Cyberattacks which company’s network should be protected from

Malicious actors have a lot of methods at their disposal to get sensitive data or hack a company’s network. Hackers can send messages expecting that a victim will get caught as well as they can hack a network by themselves. Nevertheless, to understand how to secure your network, you need to be aware of possible actions of hackers. The Analytical department of Falcongaze is going to talk about that.

  1. Phishing attacks

Phishing attack is a social engineering method. This kind of attack takes advantage of human psychology. Humans don’t always follow instructions, they don’t always have time to think before leaving their credentials on a site or telling them to a “trusted” person.

Phishing attack aims at stealing users’ credentials. For example, bank account number or payment card number.

Hackers make victims trust them. After that a victim is ready to open a message and follow any link. On a site, a victim can be asked to enter their credentials or a malware can be deployed into their system. It depends on a hacker’s purpose or kind of data they need.

The company affected with phishing attack will, probably, lose money. Its reputation and clients’ trust are on the risk, too.

  1. Malware attacks

Malware is a malicious code executing in user’s system. It is always aimed at compromising a system without user’s consent. Malware can spread throughout network, cause damage, and remain unnoticeable.

Common types of malware are:

  • Ransomware blocks an access to information. It can delete it or make it publicly available if money is not paid;
  • Trojan horse pretends to be a usual software. It can hide behind links in messages or web-sites written in JavaScript;
  • Backdoor provides threat actors with remote control over user’s system;
  • Spyware tracks user’s activity and collects their data.

The company hacked with malware can lose both money and data. The whole business can suffer if proper measures are not taken.

  1. Network attacks

Network attack is an attack of using web apps working on servers. A user connects to them through a web-browser and Internet connection. Most common network attacks:

  • SQL Injection, or SQLI. A malicious code is used to manage backend databases. Hackers try to gain access to sensitive data (ex. payment card details, phone numbers, address etc.);
  • Cross-Site Scripting (XSS) is an attack when a hacker deploys a malicious code on web-site page. It will be executed when a user opens this web-page. This attack is used to steal cookie files and credentials, redirect users on malicious web-sites, take control over a user’s browser etc.
  • Man-in-the-Middle attack allows a fraudulent actor “to eavesdrop” conversation. More often it happens on web-sites that don’t have https protocol to encrypt data.
  • Brute-Force attack is an attempt “to guess” user’s login and password and gain access to their account or a computer. However, it is difficult to guess both login and password correctly at the same time. That is why hackers often collect the information about their victims on the Internet or they use leaked databases. They also can use special dictionaries with most common words and phrases, for example, to guess a password, if they know a login.
  • DDoS-attack is an attack when a malicious actor sends a huge number of requests to a server that it can’t resist. It causes denial of service, and the server stops working. Otherwise, it works slowly. Cybercriminals can demand for money in exchange for stopping the attack.

 

  1. Insider attacks

It is the kind of attack when a threat is inside the company’s network. In this case, cybercriminal is an employee that is already inside the network and they have an access to sensitive data. And you can’t overlook business consultants, partners, and former employees – all of those who are authorized in a system. They can access sensitive data and steal them.

It must be considered that these threats are not always intentional. An employee can be compromised in phishing attack. The attack can happen inadvertently. For instance, they forgot to block the computer or somehow disclosed an important information to unknown person. 

Nevertheless, a company loses something (money, data, or reputation) every time it faces any kind of cyberattack. That’s why it is important to understand how to minimize risk of cyberattacks. But we’ll talk about it later.

The SecureTower DLP system

  • Data leak protection
  • Staff efficiency and loyalty monitoring
  • Identification of potentially dangerous employees (risk analysis)
  • Busines communications archive maintaining

Important publications

What is UBA? 6 August 2019
What is DLP systems? 13 February 2019