Every business faces the threat of cyber attacks. If you think your business is too small or doesn’t have valuable enough data for the bad guys to go after, think again. Everyone is a target.
There is no single solution to protect your company from every potential threat to your systems and networks, but the key to cybersecurity plan is knowledge. This requires understanding common threats to information security in your organization, how the attacks are launched, and how to recognize them.
What is the most common threat to information security in an organization?
Believe it or not, there are many common threats to be aware of. Here are nine of the most common types of security threats to organizations you may not be aware of (but should be).
9 Common Types of Cybersecurity Threats to Small Business
Adware is software designed to put ads up on your screen within a web browser—it hijacks your computer and bombards you with unwanted ads. There are two main ways adware can end up on your system:
- After downloading a program (usually freeware or shareware) it quietly installs adware without your knowledge or permission.
- The adware piggybacks on another program to trick you into installing it on your PC, tablet, or mobile device.
Once adware is on your device, there are lots of unwanted things it can do. It can analyze the location and which websites you visit, and then display countless advertisements relevant to the types of goods or services featured there. Adware authors can also sell your information to third parties, who can target you with even more ads (like pop-ups, banners, and unclosable windows).
Adware is more of a nuisance than a threat to your cybersecurity, but there are many performance issues associated with having adware run on your devices. It can slow down your computer, hijack your homepage, interfere with basic functions, or use up your data and bandwidth.
How do you know if there is adware running on your devices? Here are a few indicators:
- Ads show up where they shouldn’t.
- Your homepage has changed without your permission.
- Website links redirect to sites different from what you expected.
- Your web browser slows or crashes.
Adware is normally no more than a nuisance, but when coupled with Spyware, it becomes more serious.
Spyware is a software that infects your PC or mobile device. It gathers information about you, monitors your browsing and Internet usage habits, and collects other data—it’s a total invasion of privacy.
Running quietly in the background, spyware can steal your internet history, contacts, passwords, and even credit card information. In the cases of smartphones and tablets, it can steal information such as:
- Incoming/outgoing SMS messages
- Incoming/outgoing call logs
- Contact lists, emails
- Browser history
Spyware is sneaky, making its way onto your computer without your knowledge or permission, attaching itself to your operating system and maintaining a presence on your PC. The problem is it can be difficult to detect. If your device is infected, you might see a significant reduction in processor or network connection speeds, increased data usage, and low battery life.
Spyware can infect your system in the same way that other malware does. Here are a few ways spyware can make its way into your device:
- Security vulnerabilities like clicking on an unfamiliar link or attachment in an email.
- Installing “Useful Tools” from third-parties. Spyware authors often present their spyware programs as tools to download like an Internet accelerator, download manager, or hard disk drive cleaner. But be careful. Installing these programs can result in spyware infection.
- Software bundles. Free software can conceal a malicious add-on, extension, or plug-in.
Ransomware is another form of malware. There are several things this form of malware can do once it has taken over your computer. Most commonly, your files become encrypted, making them inaccessible to you and your team. The files can’t be decrypted without a key that is only known to the hacker—users are given instructions for how to pay a fee (usually in the form of cryptocurrency) to get the decryption key.
A less common type of ransomware, called leakware or doxware, is when attacker threatens to publicize sensitive data on the victim’s hard drive unless a ransom is paid.
Ransomware most often infects a device with phishing or smishing scams. Other less common ways it reaches a device is through holes in your security.
4. Distributed Denial of Service (DDoS) Attacks
Distributed denial-of-service attacks are big threats to business operations.
These attacks target websites and online services with the goal of overwhelming them with more traffic than they can handle. This makes the website or service inoperable, resulting in a denial of service to legitimate users or customers.
The targeted websites or services are bombarded with incoming messages, requests for connections, or fake packets. Attacks are launched from any number of corrupted computers, from a few to thousands.
Since the attack comes from so many different IP addresses at the same time, a DDoS attack is much more difficult for the victim to locate and defend against. This is part of what makes DDoS attacks such a problematic cybersecurity threat.
Disturbingly, a DDoS attack might be just the tip of the iceberg. These types of attacks can be used to hide other malicious activity. With your IT security team distracted by the DDoS attack, who knows what other malicious activities the bad guys have going on in the background?
Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company and ask users to provide sensitive information.
This type of scam could grant the attacker access to all sorts of valuable data—so it is essential that you know how to spot such an attack.
Here are a few things you should be on the look-out for:
- The displayed name in the email – A name displayed in the “from” box does not guarantee that it came from this sender.
- Suspicious links – If the web address you see when you hover over the link doesn’t seem to match the sender, don’t click. Be wary if an email directs you to a website asking for a login.
- Spelling or grammar mistakes – If it doesn’t look or sound right, it’s probably not legit.
- Odd salutations – If the contact usually addresses you by name but the email uses something generic like “Valued Customer” or “Important Client”, this is a red flag.
- Request for sensitive information – If you’re asked for confidential information you aren’t comfortable sharing, pick up the phone and call a verified number to confirm the request.
- Implied urgency – This is a scare tactic designed to catch you off-guard and reply when you normally wouldn’t. If someone is threatening to stop a service without an immediate reply, stop and think about it (and contact your tech nerd).
- Broken images or format – If the images or layout of an email seem a bit off, it could be a sign this is an attempt to fool you.
- Suspicious domains – Malicious emails routinely use domains that are close to the legitimate domain, but not quite right. For instance, someone may use Capital0ne.com instead of capitalone.com to try luring you into providing your credentials.
- Non-standard attachments – if the attached file is not one you recognize (like .doc for a word file, .xls for an Excel file, or .pdf for a PDF file), be suspicious (and don’t open).
Cryptomining occurs when a hacker uses a device to pull illegal revenue from cryptocurrency, without the device owner’s knowledge or consent. This is done by installing malware on the user’s device (often by visiting a safe-looking website or app).
Of all the malware out there, cryptomining seems to pose the smallest threat to your security. It does not gather your data, but it does use a large amount of your device’s resources and energy. This could result in high energy costs, performance issues, and even a system crash.
This malware has become so prevalent that ad blocking firm AdGuard estimates more than 500 million users are mining cryptocurrencies without realizing it!
7. Banker Trojans
A Banker Trojan is a malicious computer program designed to gain access to confidential information stored or processed through online banking systems. They gain access to financial accounts by stealing login credentials and hijacking online banking sessions.
Banker Trojans have the ability to:
- Download and send files remotely.
- Steal information from a clipboard.
- Log keystrokes.
- Be removed from the infected computer remotely and on command (making catching the culprit all the more difficult!).
Attackers often nab a victim by getting them to open a malicious email attachment or to visit a website that’s been compromised. The trojan is placed on the device and waits for the user to visit a banking system. It can then use a few ways to access the data:
- By using a keylogger to capture the victim’s usernames and passwords.
- Adding extra fields to forms on banking websites.
- Creating authentic looking pop-up forms in real time.
- Redirecting the user to a fake website that looks nearly identical to the real one.
They then use the information collected to steal even more sensitive data, including the victim’s PIN. Once the hacker has access to this information, they have full access to the user’s banking information and funds.
8. Man in the Middle (MITM) Attacks
Man in the Middle attacks are just what they sound like: a bad actor placing themselves between you and another party or system. These attacks are launched with the goal of intercepting, sending, and receiving valuable information to and from your device.
MITM attacks generally go unnoticed until the transaction is complete (for example, when you notice the money missing from your account). These attackers are extremely patient. They will lurk undetected in the background for as long as it takes for the opportunity to come along.
The most common targets of MITM attacks are online shopping sites, online banking sites, and any other sites where you have to log in before accessing account and credit card details. Essentially, they go where the money is.
MITM attacks can take many forms depending on the desired outcome:
- Online banking: to intercept transactions (such as making a transfer; the attacker could change the destination account number or amount being sent).
- Login sites: to intercept personal information or login credentials.
- Compromised downloads/updates: installing malware in place of updating or installing legitimate applications.
9. “Bring Your Own Device” (BYOD) Security Risks
The rise of cloud-based communications has led to more and more companies using a “bring-your-own-device” policy. It makes it easier for employees to work from essentially anywhere, and employers don’t have to pay for mobile devices while still being connected to your company’s main communications systems.
Although it has its benefits, BYOD comes with information security risks. Perhaps the biggest risk comes from the mix of business and personal use. You may have all the safeguards in place while your employee is in the building, but you can’t account for what they do on the outside.
Risks with BYOD usage include:
- Data Leakage – Data can be lost or exposed (and stolen) when devices are misplaced or taken, or if a personally-owned device has malware on it.
- Mobile App Breach – The mobile world is full of apps designed to corrupt a device’s software and access private information on the device. With personal and company information being treated the same way, both are in danger of attack.
- Lack of Control – With any mobile device there are risks associated with the inability to place controls on the device. It is difficult to control if it is used on questionable public WI-FI connections or if it will be misplaced or stolen.
It is critical to keep your employees informed of the risks associated with BYOD and the best practices to avoid security threats. Educating yourself and your employees is key to keeping your information safe and secure.
Knowing The Cybersecurity Risks Your Company Faces Is The First Line Of Defense Against Attacks
There are many types of information security risks, but once you know what you’re up against, you can take steps to protect your business from attacks.
As always, there is a Nerd available to help you when you need it!