If you have ever read even a little bit of cybersecurity news, you’re bound to hear terms like “virus,” “malware,” “spyware,” and “DDoS attack” thrown around with some frequency. The terms can quickly blur together, and it can become difficult to differentiate between them.
Yet businesses operating today need to be able to make distinctions between all the threat types out there, since each and every one poses a unique risk to enterprises. Unfortunately, many business IT departments are not prioritizing cybersecurity at all, let alone setting aside time to learn about the separate threat types that exist. The lack of a proactive cybersecurity strategy within many businesses is not just problematic — it also plainly does not make sense. After all, 60 percent of businesses that suffer data loss — which is a common consequence of a malicious attack — end up shutting down within half a year of the episode. How do so many organizations set themselves up to face those kinds of odds?
One explanation is that when you are too overwhelmed by something, it can be be easier to avoid it altogether. That is why so many people routinely incur a needless 5 percent late filing penalty on their taxes. This is the kind of thing that can — and should — be planned for and avoided way in advance. Human avoidance almost always comes at a cost, yet it remains a default option for many of us. And when it comes to cybersecurity, businesses do it as well. Sitting in a conference room, IT workers and administrators can pore over the sheer number of threats out there and begin to feel like defense is impossible. So instead of being proactive, they do nothing.
The past few years have crystallized a lesson that all businesses should register: Doing nothing will result in a cyberattack — it is just a matter of time. The lack of information security among businesses is one of the chief factors contributing to a meteoric rise in cybercrime. Simply put, it is not only that hackers are getting better at what they do, it’s that businesses are not similarly improving their defense. This is an issue that needs to change. To that end, we decided to put together a guide to the different types of cyber threats organizations face, breaking down each threat by name, what it is, how it works and how to stop it.
What it is: “Malware” is a blanket term used to describe any software leveraged to infiltrate or otherwise weaken computer functions. Within the malware category is a host of subtypes, of which ransomware is one. As its name suggests, ransomware is a type of malware aimed at extorting funds from victims.
How it works: Ransomware works by encrypting all data on the computers or networks it is targeting until a specified ransom is paid by the victim. The reason it’s one of the most potent threats out there is that by encrypting victim information, hackers place their targets in a situation where they can’t just get rid of the malware from their system — because the files will still be encrypted. As a result, victims often feel that they have no other avenue but to pay the criminals. Ransomware has claimed many victims — even a police department in Massachusetts ended up paying criminals for the return of its data.
How to stop it: In order to successfully attack a business, a strain of ransomware must first be let in. This most frequently happens via malicious email attachments, which hackers hope unsuspecting victims will open. Therefore, one of the first steps to keeping ransomware at bay is to make sure you secure email for your company. Another key step is to ensure that employees are educated in corporate email best practices, which include never opening an email from an unknown sender.
Point of Sale attack
What it is: A POS attack occurs when store payment terminals are somehow compromised. This attack type made major headlines during the late 2013 Target breach, which began when malware made its way onto the store’s payment terminals.
How it works: Stand-alone cash registers are a relic of the past. Today, company POS systems provide a portal into a retailer’s interior network. While this portal helps businesses enjoy more streamlined payment processes, it also opens up the door to hackers. A POS attack tends to rely on the insecurity of POS systems to make off with private data. POS malware RAM scrapers, for instance, steal data from the RAM of physical POS devices.
How to stop it: The key to limiting POS attacks is for enterprises to secure methods of payment. When it comes to protecting high-value transactions, managed public key infrastructure (PKI) and digital certificates are two of the most robust options out there.
Advanced Persistent Threats
What it is: Many malicious threats are random. Hackers will throw a line out and hope someone — or better yet, some business — bites. APTs are not such an attack type. Instead, they are highly focused. If your business is hit by an APT, it is because a hacker or hackers have identified you as their target — and they will do whatever it takes to compromise your system.
How it works: Because APT attacks are carried out by criminals with specific goals and targets, the methods they use can vary. However, as InfoWorld has reported, one of the more frequently leveraged methods of intrusion by APT hackers is a phishing campaign, in which the cybercriminals send targeted emails to individuals within the company network hoping that someone will take the bait. All the criminals need is one employee who unwittingly opens a malware-laden email for an entire company network to fall into criminal hands.
But if the initial phishing campaign does not work, the hackers are not bound to give up. After all, if you are the target of an APT attack, the criminals are likely not going to be satisfied by attacking some other organization — they want in to your network. Therefore, the criminals are likely to look into other means of entry, including social media-focused attacks or an attempted intrusion through the company’s mobile platform.
How to stop it: It should come as no surprise that APT attacks are not easy to stop. Such episodes are Threat Number One as far as businesses are concerned, and they promise to topple any organization that is not robustly guarded. The key to preventing against an APT attacker is quite simply to be as well-defended as you can possibly be. If there is a weak link in your business, a hacker targeting the company will take advantage of it. Therefore, every measure must be taken to defend the entire organization, from making sure mobile devices are secured to having multifactor authentication at every point of entry into the business network.
Stopping threats like these needs to be a priority for every business out there. For all enterprises that still practice inaction in terms of cybersecurity, it is time to step up to the virtual security plate and give network integrity the serious attention it deserves.