Cyber Attacks – What/Who/How/What Next?
Understand. What is a Cyber Attack? Who might perpetrate one? How do they happen? What should you do?
What is a Cyber Attack?
Your computer network – and the information it holds – can be compromised in many ways.
This may be through malicious or accidental actions, or simply through the failure of software or electronic components.
Whilst consideration should be given to all of these potential risks, it is malicious attacks from the Internet that are hitting the headlines.
The 2014 Information Security Breaches Survey found that 81% of large companies had reported some form of security breach, costing each organisation on average between £600,000 and £1.5m.
It’s not just big business though. All organisations have something of value that is worth something to others. If you are weak in your approach to cyber security you will experience some form of cyber attack.
These findings are supported by almost daily stories of large scale cyber incidents, such as the Gameover ZeuS botnet.
Who might be attacking you?
- Cyber criminals interested in making money through fraud or from the sale of valuable information.
- Industrial competitors and foreign intelligence services, interested in gaining an economic advantage for their companies or countries.
- Hackers who find interfering with computer systems an enjoyable challenge.
- Hacktivists who wish to attack companies for political or ideological motives.
- Employees, or those who have legitimate access, either by accidental or deliberate misuse.
How might we be attacked?
Un-targeted attacks – Attackers indiscriminately target as many devices, services or users as possible. They don’t care about who the victim is as there will be a number of machines or services with vulnerabilities.
To do this, they use techniques that take advantage of the openness of the Internet, which include:
- Phishing – sending emails to large numbers of people asking for sensitive information (such as bank details) or encouraging them to visit a fake website
- Water holing – setting up a fake website or compromising a legitimate one in order to exploit visiting users
- Ransomware – this includes disseminating disk encrypting extortion malware
- Scanning – attacking wide swathes of the Internet at random
Targeted attacks – In a targeted attack, your organisation is singled out because the attacker has a specific interest in your business, or has been paid to target you. The groundwork for the attack could take months so that they can find the best route to deliver their exploit directly to your systems (or users).
A targeted attack is often more damaging than an un-targeted one because it has been specifically tailored to attack your systems, processes or personnel, in the office and sometimes at home.
Targeted attacks may include:
- Spear-Phishing – sending emails to targeted individuals that could contain an attachment with malicious software, or a link that downloads malicious software
- Botnet/DDOS – Deploying a botnet delivers a DDOS (Distributed Denial of Service) attack
- Phreaking – Call phreakers hack into telecoms system leaving businesses with bills up to 100 times higher than normal.
- Subverting the Supply Chain – Attacking equipment or software being delivered to the organisation.
What Now?
KS Services can help you, as part of your risk management processes to assess the threats of a targeted or un-targeted attack.
All businesses connected to the Internet should assume they will at some point be a victim of the latter.
Either way KS Services can help you implement controls across your organisation and ensure you have a more in-depth, holistic approach to cyber security.
Call KS Services on 01274 772244 for more information on Cyber Security.