The internet can often be compared to the wild west, because of its ever changing nature it can often time be a lawless place and it is up to you to defend yourself and your business. Even though the internet has ushered in the digital revolution, and by and large that is a great thing, but that also brings new threats to the table. New types of malware, ransomware, and viruses are being created every day, for the express purpose of stealing information or even holding your business hostage. If your business isn’t using comprehensive security solutions, you remain vulnerable to these threats. So let's get into what a comprehensive IT security solution looks like.
Advanced Persistent Threat (APT): An APT is a stealthy network breach designed to remain undetected for a certain period of time. APTs are typically used to steal information from a specific individual or organization over time, rather than cause an immediate disruption to operations. Every major business sector has recorded instances of cyber attacks with specific goals seeking to steal, spy, or disrupt.
Adware: Adware automatically displays ads in an interface which is usually on a web browser. This is an attempt to redirect your traffic and generate revenue for the originator. Adware can be attached with free online software, and though it isn't immediately threatening, it can become a severely annoying and potential security threat. Adware can display unwanted (and often embarrassing) advertisements in the form of popups or web ads that can even take over your aspects of your device.
Distributed Denial of Service (DDoS): DDoS attack consists of multiple systems from various locations targeting a single network. This is is a typically a high traffic of spam in an attempt to bring down a server, forcing it offline until the attack ceases. DDoS attacks are becoming more common and even Amazon Web Services experienced a major one ealier in 2020.
Botnet: A botnet is a a network of devices built from “bots,” which are controlled remotely by a hacker. Botnets are typically used to complete repetitive tasks, like sending spam messages or perpetrates a Distributed Denial of Service (DDoS) attack.
Brute-force Attacks: A brute-force attack is a common tactic to break into online accounts, particularly those that take advantage of encryption. A brute-force attack consists of a hacker using automated guessing programs to go through millions of iterations to try and decrypt your password.
Command and Control Server: This server is the central computer that remotely issues commands to botnets and other malware. These botnets and malware will then send information back to the comand server. Going after sensitive data, account credentials, personal identity information.
Dictionary Attack: A dictionary attacks uses known words or phrases in an attempt to crack passwords and usernames. They are often used in conjunction with brute-force attacks to guess credentials and infiltrate accounts.
Exploit: A tool designed to exploit a specific vulnerability within an IT system infrastructure, usually for the purpose of stealing data or installing malicious software.
Keylogging: A keylogger is designed to capture and record keystrokes. Software versions are often included in viruses or malware packages to capture credentials for later use and the victim is typically unaware that their activities are being monitored.
Malware: Malware is a fairly broad and encompassing term but malware is usually activated through the use of executable code or scripts. Basically, anything that has malicious intent can be considered malware.
Phishing: Phishing is when hackers attempt to lure targets into handing over sensitive credentials, like usernames, passwords, credit card numbers, Social Security numbers, and so on, just think of the Nigerian prince scam. Phishing tactics will often masquerade as a trusting or intimidating entity.
Ransomware: Ransomware is a type of malware used for extorting money or credentials from users by locking down local files on their PC or workstation. The user may (or may not) receive the decryption key upon giving in to the hacker’s demands. A good tactic is not to give into the hackers demands and having a secure backup is the best solution to this issue.
Social Engineering: Social engineering is probably one of the most successful tactics used by hackers that leverages the weaknesses of the end user. Hackers can circumvent common security protocol by posing as an important official or an employee within a company, or even as an internal IT department. Social engineering tactics are cause for concern because they take advantage of the unpredictable nature of human activity.
Spam: Spam is mostly those annoying emails we recieve every day, in fact 55% of all emails are classified as spam. These messages may not seem overtly malicious and for the most time it is just annoying, but hackers will often use spam to achieve a certain agenda. Spam messages might come with a malicious link or attachment and when clicked on can execute code or send you to compromising websites.
Spoofing: Spoofing is tricking a user into believing that they’re viewing something legitimate whereas they’re only looking at a fake. For example, hackers will pose as someone from your contacts but will actually have the wrong email address, changing their name to match one of those contacts. Another example would be clicking a link and having it take you to a website that looks like the one you want to view, but the domain it is the wrong domain.
Spyware: Spyware is specifically designed to covertly gather information from a computer then transfering it to a hacker. Spyware can be difficult to identify since it is designed to remain hidden, you pretty much need to know what to look for.
Trojan: Also known as a backdoor program or “Trojan horse”, a trojan infiltrates your network and creates a way to access the system in the future. Trojans are mostly used in conjunction with advanced persistent threats (APT) and attempt to gather as much data as possible, while remaining hidden from security protocols.
Virus: A virus, when executed, replicates itself and attempts to spread to other computer components and networks. Viruses are extremely disruptive and dangerous especially in a business environment. They can slow systems, delete critical data, and do so much more.
Zero-Day Exploits: This applies to pre-existing vulnerabilities which are unpatched or unresolved. These issues are usually found in legacy software that isn't compatible with modern technology, like Windows XP.
Stay Safe Online with MyTek
Don’t be intimidated by online threats.
We’ve only scratched the surface of what’s possible for hackers and their technology. There are limitless possibilities for online threats, so it’s imperative that you arm yourself against these threats. For more information about these threats and how you can protect your business assets, contact MyTek at 623-312-2440.