Don’t Let This Happen to You: Businesses Not Secure from Targeted Attacks
By Guest Post at November 27, 2012 | 8:56 am | Print
Don’t Let This Happen to You: Businesses Not Secure from Targeted Attacks
Although most businesses recognize the security risk involved with running a private network, simplyinstalling virus protection software is not enough. Not all hacking attacks are done by lone perpetrators, and not all hacking is as obvious as a virus that crashes your network. Targeted attacksare a serious threat to any business that falls victim to these cybercrimes, and you may not even realize your business is at risk—or even currently a victim—of these advanced threats.
Targeted Cybercrime
When your business falls victim to a targeted cyber-attack, your financial information, confidential data and/or passwords and IDs may be at risk. Targeting hackers tend to work in groups, and may be as organized, as well as funded, as a business. Their goal is to make money by stealing from you—either taking funds right out of your payroll or stealing sensitive information they can sell—without you even noticing they’ve been thereuntil it’s too late.
The key to understanding targeted cybercrime is that these hackers are both extremely patient and stealthy, and they work to inconspicuously worm their ways into your network.
Security Holes
If you’re going to combat targeted hacker activity on your business, you need to shut down every potential backdoor entrance to your data. Even if you don’t think you have the time, resources or funds to devote to IT, you need to change your perspective on the matter. The loss your business may incur from targeted hacking is far greater than the cost and time it needs to put into securing data now.
Call in IT consultants if need be, and have them routinely inspect your security. Your business’ network security needs to be kept up-to-date, in order to combat hackers’ evolving attacks. Start practicing extreme vigilance with your business. Remember, stealth is vital to targeted cyberattacks, so you may not know you’re a victim, even as it happens.
Avoiding Popular Methods of Entry
The next step, once you’ve strengthenednetwork security to protect your data with targeted cybercrime in mind, is to educate your employees. Human error can bypass even the most air-tight security, which is why examining the more popular methods that targeting hackers use to gain entry can help keep in protection. These methods include:
• SQL injection:The code that makes up your website, network or applications could be vulnerable between layers. Your IT consultants should be taking a look at closing these vulnerabilities.
• Drive-bydownloads: Hackers may pose as manufacturers of common applications, such as ActiveX, or even as anti-virus programs, and ask users to click to update. Similarly, they may attach themselves to a computer, or device, via a pop-up ad. Ask employees never to visit suspicious sites or to click on these prompts for updates, without checking with an IT person that they are, indeed, valid.
• Phishing: Again, hackers may pose as either trusted websites or service providers. In this case, they’ll email employees and ask them to click on a link, and then fill out confidential information like user IDs and passwords. Teach employees the fact that trusted sources will never email them asking for such information.
• Downloads: Email spam attachments, freeware and illegal programs are common methods through which hackers gain entry. Targeting hackers are no exception.
• Stolen, lost or hacked devices: Even if you restrict entry to the business network to pre-approved mobile devices, these devices can be tampered with by hackers if lost or stolen. Ask employees to report the loss or theft of a device they use to access the business network ASAP and look into IT methods of remotely destroying sensitive data. Changing passwords habitually is a good idea, too.
Remember: You Are the Target
The key to understanding targeted cybercrime is that these hackers aren’t purely sending out emails to anyone and seeing what works; they’re after your business in particular because they’ve wormed their way in and have identified data they want to steal from you. If you’re not careful to close security holes such as these, a single targeted cybercrime can turn into an advanced persistent threat, in which the hacker organization steals information from you quietly over a period of time.
Author Bio: Sara Olson is an IT specialist and a writer for online tech publications. She has written several articles regarding the exhaustive damage caused by targeted attacks. She suggests that businesses, as well as individual computer users, make use of Trend Micro threat security research to thwart possible attacks.
