over 5 million credit card numbers from Saks Fifth Avenue and Lord & Taylor, 150 million user records breached from Under Armour and the Exactis’ data breach that exposed over 340 million records of users and businesses.

Of course, these are just the ones that made the news.

What to Expect in a Cyberattack-Prone Landscape

The Ponemon Institute Research Report states that instances of cyber extortion and data breaches will continue to rise. The report cites that 68% of CISOs are convinced that these threats will damage shareholder value while another 60% have expressed fear that nation-state attacks against governments and business could lead to a cyberwar.

They are right to be worried.

CGS’ 2019 IT and Technology Trends Report shows that 22% of respondents have experienced a cybersecurity incident in 2018. This clearly indicates that data privacy, data governance and enhancing cybersecurity are the most critical requirements for IT in 2019. In fact, 58% of respondent companies reported that they planned on investing more in cybersecurity over the next year. This is only natural since 77% of C-level executives believe that cybersecurity threats will only increase in 2019. The report also discovered that, of the companies that experienced a cyber-security incident in 2018, 74% experienced a malware or phishing attack, 57% survived a ransomware incident, and about 25% experienced password attacks and Denial-of-Service (DOS) attacks.

Juniper Research predicts that cyberattacks will cost the global economy about $8 trillion over the next five years. Clearly, the need to be prepared for a cyberattack has never been greater. Being prepared begins with identifying the key threats. Unfortunately, cyberattacks are anything but predictable. But what organizations can do is study and understand the different types of threats, the potential risks they pose and the most effective strategies to combat them.

To simplify this task, here is a list of the top five threats most commonly faced by businesses, and some suggestions on how to stay protected.

1. Malware

Malware is an umbrella term used to describe several types of malicious software. Malware programs are designed to seek out vulnerabilities in a network and exploit them. They come in several forms such as macro and polymorphic viruses, executable files, boot-record infectors, Trojans, logic bombs, ransomware, droppers, adware, and spyware, among others.

Technobabble aside, what’s important to know is that these attacks manifest in diverse shapes and forms, and they’re all extremely dangerous. Most malware programs are simple delivery mechanisms. Once they infect a system, they can install harmful software, execute hidden programs, crash the system, or secretly transmit data from the user’s hard drive to other external agents.

The first step to prevent a malware attack is to use licensed security software and ensure it is updated at all times. Regular system scans can be an effective deterrent against most malwares. The installed security software should protect all entry and exit points of a network. Additionally, building response teams that are on call 24x7 is crucial if you want to stay secure around the clock. Lastly, conducting regular system backups of critical data in the cloud, insulated from your core network, can effectively ensure your data against potential system failure.

2. Phishing

Phishing scams happen when duplicitous communication is sent from reputed sources to unsuspecting users. These scams typically take place over email and more recently, on internet-based messaging services as well. Phishers use their fake identities to try to obtain sensitive information from users, such as credit card details and login credentials. The most common types of phishing scams are spear phishing, pharming, and deceptive phishing. Most phishing attacks are broad and untargeted, that is, they are sent to a vast database of users, in the hope that someone takes the bait. However, a variation of a phishing scam, creatively known as a ‘whaling’ attack, targets specific individuals in an organization who possess unique access or security credentials. This places C-suite executives at high-risk, since they usually have access to sensitive company data.

Organizations need to take a multilayered approach to prevent phishing attacks. Security solutions against phishing scams need to not only protect employees on company networks but also help educate employees so that they can quickly identify and flag suspicious communication. Create awareness among your employees on what a phishing email or message looks like, so they’re not caught unawares. Since C-level executives are the most vulnerable, training should begin right from the top.

3. Ransomware

Aptly named, ransomware attacks are a kind of malware that takes control of a user’s data and holds it hostage. Malicious actors behind the attack demand payment or ransom, in exchange for its safe release, or to prevent it from being destroyed or leaked publicly.

In 2017, the WannaCry cryptoworm paralyzed Britain’s National Health Service (NHS), spreading to nearly 200,000 computers across 150 countries. The saddest part of this story is that Microsoft had discovered the vulnerability exploited by this ransomware attack earlier and had released a patch to protect against it. But computers in the NHS were not regularly updated which left them completely exposed.

Simple ransomware can easily be dealt with by a professional cybersecurity expert or an advanced program. But advanced ransomware exploits are far more damaging and insidious. Advanced ransomware attacks use crypto-viral extortion, which employs complex encryption methods that make user data inaccessible. The data can only be released with a specific decryption key that attackers provide once the ransom is paid.

In rare cases, ransomware can exploit a gap in security or anti-virus programs and self-deploy. But these rare cases are usually caused when security programs haven’t been regularly updated to prevent fix such gaps. In the majority of cases, ransomware exposure is usually the result of some form of user neglect, which allows the program to enter and install itself on a secure system. To prevent and identify ransomware attacks, organizations and employees need to be vigilant and trained to identify suspicious programs. Here too, creating awareness and educating people on cybersecurity basics, is the first step towards organizational invulnerability. Social engineering training is an effective way of accomplishing this and educating employees with convenient infographics can be a good first step in reinforcing them as your first line of defense.

4. Password Breaches

When a confidential password is used by an unauthorized party to access private data, it qualifies as a password breach. Password breaches most commonly occur through brute-force and dictionary attacks. The Collection #1 breach in January 2019 exposed the passwords of over 770 million online accounts, proving just how common such massive password breaches have become.

To secure against these cyberattacks, organizations would be well advised to implement an account lockout policy that locks out users after multiple failed login attempts. Network security administrators can set up new parameters for the account lockout threshold and duration as well as maintain a record of all login attempts to investigate any unusual login patterns.

It’s an unfortunate fact that the passwords that are easiest to remember (like your birthday) are also the weakest and the easiest to crack. Instead, users should opt for complex passwords that are a mix of numbers, letters and symbols. The complexity of passwords and the frequency with which they change should be an organization-wide mandate.  Creating a strong password is simple: Make sure that it’s not easy to guess.  Avoid using a loved one’s name or anything that is personally identifiable. Following this simple rule alone is a major defense against password breaches. Organizations can also consider opting for two-factor authentication mechanisms or circumventing the password dilemma entirely by using an enterprise-grade password management solution.

5. Denial-of-Service Attacks

A Denial-of-Service (DoS) attack takes place when hackers target systems, networks and servers by overwhelming them with massive volumes of traffic, to a point where they are unable to serve legitimate requests. Bad players can potentially hack hundreds and thousands of devices to target a specific network and launch a Distributed-Denial-of-Service (DDoS) attack. The common types of DoS and DDoS attacks include smurf, ping-of-death, and teardrop attacks. Organizations need to prepare for each of these attacks using different strategies. Start with implementing security at two primary levels – network and applications. Network level attacks are the most widely reported while application DDoS attacks, despite their low profile, are far more devastating.

The most basic defense against both is an automated web application firewall. But additional steps such as maintaining a strong network architecture with minimal exposure points is also essential. Companies with private networks should ideally have backup network resources available on standby. So if the primary server is attacked, they can quickly switch to their back-up systems. Companies can also consider migrating their web applications to the cloud. The cloud offers greater bandwidth and more resources than any private on-premises network when it comes to coping with a DDoS attack. It also comes with a scalable security solution that can dynamically adapt to the size of the attack.

Knowing the Offense is the Best Defense

To be well prepared, companies need to be well informed about the different kind of cyber-threats.  They also need to constantly evolve and upgrade their defensive strategies. As digital becomes the default for more organizations, their vulnerabilities increase as well. Similarly, as technology advances and becomes more sophisticated, so do cyberattacks. But the good news is that a few, basic security tenets, such as regularly updating security programs, backing up systems and creating a culture of cybersecurity at the workplace, can go a long way in dealing with these attacks.

Cybersecurity is a high-octane field with a growing pool of talent and innovation on both sides – attackers and defenders. But, while malicious cyberattacks are not always motivated by money, it can be hard to find the right security specialists for your organization. The Information Systems Security Association (ISSA) and ESG survey for 2018-19 reports that 53% of businesses suffer a shortage in cybersecurity skills in their organization. Talented security specialists that can lead a comprehensive, organization-wide security strategy are not only rare but also expensive. But the additional expense is worth it.

The most serious attacks require the support of a team of human cybersecurity experts to review and filter network data flow in real time. Human specialists can immediately identify signs of a sophisticated malicious attack designed to thwart an automated system and take proactive preventative measures in real time. This is the domain of managed security services. Managed security services play a critical role in helping medium-sized businesses access a highly-skilled, scalable talent pool at optimal costs. This allows companies to entrust their growing cybersecurity needs to the experts while they are free to focus on their core business in a stress-free environment.

 

References:

raytheon.com/sites/default/files/2018-02/2018_Global_Cyber_Megatrends.pdf

forbes.com/sites/daveywinder/2019/01/17/collection-1-more-than-770m-people-pwned-in-biggest-stolen-data-dump-yet/?ss=cybersecurity#7565dbaa509f

troyhunt.com/the-773-million-record-collection-1-data-reach/

juniperresearch.com/press/press-releases/cybercrime-cost-businesses-over-2trillion

weforum.org/agenda/2015/01/companies-fighting-cyber-crime/

techcrunch.com/2018/02/12/ico-snafu/

csoonline.com/article/3227906/ransomware/what-is-wannacry-ransomware-how-does-it-infect-and-who-was-responsible.html

hbr.org/2017/05/cybersecurity-has-a-serious-talent-shortage-heres-how-to-fix-it

Samir Alam

Samir Alam is a writer and researcher with over 10 years of experience across multiple domains and industries. His current areas of specialization include Business Process Outsourcing (BPO) research, Information Technology Outsourcing (ITO) and Data Governance. Samir holds a graduate degree from City, University of London (previously The City University, London).

Written by

Samir Alam

BPO study reveals biggest challenges for growing tech companies