Cyber Security – Understanding the Threat of Cyber Attacks

Cyber Attacks

The recent randsomware cyber attack brought to light the damage that can be done by hackers targeting vulnerable IT systems. While the NHS has received a lot of attention in the press, this attack in fact impacted organisations and individuals around the world.

A 2017 survey by the British Chambers of Commerce revealed that 20% of UK businesses have fallen victim to a cyber-attack in the past year.

While larger companies and well-known brands are the most likely to be targeted, small businesses are also under threat. 18% of small companies (with fewer than 99 employees) also found themselves hacked in the past 12 months.

Before taking the necessary precautionary steps to protect your website, your data and your business, it is worth investing some time to educate yourself as to the types of attacks that you could be exposed to.

Some of the most common cyber attacks include:

  • DDoS attacks –

    Distributed denial of service attacks prevent real customers from using your website or service, by flooding you with traffic from multiple different sources.

  • Malware –

    Malicious Software, or Malware, includes a number of different types, all of which are intended to disrupt normal computer operations. Specific examples include:

    • Adware – Displays unwanted adverts to users, with users often being inundated with pop up ads.
    • Spyware – Tracks usage information and sends it to third parties
    • Randsomware – Blocks access to the data on your machine until you agree to pay a randsom to unlock it.
  • Phishing –

    Phishing attacks can include emails, websites or even phone calls, where hackers impersonate trusted organisations to try to convince you to hand over personal information, or install suspicious software on your machine. For example, you may receive an email that appears to be from your bank, asking you to reset your password. This could then redirect you to a site where you would input your password and other personal data that could be used to access your accounts.

  • Password attacks and credential reuse –

    Phishing is just one way hackers can steal your passwords. Other techniques include brute force password attacks, which involve using automated software programs to try to guess your password. As many people use the same password on multiple sites, once they have your password, hackers will try to compromise and steal data from other sites using the same log in details.

  • Man in the middle –

    This type of attack occurs when a hacker positions themselves between two people or systems communicating over a network. This allows them to intercept data that is being transferred between the two parties, without either side knowing. Conversations that were meant to be private are at risk of MITM attacks, as are sites that require users to login, as the log in data can be compromised.

Protecting Yourself from a Cyber Attack

By working with security experts to understand which type cyber attack you are most exposed to, you can build a secure and effective strategy to help keep cyber criminals at bay.

Though some businesses may see cyber security as an unwanted and unnecessary cost, the true cost to your business of a full cyber attack will be far greater if you fail to take sufficient precautionary action.

See this blog on How to Prevent Cyber Attacks  or for more information and advice Contact Us: 0844 770 0199

How To Prevent Cyber Attacks

How Businesses Can Prevent Cyber Attacks.

Cyber security has become a key focus area for IT leaders over recent years, with many now citing it as their primary concern. The increased reliance on information technology to run our businesses, coupled with the rise in external threats, means that failing to properly protect your systems could be extremely costly.

For companies in the public eye, the immediate damage to systems is greatly overshadowed by the impact to the company’s reputation in the wake of a data breach.

Thankfully, as cyber security has matured, experts have developed a multitude of tactics to detect suspicious activity and prevent further damage being caused.

Measures to Prevent Cyber Attacks

  • Firewall – Firewalls act as a barrier between your network and the external world, giving you the opportunity to monitor incoming and outgoing traffic. For additional security, many companies are now looking to dual layer firewalls, increasing the difficulty for criminals to find their way in.
  • Intrusion prevention and detection – Intrusion detection systems monitor network traffic and look for suspicions and malicious activity. This information is then logged and used to alert the necessary people so that appropriate action can be taken. Prevention systems go beyond this, proactively blocking traffic that looks to be suspicious.
  • Antivirus – Antivirus software detects and prevents systems from the harmful effects of viruses and other types of malware such as key loggers, Trojan horses, spyware and adware.

Cyber Security Hygene

While external attacks pose the greatest threat, often it is the behaviour of internal users and hygiene of internal systems that allow these attackers to get a foothold on your network. Under the broader cyber security umbrella there are several things you can directly control that will make it more difficult for intrusion to occur in the first place.

  • Access management – Staying on top of access management ensures that access privileges are assigned to users at the correct level. Limiting the number of users with administrator access prevents further damage if usernames and passwords become compromised.
  • URL filtering – Controlling and filtering the content that can be accessed on the internet helps to limit exposure to sources that could potentially be harmful.
  • Data leakage prevention – Data filters can be used to recognise particular data types such as credit card numbers or account numbers, and prompt users before this information can be emailed outside the organisation.

Cyber Security Technology

Technology to prevent cyber attacks has come a long way, but it is still important to educate users as to the role they have to play in protecting the organisation.

Creating a culture where internal users are aware of the dangers of cyber attacks, and the damage that can be caused by clicking suspicious links or downloading suspect files is a key part of keeping hackers at bay.