Categories
Articles

Defend your business from modern-day cyber attacks with these 3 tips

Unknowingly clicking on an email attachment containing malware has the power to corrupt your entire system and wipe out all of your highly sensitive data.

Now that’s frightening.

Cybercriminals are now finding more ways to steal money, highly sensitive data, and interrupt your business operations. That is why it’s crucial for you to protect your business and your customers from these types of threats.

Allow us to share with you three tips that you can use to defend your business from modern-day cyber attacks.

Let’s begin.

1. Perform Security Testing

One of the best defenses against cyber-attacks is to set up a defense mechanism that will detect threats before they even happen. You can do that by identifying vulnerabilities in your system.

Some vulnerabilities might only appear after a cyber-attack simulation or a test run, and this is why security testing is an essential factor in establishing the online security of your business.

For instance, one way of securing your website is by restricting access to specific pages through secure data access by catalog permissions.

Your web hosting and content management systems (CMS) should also be tested for possible security cracks that hackers can slip through.

You can work with third-party cybersecurity services like Bulletproof to help you with vulnerability assessment and penetration testing.

With cybersecurity features like hack simulations and a review of your firewall infrastructure, operating system, and server, this helps you identify system vulnerabilities that you need to fix and determine the level of risk to cyber-attacks.

Keep in mind that as your network changes and grows, so will the new and more sophisticated cyber-attacks. It’s because of this that you need to run vulnerability assessments as part of your first line of defense, and long-term cybersecurity game plan.

Suggested read: Acronis and ZNet Technologies join forces to equip partners with innovative cyber protection solutions

2. Guard Against Zero-Day Attacks

If you think that cybersecurity companies are the only ones fighting off cybercriminals, then think again. Even software developers are hard at work to protect their security solutions from cyber-attacks.

After all, the security and safety of their products can have a significant impact on retaining their customers, and this is why sellers include security patches in their solutions through regular software updates.

Security patches are intended to detect and fix vulnerabilities in your security system in the older software versions.

The first approach you should take should be to update your security software and applications regularly to keep yourself protected.

However, there is a kind of cyber-attack that even regular software updates have difficulty stopping, and that is zero-day attacks.

Zero-day attacks target and exploit security vulnerabilities as soon as they’re detected, not allowing software developers and security companies enough time to respond.

This type of attack is one of the most dangerous threats to your business and your customers.

The challenge, however, is remembering to regularly update your security software and apps as soon as they are available.

A sure-fire way to never miss your updates is to use apps to manage software patches automatically.modern-day cyber attacks

Here are some other tips to help you mitigate exposure to the risks that zero-day attacks pose:

  • Exercise safe browsing habits to minimize the dangers of cyber-attacks such as malware, spyware, virus, ransomware, etc. and protect your personal information.
  • Configure the security settings for your internet browser, security software, and operating system.
  • Always check for security patches and software updates by downloading the most recent versions. Doing so will fix bugs that older software versions might have missed.
  • Avoid downloading or opening files and attachments from unknown sources.

However, there might not be a fail-safe method to stop zero-day attacks, but a way to nullify its impact is by using Security Information and Event Management (SIEM) services.

SIEM services offer 24/7 incident response, real-time monitoring, and lets you see a full picture view of your network by collecting the security log data from host operating systems, many software elements and applications, and security controls.

SIEM can also analyze substantial security log data to detect potential attacks and security threats.

3. Protect from Man-in-the-Middle Attacks

A Man-in-the-Middle (MitM) attack is a term for a kind of cyber-attack wherein cybercriminals intercept the conversation between two parties, usually an application and a user, with the purpose of eavesdropping or impersonating either one of the parties.

This type of attack aims to make the exchange of information between the two parties appear normal and steal highly sensitive details such as credit card numbers and login credentials.

Stolen information from MitM attacks can be used for unauthorized fund transfers, illegal password changes, and identity theft (among other things), which is why common targets are users of ecommerce sites, financial applications or websites where a login is required.

So, the best course of action is to protect your information from being stolen during an MitM attack by using encryption.

Encryption keeps data theft from happening by turning readable data into a code, and a decryption key can only decode this.

Another way to protect your business using encryption is with SSL certificates, and you’ll know a website has one if it shows HTTPS instead of HTTP.modern-day cyber attacks

SSL certificates secure connections and encrypt the information (payment details, passwords, etc.) that are exchanged on your website.

For ecommerce sites, it can also build customers’ trust since savvy users know that transacting with websites that have SSL certificates will keep their personal information safe.

Here are additional tips to keep your business and personal information, devices, and connections protected from MitM attacks:

  • Wi-Fi networks. To keep your Wi-Fi network secure, make strong passwords using as many unique characters as possible for your router and update usernames and passwords, plus all the devices that are connected to the network.
  • Internet Security. MitB attacks are typically executed by releasing malware, so installing internet security solutions is a great way to detect and prevent this kind of threat.
  • Emails. Emails are also common modes of virus and malware delivery. Exercise caution when opening emails that ask you to reset or update your login credentials and avoid clicking on links and downloading attachments.modern-day cyber attacks

To be on the safe side, instead of opening the link within the email, manually type in the site address in the browser.

  • Public Networks. Never connect directly to public or unsecured networks.

Install a VPN or virtual private network to ensure that the connection between your server and browsers is secure.

It’s crucial to understand how man-in-the-middle attacks happen so you can take the necessary steps to prevent them from happening and protect your highly-sensitive information.

What’s Next?

As a business owner, one of your top priorities is to invest in the security of your business assets and customers from various cyber threats.

The tips discussed here are just three out of the many strategies you can equip yourself to bulletproof your business against modern-day cyber-attacks.

If you found this article useful, feel free to share it.

Categories
Articles Newss Web Security

Ransomware encounters declined by 60% in 2018: Microsoft report

Machine learning is declining the risks of phishing attacks, but the number of such attacks are still on the rise, finds the 24th edition of the Microsoft Security Intelligence Report (SIR).

Microsoft analyzes over 6.5 trillion security signals every day to get a wide and unique perspective into latest trends in the cybersecurity arena. The company has been releasing the security intelligence report for more than a decade now to share its expert insights with the enterprises.

The SIR this year is reflected on security events in 2018, including overview of security landscape, lessons learnt from it, and best practices that need to be followed. Some of the cybersecurity trends in 2018 included rise in cryptocurrency mining and supply chain compromises, decline in ransomware, and more.

Attackers are increasingly mining cryptocurrency in the background of user systems, without their permission and awareness. This activity significantly consumes bandwidth and causes security risks to users.

Having said that, let’s have a deep dive into the key findings of the Microsoft’s latest security report.

Key takeaways from Microsoft Security Intelligence Report:

1. Ransomware encounters declined significantly in 2018

Ransomware attacks like WannaCrypt and Petya were the biggest security events in 2017. Such attacks locks or encrypt computers and then demands money from users to restore access. It was anticipated that these ransomware attacks will increase in future.

However, the latest report says that ransomware encounter rates have declined by around 60% between March 2017 and December 2018.

The main reason behind this decline is improved detection and education among enterprises. This made it tough for cybercriminals to get what they were intending.

ransomware encounter rate in 2018

Highest ransomware encounter rate:

The highest average ransomware encounter rate per month were found in Ethiopia (0.77%), followed by Mongolia (0.46%), Cameroon (0.41%), Myanmar (0.33%), and Venezuela (0.31%).

Lowest ransomware encounter rate:

On the other hand, the lowest ransomware encounter rates per month were found in Ireland (0.01%), Japan (0.01%), the United States (0.02%), United Kingdom (0.02%), and Sweden (0.02%).

2. Cryptocurrency mining is becoming prevalent

Since the cybercriminals found it difficult to conduct ransomware attacks, they shifted their efforts to cryptocurrency mining. As a result, the cryptocurrency mining is increasing.

While the average ransomware encounter rate in 2018 was just 0.05%, the same for cryptocurrency coin mining encounter was 0.12%.

Cryptocurrencies like Bitcoin and Ethereum work as digital money and can be used anonymously. However, the cryptocurrencies require users to perform some calculations that are resource intensive. While new cryptocurrency coins are released very frequently these days, the calculations are becoming more difficult.

Mining of top cryptocurrencies like Bitcoin is almost impossible, if the immense computing resources are not accessible. As a result, the cybercriminals have turned to a malware that helps them gain access to the computers of victims and then mine cryptocurrency coins. By this way, they can leverage the processing power of hundreds of thousands of computers, rather than one or two.

Highest cryptocurrency mining encounter rate:

Ethiopia (5.58%), Tanzania (1.83%), Pakistan (1.47%), Kazakhstan (1.24%), and Zambia (1.13%) are the five locations with the highest cryptocurrency coin mining encounter rates in 2018.

Lowest cryptocurrency mining encounter rate:

The lowest average monthly coin mining encounter rate was approx. 0.02% in 2018. Ireland, Japan, the US, and China were the locations with lowest rate during the period.

3. Browser-based cryptocurrency mining comes to the scene

Typically, the cryptocurrency miners are installed on the computers of victims in the form of malware. But a new kind of threat has come to scene, where the malware is based entirely within web browsers, which doesn’t need to be installed on the computers.

What cybercriminals are doing is offering a number of services that promise website owner to monetize traffic to their websites without need of advertising. The site owners are asked to add JavaScript code to their webpages. This code starts mining cryptocurrency in the background. When a website is compromised, the attackers can take advantage of the users who visit that website.

These are browser-based cryptocurrency miners that don’t need to compromise the computers. Such miners can impact the computer performance and waste electricity while the users browse the compromised websites.

According to the report, Brocoiner was the most prevalent browser-based cryptocurrency in 2018.

Brocoiner encounter rate

4. Software supply chains are at risk

Attackers try to compromise the development or update process of a legitimate software to gain access to the software and systems of people who use the compromised software.

By injecting the malicious code into the software, attackers can easily gain the same trust and permissions as the software. This has become a primary concern for IT leaders as these attacks are increasing and can make the enterprise IT departments vulnerable.

software supply chain at risk

For example, the first major software supply chain in 2018 was found in March. Microsoft’s Windows Defender ATP blocked a massive campaign that was delivering Dofoil trojan, also called Smoke Loader.

The attackers had replaced the update package of an application with malicious code. This trojan had carried a coin mining payload and exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods.

Windows Defender Antivirus had blocked over 400k infection attempts, in the first 12 hours of the campaign.

Suggested reading: Carelessness of employees leading to enterprise security concerns: Microsoft report

5. Email phishing is still a preferred attack method

Office 365 is the most popular enterprise productivity available out there. Microsoft said that it analyzes over 470 billion email messages per month to scan phishing and malware. In 2018, the phishing messages in inbound emails increased by 250%.

It shows that email phishing is still one of the most preferred attack methods for cybercriminals. Microsoft is rapidly strengthening the email security with anti-phishing protection, detection, and investigation. But, since the emails involve human decisions and judgement, it is a problem to completely get rid of the phishing.

email phishing in 2018

Suggested reading: Office 365 is now the most effective solution at mitigating phish emails

Email phishing lures can come in these forms:

  • Domain spoofing— the email message domain is an exact match with the original domain name.
  • Domain impersonation— the email message domain is a look alike of the original domain name.
  • User impersonation— the email message appears to come from someone you trust.
  • Credential phishing links—the email message contains a link to a page that resembles a login page for a legitimate site, so users will enter their login credentials.
  • Phishing attachments—the email message contains a malicious file attachment that the sender entices the victim to open.
  • Links to fake cloud storage locations— the email message appears to come from a legitimate source and entices the user to give permission and/or enter personal information such as credentials in exchange for accessing a fake cloud storage location.

For full Microsoft Security Intelligence Report (SIR), click here. Microsoft has also created an interactive website to allow users dig into the data specific to the regions.