Network attacks in organizations

Between March 1 and March 3, 2022, Indiana-based insurance giant Alacrity Solutions Group experienced a data breach that resulted in the loss of sensitive customer information for over 54,000 victims. Alacrity has confirmed that protected health information, as well as names, addresses, social security numbers, driver’s license numbers, financial information, and/or health insurance information, may have been accessed or acquired.

One of Positive Technologies’ findings, from their research with various organizations and companies, is that hackers are able to penetrate the perimeter of an organization’s network and gain access to network resources. locally in 93% of cases. Businesses suffered 50% more cyberattack attempts per week in 2021, with cyberattacks against businesses increasing by 50%. The most targeted are the sectors of education, research and health which have experienced increases of between 75% and 71%.

As network attacks can be passive; i.e. when the aim of the attackers is to remain on the network invisibly and listen to data traffic on the network, or it may be active; that is, when the goal of attackers is to gag victims’ access to their systems, steal data, or compromise data integrity. Although difficult and expensive, logging will help determine the initial or patient zero vector, especially with respect to the following active network attacks:

Ransomware is malicious software that attacks a system through malicious attachments, infects software applications, compromises websites, or infects external storage. It is a creeping network attack which, when it has infected a system, holds the system and the data within it hostage for ransom demands. Its effect is considerable as it can affect both the host system and the shared files of the network on which the system is activated. According to Steve Morgan, founder of Cybersecurity Ventures, ransomware is expected to attack a business, consumer or device every second by 2031. This will be even more true with the prevalence of IoT devices, which have opened disturbing new avenues for attackers. of ransomware. , which can easily tailor their malware to particular industrial sensors, healthcare monitors and dosing devices, or self-driving cars using a home-grade connection protocol.

Measures against ransomware attacks include: Limiting a system’s access to data; this will in turn limit the data a cybercriminal can access in the event of an attack; integrate a traditional firewall that blocks unauthorized access to computer networks; avoid opening attachments in emails from unknown or specious sources; avoid clicking on links in emails from unknown or questionable sources; back up computing devices and update software security patches regularly, and above all, avoid paying a ransom, as this will tempt attackers to carry out another attack in the future.

The insider threat is more of a cybersecurity risk in which an employee, inadvertently or not, shares login information with a third party, allowing the third party to delete, sell or steal data. This cannot be overstated, especially since 69% of SMBs admit that cyberattacks are increasingly targeted. An employee’s information can better equip a cybercriminal to effectively target a particular business by tailoring the malware to meet the business standard or need to evade the unsuspecting victim. Therefore, in order to combat this form of network attacks, companies must train employees on the various security threats, limit authorized employee access, implement multi-factor authentication and, equally important, install a employee monitoring software.

Cloud attacks occur in shared spaces on the Internet because not all cloud systems provide secure authentication and encryption. In this case, a misconfiguration can cause several incidents, including intrusions, network vulnerabilities, and data leaks. According to IBM, more than half of cloud security breaches are caused by simplistic problems, while two-thirds of cloud security incidents could be avoided by regularly checking the configuration, educating employees on the security procedures of cloud space, securing a data backup plan, identifying who can access what data, using penetration testing to establish the level of potential attacks, and establishing cloud governance policies and procedures .

Malicious advertising (or malicious advertising for short) is an innovative new way cybercriminals execute network attacks. Through this, they inject malicious code into digital advertisements that would redirect users to malicious websites where they lose critical data or install malware in their devices. This method of attack can be difficult to identify, however, these measures that are advised to implement are to ensure that each software and its extensions are updated, to install anti-virus software and ad blockers and to avoid using Java or flash programs.

  • Adeoye Abodunrin is the Executive Director of Xpos Technologies

Source link