Big or Small, Cyber Crime Targets Us All!
Jack Smallpage, CyberLab’s Information Security Officer, explains how businesses are vulnerable to cyber attacks regardless of size, plus things you can do to protect your business and improve your cyber security.
-
- Common Attacks & Tell-tale Signs
-
- How You Can Protect Your Business
-
- Cyber Security Quick Wins
Cyber security can be a difficult topic to understand and visualise, especially when you don’t have the tools to help. Like bacteria, it’s difficult to detect with the naked eye and without these proper tools to help you detect it, you can find yourself lured into a false sense of security.
It’s easy to think that larger companies are the ones being primarily targeted, but this is largely in part due to the tools and measures they have in place that allow them to detect what smaller or less equipped businesses are likely unaware of.
In fact, a recent study showed that employees of a small business received 350% more social engineering attacks than employees of larger enterprise businesses in 2021. Cyber criminals aren’t stupid and the fact smaller businesses often lack the security protections and tools larger businesses have, makes them an attractive target – so lets go ahead and help prevent that being you!
Common Attacks & Tell-tale signs
Attackers leverage a variety of methods to try and compromise our networks. Being aware of these methods can help you understand where best to place your defences. The following are just some of the common methods used:
Phishing: With research highlighting that 91% of all cyber-attacks start with a phishing email, it’s no wonder that this method of attack is the most common. Phishing emails appear genuine but are actually fake. They usually try and trick you into revealing sensitive information or contain links/attachments which are infected or otherwise malicious.
Malware: Malware is one of the methods that we likely all know and attribute to cyber-attacks. Malware can come in a long variety of forms such as virus’, trojans, rootkits and ransomware just to name a few. Malware will usually require a user to take an action to install or deploy the malware at some stage and so it pairs nicely with phishing attempts!
Zero-day Exploit: Vulnerabilities are security flaws in a system which in many cases are exploitable by an attacker. The most dangerous of which are known as “Zero-day Vulnerabilities”. Zero Days refer to an exploitable vulnerability which has been announced or detected BEFORE a patch is released/implemented. In this small window of time, attackers can exploit the vulnerability where no solution exists. Detecting these and preventing these attacks therefore require constant monitoring, threat management and use of mitigations to help protect your network till the patch arrives.
Passwords: As the default method for securing accounts and information, it is no wonder that attackers want them. Once they have your password, they have access to the information you hold. They can get these passwords through social engineering, brute-forcing/guessing, compromised databases, intercepting them through unencrypted transmission, guessing them or through phishing as mentioned above!
Denial-of-Service: By flooding systems, servers and networks with traffic to overload resources and bandwidth, a DoS attack can prevent users and systems from processing legitimate requests. A variation of this attack is also known as DDoS (Distributed Denial of Service) which launches the attack from several infected hosts with the usual goal of service denial and taking a system offline.
SQL Injection: This is where attackers insert malicious code into a server using query language. Usually submitting code in unprotected website or application comment/search boxes or forms to then surface protected information from the backend. SQL input sanitization is the easiest way you can help combat this method of attack.
Cross Site Scripting: Whereas SQL injection is injecting code with the aim of targeting the database/backend, an XSS attack injects malicious code into the website itself to trick it into sending data in a form that a user’s browser can execute.
Man in the Middle: Usually achieved by exploiting a vulnerability in a network (such as unsecured public WiFi etc), this method allows an attacker to place themselves in the middle of a transaction/communication by interrupting the traffic to steal and manipulate the data in transit.
Book a Free 30-minute consultation
How can you protect your business?
Visibility is a major factor when dealing with your businesses Security. You can’t fight what you can’t see and when you can’t see the problems, you’re lured into a false sense of safety which ultimately benefits the attacker.
Penetration tests and Vulnerability Assessments
A great way to kickstart your security plan is to obtain a “snapshot” of your security posture with a penetration test or vulnerability assessment. A vulnerability assessment scans your businesses computers, systems, and networks for any security vulnerabilities you could be exposed to and rates them in order of severity. They are typically conducted when a full penetration test may not be required, or as an ongoing monthly or quarterly scan in between any manual penetration testing to ensure no changes or vulnerabilities have been introduced to the environments since the last penetration test. These vulnerabilities once detected, can usually be solved by patching the relevant system or applying a recommended configuration change.
A Penetration test is similar to the above, however is consultant-led, provides greater depth, and includes the chaining of vulnerabilities. Rather than reporting on every single vulnerability on your network, it is designed to instead simulate an attack and identify vulnerabilities that can be exploited by a threat actor to achieve a variety of malicious goals.
These solutions are offered in tandem as an “Infrastructure Test” by our skilled penetration testers who can walk you through the process and help you understand each finding, so you can progress with your security plan with confident knowledge rather than nervous acceptance!
Security Monitoring
Once you’ve identified where and what your vulnerabilities are and had them patched or mitigated, you should now start looking at solutions which help monitor your network and security posture moving forward whilst also deploying automation on key areas to help make a small team respond like a large one.
Solutions like Microsoft Defender for Business help provide a single platform with security and device management capabilities with functionality like Email Protection, Vulnerability management, automated investigation, response and alerting as well as Security recommendations and attack surface reduction rules. Tools like this allow you to quickly create and modify policies which you can deploy across your network without having to dart between multiple systems.
What about Quick Wins?
The above protections are a fantastic way to lockdown your business and gain control over your security posture. With the help of automation and tools, you can reduce the strain on your teams, resource requirement and comfortably control your infrastructure’s security with clear oversight and alerting.
However, if you’re still really nervous about that initial leap, you can find more “quick win” ways to protect your business.
Detect. Protect. Support.
Free Posture Assessment
Understand your security risks and how to fix them.
Take the first step to improving your cyber security posture, looking at ten key areas you and your organisation should focus on, backed by NCSC guidance.
Claim your free 30-minute guided posture assessment with a CyberLab expert.
Leave a Reply
You must be logged in to post a comment.