Cyber Security
Cybersecurity is the act of protecting frameworks, systems, and projects from computerized attacks. These cyberattacks are typically planned for getting to, changing, or devastating sensitive data; blackmailing cash from clients; or interfering with ordinary business measures.
Executing compelling cybersecurity measures is especially testing today on the grounds that there are a larger number of gadgets than individuals, and attackers are getting more inventive. Inferable from its unpredictability, both as far as legislative issues and innovation, cybersecurity is additionally one of the significant difficulties in the contemporary world.
Impacts of cybercrime in Australia
According to ACSC (Australian Cyber Security Centre) survey report:
- ACSC receives approximately 144 reports a day means 1 report every 10 minutes.
- Based on their report, an estimate of $300 million per year is lost based on cybercrime.
Who could be a cyber threat?
Criminals- To disturb your business, out of money or information, to access your hardware and data.
Business competitors- To gain advantage over your business.
Your employees- Your current or former employees, who accidentally or intentionally compromise your data.
Clients of your business- To compromise your data.
For cyber security related issues of businesses please visit: https://www.benchmarkitservices.com/cyber-security/
Security Breach
In cybersecurity, a security breach implies a fruitful attempt by an attacker to increase unapproved admittance to an association’s PC frameworks. Breaches may include theft of delicate information, debasement or harm of information or IT frameworks, or activities proposed to destroy sites or cause harm to organization.
Examples of security breach
Facebook security breach
In 2018, attackers picked up access to 400,000 Facebook client accounts and utilized them to pick up the get to tokens of 30 million Facebook clients. These tokens give full access to Facebook accounts. Fourteen million clients had private data uncovered, counting relationship status and later places they gone by. Fifteen million had names and contact subtle elements breached.
Yahoo security breach
This breach occurred in 2013 and 2014 but was discovered in 2016. Breach was caused by spear phishing campaign, which resulted in gaining access to over 3 billion client accounts. Data exposed included names, phone numbers, security questions and encrypted passwords.
Equifax security breach
Attackers exploited a vulnerability in struts, an open source framework that was used by the organization’s website. The attack exposed the private information of 145 million people, including names, security numbers and driver’s licences.
Cyber security threats
MALWARE AND SPYWARE
Attacks use several strategies to induce malware into a user’s device. Users is also asked to require associate action, like clicking a link or gap associate attachment. In different cases malware uses vulnerabilities in browsers or operational systems to put in themselves while not the user’s data or consent.
Once malware is put in, it will monitor user activities, send confidential knowledge to the attacker, assist the attacker in penetrating different targets inside the network, and even cause the user’s device to participate during a botnet leveraged by the attacker for malicious intent.
Attacks include
- Ransomware: Certain malware that locks your computer and data until you pay a ransom. You are vulnerable to second attack pay a ransom. This attack is typically carried out via email links or attachments. When downloaded or opened it encrypts your files, then demand ransom to restore access. Ransomware offers cyber criminals low-risk and high rewards. They target small businesses because they are unprepared to deal with ransomware attacks and they spend less on security measures.
- Rogue security software: Pretend malware scanning and then regularly show fake alerts and identities to the user. Attackers may ask the user to remove the fake threats from their computer or pay to register the software. Users who transfer their financial details to the attacker.
- Malvertising: Online advertising controlled by hackers. It contains malicious code that infects the user’s computer when the user clicks or displays an ad. Malvertising has been found in many major online publications.
- Drive-by downloads: Attackers can hack websites and inject malicious scripts into PHP or HTTP code on a page. When users visit a page, the malware installs itself directly on their computer; or an attacker’s script redirects users to a malicious site that is being downloaded. Unauthorized downloads depend on vulnerabilities in browsers or operating systems.
- Trojan virus: A trojan can launch an attack on a system and can publish a backdoor, which attackers can use.
DISTRIBUTED DENIAL OF SERVICE (DDOS)
The goal of a Denial-of-Service (DoS) attack is to overwhelm the resources of a target system, causing it to stop working and denying users access. Distributed Denial of Service (DDoS) is a variant of DoS in which attackers compromise many computers or other devices and use them for a coordinated attack on the target system. DDoS attacks are often used in combination with other cyber threats. These attacks can trigger a denial of service to attract security guards’ attention and create confusion, while triggering more subtle attacks aimed at stealing data or causing other damage.
Attacks include
- TCP SYN flood attack: The attack floods the target system with a connection request. When the target system tries to complete the connection, the attacker’s device does not respond and passes through the target system in a timely manner. This connection quickly fills the queue and prevents legitimate users from connecting.
- Botnets: Attackers use the bots (System under control that are infected with malware) to carry out DDoS attacks. Attackers can launch attacks at devastating scale by using large number of botnets.
- Smurf attack: Attackers auto mate the process of sending the ICMP echo request to victim’s IP address, which are generated from Spoofed IP address.
MAN-IN-THE-MIDDLE ATTACK
When users or devices access a remote system via the Internet, they assume they are communicating directly with the target system’s servers. In a MitM attack, the attackers break this assumption, and place themselves between the user and the target server. Once an attacker interrupts communication, they may be able to compromise user credentials, steal sensitive data, and return various responses to the user.
Attacks include
- IP Spoofing: An attacker forges the packets with IP address of a trusted host, rather than its own IP address by convincing a system that it is corresponding with a trusted entry.
- Session hijacking: an attacker hijacks a session between a server and client and substitutes attackers IP address for the IP address of a client. The server imagines it is corresponding with the client and continues the session.
- Replay attack: an attacker spy on network communication and replays messages at later time, pretending to the user. These attacks are largely mitigated by adding timestamps to the network communication.
SOCIAL ENGINEERING ATTACKS
Social engineering attacks work by manipulating users psychologically, forcing them to perform desired actions by attackers, or by exposing sensitive information.
Attacks include
- Phishing: Dodgy emails designed to trick businesses out of money and data. They defraud users by asking them to provide personal information or to pay a fake account. They also scent attachment that looks genuine, with malware inside. Phishing emails are sent to thousands of people. Even if small of users fall for the scam, they can net significant data from the users. These scams are not only limited to emails, users can receive via SMS, Messengers, and social media.
- Vishing: known as “voice phishing” is the criminal practice of using social engineering through the telephone system to gain access to private personal and financial information of the public to obtain financial rewards. Attackers also use it for intelligence purposes to gather more detailed information about the target organization.
- Smishing: attackers use SMS text messaging to lure victims intoa specific course of action. It can be done by clicking on a malicious links or divulging information.
- Impersonation: Pretexting or pretending to be another person with the goal of gaining access to a system or building physically. It is used in “SIM swap scam” fraud.
PASSWORD ATTACKS
Hackers can use social engineering to access personal password information, “sniff” network connections, and guess or access password databases. An attacker can guess the password in a random or systematic way.
Attacks include
- Brute-force attack: Attackers use software to try different passwords to guess the correct password. The program can use logic to guess passwords associated with a person’s name, work, family, and so on.
- Dictionary attack: A common passwords dictionary is used to gain access to the victim’s computer and network. One way is to copy an encrypted file containing passwords and apply the same encryption to the dictionary of passwords that are used regularly.For general IT Support services for Businesses please visit : https://www.benchmarkitservices.com.au
Do’s to avoid security Breach
- Understand the data you have and classify it: Make sure you know things like how it is used, how it is backed up, and how is decommissioned about sensitive information. You must classify data according to the importance because not all data is equally sensitive.
- Educate your employees on protecting data: Educate your staff to protect your business against threats. Create a security incident response plan which educates staff how to avoid, recognise, report the threats. This training program is vital for small businesses to protect the business from cyber-attacks. Unauthorised access to the business depends on how update your staff are, because cyber security is ever evolving.
- Move to cloud: Storing data in the cloud can be more secure than storing it in a physical server or data centre. If your laptop or computer is stolen, your data could be compromised by compromising the security of your home. If you have your data in the cloud, you can remove sensitive information remotely or move it to another account. It is difficult to break security measures on cloud platforms. Therefore, the security of the data is guaranteed.For cloud based solutions for the businesses like Google, AWS and Azure: https://www.benchmarkitservices.com/google-cloud-service-providers/
- Own access credentials: Ensure everyone accessing a system sensitive information has their own login credentials.
- GO multi-factor: A secure method that requires two or more proof of identity to grant access. It typically requires a combination of something the knows (pin, question), Physical process (card, token) or inherently possesses (fingerprint, retina).The couple of layers make it much more difficult for criminals to attack your business. Criminals would possibly manage to steal one proof of identification e.g. PIN, but they nevertheless want to obtain and use the other proofs of identity. Two-factor authentication is the most frequent type of MFA. Small business should implement multi-factor authentication wherever possible. Some of the options include token, random pin, email, SMS, fingerprint, etc.
- Deal with BYOD: Make sure you have policies and technology in place to address the many risks created by employees, contractors, and guests who bring personal devices into your facility and connect to a corporate network. All Internet access from personal or other company-related devices must be accessed over a different network than those used for company computers.
- Encrypt sensitive data: Make sure you encrypt the sensitive data while storing or transmitting it. There are so many commercial and free tools available to do this. Some OS have encryption built in.
- Automatic Backups: A backup is a digital replica of your business most important information e.g. consumer details, income figures. This can be to an external, disconnected tough power e.g. USB or to the Cloud. An automated backup is a default or ‘set and forget’ system that backs up your information automatically, without human intervention.
- Comply with all information security regulations and industry standards: Understanding and complying with regulations provides companies with business opportunities and reduces risk.
- Keep your technology up to date: In addition to keeping your security software up to date, install patches on your server and client-side operating systems and software. Many of the major providers offer automatic update services; take advantage of these features. To purchase any IT related software or hardware: https://www.xtechbuy.com/
DON’Ts to avoid security Breach
- Do not give every employee access to every system and piece of data: Develop policies governing who has physical and electronic access to computer systems and data, and the procedures, policies, and technical controls that apply to implementing such a scheme. Give people access to the information they need to do in their jobs, but don’t give them access to other sensitive information.
- Do not click on links of unknown or untrusted sites: Cyber attackers often use them to visit malicious sites and trick you into downloading malware that can be used to steal data and damage the network.
- Do not plug in the portable device: Without permission from your management don’t plug in any portable devices. These devices can be matched with a code as soon as you plug it into a computer.
- Never become complacent about cyber security: Never let your guard down. Always assume that you are continually under attack.
- Don’t purely rely on antivirus programs: They cannot withstand threats and, in fact, can cause bugs in your system which can put you in danger of cyber security. They can also give you a false sense of security. You still need to be in place so that they can alert and block certain types of malware or attacks. You need to update them regularly.
- Don’t disclose any private information: Never disclose sensitive information like credit card numbers, passwords and other private information, on public sites, including social media.
- Don’t leave your phones unattended in public places.
- Don’t select remember my password: Many applications do not store your password securely.
- Don’t use public Wi-Fi: Never use public Wi-Fi for businesses purpose, use your hotspot instead.
- Don’t leave sensitive info lying around office: Do not leave printouts with personal information on your desk. Secure them in a drawer or shred them. It is very easy for a visitor to look at your desktop and see confidential documents. Keep your office clean and keep your documents locked up. This makes the office more organized and reduces the risk of information leakage.