feat img

4 cyber threats your team needs to know about

The online world is ripe with malicious cyber threats that want nothing more than to tear down your business and all the data it contains. But luckily for you, successfully avoiding cyber threats is something you can do — and quite easily. You simply need to know what the threats are, how they work, and what your best security options are. Let’s take a look at four prominent cyber threats, and we’ll provide you with the education you need to keep these threats away from you and your data.

1. Spear Phishing

Spear phishing is a harmful cyberattack that has affected businesses both small and large. In recent years, health insurer Anthem and an American technology company, Ubiquiti, were hit with this type of attack. It cost both companies millions of dollars and proved that it can happen to anyone.

What is spear phishing?

Phishing occurs when a fraudster impersonates or pretends to be another person, usually via email. The fraudster will reach out to numerous people and try to extract sensitive information from them. They might even include a clickable link in the message that is capable of installing malicious malware onto the victim’s computer. Spear phishing is very similar, except it’s much more targeted. It might be focused on an individual, a specific group of people, or even a company as a whole. Spear phishing attackers do research on how to appear to be a trustworthy person, and they typically impersonate someone you work with.

How does spear phishing work?

Spear phishing might start with hackers gaining access to a company’s network and learning information about you and your company that way. However, it can also start with someone doing research about you online and on social media. Once they have enough information to appear trustworthy, they might send urgent messages trying to convince you to click on a link. They could ask for your help, pretend to be an angry past employee, or say they have an urgent document to share with you. The most insidious types of attackers pretend to be representatives from popular services such as banks, social media sites, or cloud storage providers. These malicious emails usually contain a link that, when clicked on, installs malware on your machine. Alternatively, the link may lead to a page that looks like a legitimate website that will ask for your personal information — including logins, account numbers, and passwords. The attacker may also simply request money, posing as a legitimate person you know.

Real-world spear phishing examples

The most recent example of spear phishing may have had a big impact on global politics. John Podesta was the chairman of Hillary Clinton’s presidential campaign. While working for the campaign, he used Gmail. He received a message that appeared to be from Gmail, which stated that his account had been hacked. The email provided him with a link that would allow him to reset his account. That link was actually from Fancy Bear, a hacker group that then released the acquired emails to WikiLeaks. The rest, as they say, is history.

How to protect yourself against spear phishing

phishing icon

Now that you know what spear phishing is, you definitely want to know how to protect yourself from it. The key tactic is to be vigilant and always remain suspicious. Never click any links contained inside an email unless you know for sure who it’s from. If you receive a strange message from a financial institution, do not click on anything. Instead, call the bank and confirm it’s legitimate. If you receive a suspicious message from a friend, family member, or co-worker, give them a call before you click.

Sandboxing is a new trend in spear phishing prevention. It is a service that checks attachments in emails to make sure they’re safe for employees to open. Many email programs already do a great job of filtering out the majority of spam, but spear phishing attackers are getting sneakier and constantly creating new ways to pass through spam filters. In other words, sandboxing can come in handy. Additionally, secure corporate networks help stop spear phishing hackers from breaking in. Use a gateway that allows you to monitor where traffic is coming from, so you can spot anything that doesn’t fit the mold right away.

2. Ransomware

Ransomware has been around since the late 1980s. The first ransomware virus was ominously called the “AIDS Trojan” since it was distributed to participants at a World Health Organization conference on AIDS. This type of virus is now the most prevalent security threat faced by modern organizations, with more ransomware attacks than general data breaches.

What is ransomware?

Ransomware is a combination of two words — ransom and software. Just as a ransom is a sum you must pay to a kidnapper to get a hostage back, ransomware kidnaps your data and asks you to pay a fee to get it back. This type of malware usually takes over the computer and offers you the ability to pay up to thousands of dollars to get a special digital key to unlock your data. Criminals behind most ransomware attacks take payments in cryptocurrency like Bitcoin.

How does ransomware work?

The first ransomware attacks were handed out to people on disks as fake promotional material. Now, it can be present in a phishing email, which asks you to download a file or open an attachment containing a virus. Even scarier are the versions of ransomware that do not require any action on your part. They simply use security backdoors that only tech-savvy, black-hat hackers know about. Once the virus is installed, some or all of the files on your computer become encrypted. They can only unlock with the proper decryption key held by the attacker, who then asks for payment in exchange for this key. In many cases, the attacker claims to be an agent of law enforcement who has locked down the computer due to the identification of incriminating materials.

Real-world ransomware examples

The terrible “WannaCry” attack really brought ransomware to the consciousness of the general public. It started in May 2017 and targeted computers running Windows. The attack spread like wildfire, infecting more than 200,000 computers in 150 countries in just a few short days. The attack was so widespread because it did not require action on the part of the user. It was automatic infection by way of vulnerability. The virus used a weakness in the Windows operating system, Eternal Blue. This weakness was originally discovered by the NSA, but they failed to report the vulnerability to Microsoft because they intended to use it for their own purposes. Luckily, the attack was stopped soon after its release because security experts were able to decipher the master key that locked the victims’ data. NotPetya is another recent (and successful) ransomware attack that exploited the very same Windows weakness as WannaCry. The virus was planted into a popular Ukrainian accounting software, then it used the weakness to spread to hundreds of thousands of machines. While the attack was concentrated in Europe, Merck, a major American drug company, and Heritage Valley Health Systems, a US hospital network, were both affected. Keep in mind, however, NotPetya worked a little differently than WannaCry. Even if you paid the fee, there was a chance you wouldn’t get your data back — something you should definitely remember if you’re hit with a ransomware attack.

How to protect yourself against ransomware

shield icon

Protecting yourself against ransomware used to be much more simple, since it was distributed on disks. You simply knew not to put a strange disk into your computer. It was also easier to avoid when it was spread solely through phishing emails. Just avoid attachments or downloads from strange emails and you should be good to go.

Now, however, it’s spread through the everyday use of your computer. You can become infected with ransomware if you simply land on the wrong website (a website that can also be entirely well-known). Because of this, the best way to prevent an infection is to keep your computer’s software up to date, use an antivirus program, and back up your files frequently.

3. Malvertising

You might think online advertising is just annoying. However, malvertising proves that web ads can actually be dangerous. Malvertising started to become a big hassle around 2016, when its use increased over 100 percent from the previous year. And unfortunately, everyone is a target of malvertising — from big businesses to everyday web browsers.

What is malvertising?

Malvertising is a combination of the words “malicious” and “advertising.” It is an online ad placed by a malicious source. The ads look like they’re marketing a legitimate product, but there is code placed within them that releases a virus onto your computer. Most malvertising viruses collect information on users or exploit a known vulnerability to install ransomware on your device. Many people think that malvertising can only infect your computer if you visit sketchy dark websites, but they can be present on any site that uses an ad network to make extra income.

How does malvertising work?

The attackers use ad networks to upload their viruses — paying for ads just as any advertiser would. However, their goals are much different than regular marketing efforts. It is extremely difficult to find these online criminals because their ads are mixed in with a regular ad network, and most users don’t know when they are infected. While much of malvertising is spread through traditional online ad networks, it can also be spread through social media ads. Malvertising is particularly insidious because some of these campaigns make it seem like there’s something you need to download in order to view a video or webpage. Unsuspecting people click on these downloads hoping it will make their computer function better, but it does just the opposite.

Real-world examples of malvertising

In 2016, a huge malware attack impacted numerous websites — including some big-name news sites like the New York Times, AOL, and MSN. The virus spread was TeslaCrypt, a brand of ransomware that requested payment by Bitcoin to decrypt kidnapped files. Magnitude EK was also a popular malvertising campaign that spread throughout the Asian Pacific region in late 2016 and early 2017. Again, it was a virus that delivered ransomware straight to a user’s computer through ads found online.

How to protect yourself against malvertising

key icon

The best way to protect yourself against malvertising is to not click any suspicious downloads or ads. Don’t believe pop-ups that tell you there is something wrong with your computer, and don’t believe download deals that are too good to be true. Always remain suspicious. At the same time, however, some malvertising campaigns do not require action on the part of the user. As long as you visit the infected website, something will happen.

In this case, it’s best to have all of your computer’s software and operating systems up to date. This prevents known loopholes and weaknesses from being exploited. Implement a layered security solution that can identify and scan suspicious files encountered online. You can also use ad-blocking software to reduce your exposure to ads altogether. However, keep in mind that some sites will require you to turn off your ad blocker to view their content.

4. Man in the middle attacks

Man in the middle attacks are frightening to consider. They’re often referred to as spoofing attacks and are typically viewed as an elaborate form of eavesdropping attack. Because of the elaborate nature of these attacks, many people tend to think they’re rare. But with digital technology, it’s easier than ever. In fact, some experts estimate that up to 95 percent of https servers may currently be vulnerable to this type of attack …

What is a man in the middle attack?

A man in the middle attack (MiTM) is any type of attack where communication or data is intercepted. The attacker acts as the go-between and pretends to be the person intended to receive communication or information. While this type of attack can be focused on intercepting specific online communications, attackers can also use this attack along with other methods to monitor large amounts of traffic at a time. They can then filter through the data to find information they can use to their advantage.

How do man in the middle attacks work?

There are several ways an attacker can intercept communications or information. For example, they can mimic a trusted Wi-Fi network and snoop at leisure. In addition to Wi-Fi, they can also mimic trusted websites and protocols to extract sensitive information. And once the attacker has your information, they will use it how they see fit — to blackmail, make money, or damage reputations.

Real-world examples of man in the middle attacks

In 2015, a group of 49 hackerswase arrested in Europe on suspicion of executing man in the middle attacks. The group allegedly intercepted payments well over €6 million. They targeted European companies, using social engineering tactics to manipulate them into downloading malware. Once they were inside company networks, they monitored communications, looking for anything that related to payments. A similar attack happened in 2013, targeting customers of a South African bank, ABSA. Hackers first sent out phishing emails pretending to be from SARS — the South African Revenue Service. Once users fell for the email, they were redirected to a website posing as the bank, ABSA. They were asked to put in their account information in order to “e-file their taxes.” Instead, hackers used the payment information to pay themselves …

How to protect yourself against man in the middle attacks

virus and worm icon

The best way to protect yourself from man in the middle attacks is to be vigilant. Don’t click on strange links in emails and don’t answer any personal questions from unverified sources. If you receive an unexpected and urgent message from a seemingly legitimate organization, don’t respond to anything in the email. Call the organization to see whether or not they sent the message.

Never connect to unsecured Wi-Fi networks and make sure that you’re using a secure, encrypted, and trusted connection for everything \you do. As with most digital security threats, keeping your computer’s operating system and software up to date and installing an antivirus program are great ways to keep your computer on lock-down and safe from man in the middle attacks. Immense Team Member

Don’t stop here

So there you have it — four major cyber threats, what they are, and how to avoid them. But of course, online security doesn’t stop here. If you’d like more guidance, check out the top 9 threats to your data.