There are countless threats out there that your business could fall victim to, but they generally all have one thing in common: more often than not, the user is a weak point in the defenses of your organization. We’ve put together a list of some of the most devastating hacks that your users should be aware of so they can best respond to them.
Malware, or malicious software, can be particularly troublesome for organizations. The types vary from both extremely passive to extremely dangerous, with the most notable of which being ransomware. Ransomware can potentially lock down your organization’s network or files located on it using encryption, providing the decryption key only when a ransom is paid. We urge you not to pay the ransom, as it’s only furthering the agenda of hackers by you paying up. Instead, we recommend adequate preventative measures that keep ransomware at bay in the first place. Ransomware tends to spread via email and spam, so be sure to warn your users about clicking on links or attachments that are unwarranted and suspicious. Data backup can certainly help, as well.
Malware isn’t the only threat to be spread through spam and email. Phishing attacks are often spread in this fashion as well, in which a user accidentally hands over credentials or sensitive information that can be used to access accounts or other data. These phishing attacks can often be elaborate and difficult to detect. Sometimes they can take the identity of your IT department or your business’ senior figures. Never hand over credentials for any purpose unless the inquirer can legitimately be identified.
By password hacks, we mean any of the high-profile hacks that have been known to spread like wildfire in the media. You may recall some of the major data breaches that have leaked sensitive information, including passwords, to the public. These passwords often wind up on the black market, where they are bought by hackers. If you ever suspect that your users have had their data stolen during these breaches, it’s important that they change their passwords as soon as possible.
Denial of Service Attacks
Denial of Service attacks are when a server is overloaded with traffic to the point where they are no longer able to function as intended. Distributed denial of service, or DDoS attacks, are often used as weapons to cripple infrastructures and bring services to a halt. Botnets--large groups of infected computers--are used to constantly ping servers with traffic to bring them down.
Man in the Middle
Man in the Middle attacks can happen when an attacker directly influences or interacts with the communications between two parties. This can happen over an unencrypted wireless network, and it’s particularly dangerous because both parties believe they are interacting with each other rather than the hacker in the middle.
Not all downloads that happen on a device are made with the device owner’s consent. Sometimes a piece of malware can trigger a download without asking for the user’s permission, as well as without the user understanding the consequences of downloading said file. Sometimes all it takes is clicking on the wrong tab, download link, or dialog box. Drive-by downloads are so dangerous that steps are being taken to thwart them when possible.
Don’t let your business fall victim to these threats. To find out how your business can protect itself in times of danger, reach out to MERIT Solutions at (757) 420-5150.