A cyber attack can be a devastating event for any business. For smaller and even medium-sized businesses, the results can be catastrophic.
The difficult thing is that cyber criminals don’t just use one tactic to target businesses; there are in fact several types of cyber threats that can spell disaster.
In this article, we run through some of the most common threats.
The 8 most common types of cyber security threats
Cyber threats come in many different guises, with each presenting different methods of attack and requiring different systems to repel.
Here are the key cyber threats to be aware of, and how they can impact your business if you’re not adequately prepared.
Phishing scams — emails and messages that look to be genuine but are designed to fool people into handing over sensitive information — are responsible for 90% of data breaches* in businesses.
A phishing email usually looks like an authentic message from a provider or another company you deal with, with a link that requests personal and/or financial information from you.
Educate your teams on the dangers of phishing, and implement anti-phishing protection to help keep your business protected from this harmful type of cyber attack.
Malware (a shortening of the term ‘malicious software’) refers to any kind of software that presents a negative or disruptive threat to a network, device or user. There are various types of malware, including:
- Ransomware — which encrypts files and demands a ransom payment to regain access
- Spyware — which works in the background, without the user’s knowledge, to obtain sensitive data
- Viruses — which embed themselves into a system through malicious email attachments or file downloads, and are able to copy themselves and spread to other devices on the network
- Adware — which hides itself on a system and then serves unwanted ads to the user
- Trojans — which are disguised as genuine code hidden in apps, downloads or games, and can take control of a user’s device for malicious purposes
- Rootkits — which provide attackers with remote access to a device, network or files
To avoid malware from being installed on devices across your network, encourage users to be vigilant when downloading files and opening attachments, and to use secure file sharing platforms. Also ensure that software is up to date, and that administrative rights are only given to those who genuinely need it.
3. Distributed denial of service (DDoS)
A distributed denial of service (DDoS) attack occurs when a hacker or bot network floods a server or network with traffic. This causes the bandwidth to be exhausted, meaning the system crashes and is therefore unable to work as it should; denying users the service of the network.
To avoid falling victim to a DDoS attack, businesses should have robust and up to date firewalls and ensure that they are configured to tightly control what internet traffic can reach your applications and databases.
Also, monitor and understand what normal data traffic levels are and ensure that a baseline is set to only accept as much traffic as your system can handle.
4. Man-in-the-middle (MITM) attacks
Man-in-the-middle (MITM) attacks refer to a cyber attack whereby a hacker ‘inserts’ themselves between a server and a device. This means that any communications between the device and server pass through the attacker, and can therefore be read, stolen or altered.
Unsecured networks are the biggest culprits when it comes to MITM attacks, so ensure your access points are encrypted and that all Wi-Fi networks are adequately secured. Also, consider using a VPN for remote access as these encrypt the data being transmitted, virtually removing the opportunity for an MITM type attack.
5. Zero-day exploit
A zero-day attack occurs when a hardware or software vulnerability or security issue is announced, and the weakness is exploited by a cyber attack before the issue is resolved. ‘Zero day’ refers to the small window of opportunity the attacker has to exploit the flawed defence before a patch or solution is made available.
Zero day attacks can be difficult to guard against, but as a best practice you should ensure all your systems are up to date. Your IT provider should have their finger on the pulse and be amongst the first to hear about vulnerabilities, and have the ability to quickly roll out any updates across your IT estate.
6. DNS attacks
A DNS attack occurs when hackers or cyber criminals use weaknesses in an organisation’s Domain Name System (DNS). The attackers are able use the access in two ways:
- DNS hijacking or DNS poisoning — where the attacked diverts website users to malicious websites
- DNS tunnelling — where the attacker steals data from the DNS system they have breached
To better guard against DNS attacks, businesses should have a clean and clearly defined DNS architecture, with admin access restricted to those who need it.
7. SQL injection
Structured Query Language (SQL) is a type of computer language designed to access and manipulate information from databases. An SQL injection attack takes place when a criminal (or criminals) upload malicious SQL scripts to a server in order to force it to provide sensitive data or information. Once access is gained, the attacker can steal, edit or delete data.
Using parameters and prepared statements for SQLs can help to drastically reduce the chances of an SQL injection attack.
8. Advanced persistent threats (APT)
An advanced persistent threat (APT) is more of an umbrella term for a type of attack that takes place over a longer period of time. It refers to a campaign where an attacker gains access to a network and then maintains a long term presence in order to access and steal sensitive information and data. Because it takes place over a long period of time, businesses can lose vast amounts of sensitive data, particularly if new data is generated and processed on a regular basis.
APT attacks are complex, which means they can be difficult to identify and prevent. However, good cyber security practices such as robust and up to date software, restricted access control and vigilant traffic monitoring are some of the ways that you can guard against APT attacks.
The importance of protecting yourself and your business
It’s impossible to overstate the importance of having a solid cyber security setup in place for your business. Unfortunately, there are many different types of security threats, and with cyber criminals constantly developing new strategies to bypass defences and breach networks, it’s not enough to just set up some standard defences such as anti-virus software, and hope for the best.
Cyber security should be a continuous consideration within your organisation, with regular training for staff members and constant monitoring of your systems to ensure any threats are identified before the damage is done.
At The PC Support Group, we’re committed to defending businesses like yours from the crooks of the internet, and we proudly provide industry-leading cyber security services for hundreds of organisations. Get in touch today to discuss how we can help you implement and maintain a best-in-class security solution for your business today; call us on 03300 886 116 or email firstname.lastname@example.org.
Keen to learn more about the importance of cyber security and how you can protect your business? Download our comprehensive ebook - Protect, React, Recover: A Guide to Cyber Resilience for SMEs.