Click here to get this post in PDF
As the digital age surges forward at a lightning-quick pace it’s crucial you protect your business from internet threats – the threats to our data and businesses grow at an alarming rate. Due to the nature and differences in the type of these concerns, there is no single technology to protect you from all but, hopefully, after reading this short guide you will be more informed about these different types and the technology you can implement to help protect your business.
1. Network Probe / Hostile Scan
What is it?
A Network Probe or Hostile Scan is an automated scan of your internet-facing device(s), ie, router/firewall, to try and find any vulnerabilities or ‘holes’ in your security. It’s carried out by millions of malware infections. Once a vulnerability is found it then infects the device itself or infects another device on your internal network. If no vulnerability is found it will move on to the next device on the internet.
What can I do now?
One of the first things to do is review your router/firewall access rules and close as many ‘open’ rules (or ports) as you can. The less open ports means your chances of a Network Probe / Hostile Scan finding something to exploit is reduced.
What technology will help protect my business?
To give your business the best protection from such threats (and a host of others) it is worth considering upgrading your firewall to a “Next Gen” (a ‘Next Generation’ (or more advanced)) firewall. These carry out a much more in-depth and ‘intelligent’ analysis of your internet traffic and thus have the ability to detect and stop a much larger variety of threats.
2. Distributed Denial of Service Attack
What is it?
A Distributed Denial of Service Attack or (DDOS) uses lots of devices on the internet to ‘bombard’ your router or firewall with garbage traffic, thus using all of its available resources and overloading it to the point where your device and internet connection can no longer function.
What can I do now?
If your business does become a victim of a DDOS attack it might not be that easy to detect at first – you might just think your internet connection has a fault. The key to recognising a DDOS attack is by monitoring the performance of your router to see if it is processing more traffic than normal. Also, you could contact your Internet Service Provider (ISP) for reports on your internet traffic to see if it is more than usual.
What technology will help protect my business?
“Next Gen” firewalls can help protect against this sort of attack, or if you have internet-dependent services that are critical to your business you might want to think about having multiple internet connections with different ISP’s.
3. Brute Force Attack
What is it?
A Brute Force Attack is a systematic checking of all possible passwords for an account or service until the correct one is found. This can be run by malware or a hacker using a computer program and, if successful, may grant access to a system or network with administrator-level privileges. If administrator-level access is achieved the attacker has complete control of the system and its data.
What can I do now?
To help mitigate this threat ensure you have a robust password policy for all internet-facing services or devices. Such services can be internally hosted web-based services (including email services like Outlook Web Access), remote desktop services, routers, and firewalls. Make sure passwords are complex (a combination of upper-case, lower-case, numbers, and symbols) and at least 8 characters long. They must also be changed regularly.
What technology will help protect my business?
Certain technologies are more at risk than others with this type of attack. For example, if you have a commercial website hosted on your network or an SQL database that provides services to internet customers a secure setup for these scenarios would be to place these servers in a DMZ – this is an area that is separated from your internal network to help keep your network secure. In addition to a DMZ, to help protect your SQL servers it is recommended to use a “Next Gen” firewall.
4. Phishing Attack
What is it?
Phishing is the act of trying to obtain financial or other confidential information from computer users, typically by sending an email that looks as if it is from a legitimate organisation. Emails can contain attachments that infect your PC and prevent you from reading your data or links that take the user to a fake website.
What can I do now?
There are several things you can do to help protect yourself against these potentially disastrous attacks. The first and most effective thing to do is to make sure you (and your staff) do not have administrator-level rights on your machines. This right is easily removed and reports have shown that it can mitigate 92% of Microsoft vulnerabilities.
Another highly effective step to make your systems significantly safer is to regularly apply Microsoft’s security updates. These two steps alone will make a vast difference to the security of your network.
Security awareness training for staff also helps minimise the chance of malicious email attachments being opened or links followed.
Due to the nature of these threats, one layer of protection is usually not enough to protect your systems. Other layers of protection are still needed to improve your chances of remaining safe. You should seriously consider Two Factor Authentication for any online system that offers this level of protection.
What technology will help protect my business?
To help prevent email-borne threats an Antivirus and Anti-spam email filtering service is recommended. This will stop many malicious threats from making their way into your network as well as drastically cutting down the number of spam emails you receive. DNS content filtering is also an effective measure to deal with such attacks.
Good quality PC Antivirus software is another essential form of protection needed. Make sure you do your research and invest in a highly-rated antivirus solution. Although there are many free versions available they are usually quite basic and do not detect many of the nasty threats out there today. It’s also important to note that due to the sophistication of modern threats, Antivirus software on its own is no longer enough to protect your data.
Some threats of this type can encrypt your documents so you can no longer read them. Typically, the only way you can get your documents back is to restore them from backup. Therefore the last – and essential – layer of protection is to run regular and reliable backups.
5. Drive-by Download
What is it?
A Drive-by Download is malware that is downloaded and installed on your computer or mobile device simply by visiting a malicious website. They will usually take advantage of existing vulnerabilities within certain web-based applications such as Java, Adobe Reader, Flash Player, and Microsoft Silverlight, as well as web browsers.
What can I do now?
One of the easiest ways to protect against this type of attack is to regularly update all web browsers and applications mentioned above with the latest security updates.
Security awareness training will also help to reduce the chance of staff clicking on rogue website links that are delivered via different channels, ie, email, social media, or instant messaging software.
What technology will help protect my business?
To help prevent malicious emails from being delivered to users an email filtering service is recommended.
Web Protection software can be implemented to help prevent staff from reaching the malicious websites themselves. This can reduce the chance of infection significantly.
You may also like: How to Make my Office 365 Account Unhackable
Image source: Depositphotos.com
About the Author
Andrew Woods specializes in IT infrastructure services and service management. He is currently Technical Director at Synium IT who help organizations operate efficiently and productively with appropriate, secure, and reliable IT Systems.
For further information on how to protect your business from internet threats, visit our IT Security section, or give us a call on 0121 663 0203
[…] You may also like: 5 Types of Internet Threats and How to Protect Your Business from Them […]