By Charles Leaver

What Is A Cyber Attack And How Can You Prevent It?

No organization, however small or large, is immune from a cyber attack. Whether the attack is initiated from an external source or from an insider – no organization is fully protected. I have lost count of the number of times that executives from organizations have said to me, “why would anybody want to attack us?”

Cyber Attacks Can Take Many Forms

The proliferation of devices that can connect to enterprise networks (laptops, smart phones and tablets) mean an increased risk of security vulnerabilities. The aim of a cyber attack is to exploit those vulnerabilities.

Malware

One of the most common cyber attack approaches is the use of malware. Malware is code that has a malicious intent and can include viruses, Trojans and worms. The aim with malware is often to steal sensitive data or even destroy computer networks. Malware is often in the form of an executable file that will spread across your network.

Malware is becoming a lot more sophisticated, and now there is rogue software that will masquerade itself as legitimate security software that has been designed to secure your network.

Phishing Attacks

Phishing attacks are also common. Most often it’s an email that is sent from a supposedly “trusted authority” requesting that the user supply personal data by clicking on a link. Some of these phishing emails look very authentic and they have fooled a lot of users. If the link is clicked and data entered the information will be stolen. Today an increasing number of phishing emails can contain ransomware.

Password Attacks

A password attack is one of the simplest forms of cyber attacks. This is where an unauthorized third party will attempt to gain access to your systems by “cracking” the login password. Software can be employed here to conduct brute force attacks to guess passwords, and combination of words used for passwords can be compared using a dictionary file.

If an attacker gains access to your network through a password attack then they can easily launch malicious malware and cause a breach of your sensitive data. Password attacks are one of the easiest to avoid, and strict password policies can provide a very effective barrier. Changing passwords regularly is also recommended.

Denial of Service

A Denial of Service (DoS) attack is all about causing maximum disruption of the network. Attackers will send very high volumes of traffic through the network and usually make lots of connection requests. The result is an overload of the network and it will shut down.

Multiple computers can be used by hackers in DoS attacks that will create very high levels of traffic to overload the network. Just recently the largest DoS attack in history used botnets against Krebs On Security. Quite often, endpoint devices connected to the network such as PC’s and laptops can be hijacked and will then contribute to the attack. If a DoS attack is experienced, it can have serious consequences for network security.

Man in the Middle

Man in the middle attacks are achieved by impersonating endpoints of a network during an information exchange. Information can be stolen from the end user or even the server that they are communicating with.

How Can You Completely Prevent Cyber Attacks?

Complete prevention of a cyber attack is impossible with current technology, but there is a lot that you can do to safeguard your network and your sensitive data. It is important not to believe that you can just purchase and implement a security software suite and then relax. The more sophisticated cyber criminals are aware of all of the security software solutions on the market, and have devised methods to overcome the safeguards that they provide.

Strong and frequently changed passwords is a policy that you must adopt, and is one of the easiest safeguards to put in place. Encrypting your sensitive data is another no-brainer. Beyond installing antivirus and malware protection suites as well as a good firewall program, you should ensure that regular backups are in place and that you have a data breach incident response/remediation plan in case the worst happens. Ziften helps organizations continuously monitor for threats that might get through their defenses, and take action immediately to eliminate the threat completely.

Find out more here.

Get the General Here