Hacking used to be something that only the “experts” could do. However, with the rise of technology, it has become much more common. While there is a widespread misconception that hackers only target large companies, small businesses have become a prime target for hackers, as well. Symantec’s 2016 Internet Security Threat Report found that phishing campaigns targeted small businesses 43% of the time, and this number has been increasing steadily over the last 5 years.
With this in mind, we wanted to share the top 5 hacking techniques you need to be aware of for your small business:
The what: Malware is an umbrella term for numerous types of cyber threats, including Trojans, viruses, and worms. Long story short, malware is code that steals data or destroys something on a business’ device. Some types of malware to be particularly aware of: Rogue software, malvertising, and drive-by-downloads.
The how: Malware is typically introduced into a system through email attachments, software downloads, or operating system vulnerabilities.
The what: Phishing typically comes in the form of posing as a request for data from a trusted third party via email. For example, a phishing attack may ask users to click on a link and enter personal data, and this can often be difficult to differentiate from a legitimate request for information.
The how: Phishing emails typically include a link that directs clickers to a dummy site, which steals their information right off the bat or lures them into sending finances, information, etc. with no possibility of the promised return.
3) Password Attacks
The what: A password attack is exactly what the name implies, a third-party gaining access to your systems/data by cracking an individual user’s password.
The how: Password attacks are typically very straightforward. They don’t usually require any type of malicious code. Rather, there is software that attackers run on their own system to try and crack your password.
4) Denial-of-Service (DoS) Attacks
The what: A DoS attack seeks to disrupt the service to a network. Attackers send high volumes of data through the network until the network gets overloaded and can no longer function.
The how: There are a few ways that hackers execute DoS attacks, but the most common one we’ve seen is a “distributed-denial-of-service” attack, where the attacker uses multiple computers to send the data that overloads the system. In many instances, someone might not even realize that his/her computer has been hijacked or is the source of the attack until it’s too late. Why should you be worried about this? Serious security and online data access consequences.
5) Cookie Theft
The what: The cookies of a browser keep our personal data, such as browsing history, usernames, and even passwords for the different websites that we access. Once hackers access these cookies, they can authenticate themselves as you on a browser and access your accounts (and all the data/resources they hold).
The how: Cookie theft has been around since the dawn of the Internet, but these days there are add-ons that allow people to steal unprotected cookies with only a click or two. There are even products today that allow for encrypted cookies to be stolen.
While simple awareness is an important step to protecting yourself and your organization against these threats, there are also several tools and services that help prevent attacks. Contact us to learn more about these specific threats, and tune into our next post to hear from our experts about how to build strategic layered security that will help protect you from these rising threats.