By the DynaSis Team
As cybercrime has evolved from home-grown hacker groups to sophisticated, distributed criminal organizations, perpetrators have become more wily—and more persistent—in their attack methods. Further exacerbating the dangers for small and midsized businesses (SMBs), the tools for sophisticated attack have now become widely available and inexpensive. Even small-time criminals can now wreak big-league damage, and they often target SMBs, specifically.
We have seen a lot of news stories talk about social engineering—tricking humans into compromising corporate defenses and opening security holes through which attackers invade. We’ve covered this helpful topic as well, because people are by far the greatest security threat to any organization.
However, SMB owners also need to understand the underlying mechanisms (which experts call vectors) by which this trickery occurs. Today, we’ll offer a few examples (beyond direct malware attack on an unprotected machine), to help educate you and your personnel on the problem.
Almost always perpetrated via email, phishing involves sending a spoofed communication, such as a warning or request, from what appears to be a valid company. In the communication is a link that also appears valid but that actually points to an infected site. When the recipient clicks the link, he or she is transported to a dummy, infected site (called an exploit kit site) that looks real. As soon as the individual lands on the site, malware infects the respondent’s computer and cybercriminals can begin downloading information from company databases, working their way into corporate servers or even launching attacks on other firms.
This form of cybercrime is amazingly easy to perpetrate. An attacker sets up a malicious site like the ones referenced in the previous section on phishing, then purchases ad space on Google, Yahoo, Bing or another leading online ad provider. He or she then designs creative that resembles a genuine online ad. However, when an individual sees the ad (which often promotes a surprisingly generous offer) and clicks it, the site’s ad server redirects the victim to an exploit kit site, which infects the user’s machine in much the same manner as a phishing attack.
Although ransomware is often installed via the mechanisms referenced above, it is worth mentioning as a separate type of attack because of its insidious nature. Once ransomware is installed, it either steals or locks down corporate resources and then sends a message demanding money in exchange for returning/releasing them. Ransomware is especially worrisome, because even cleaning the infection often won’t retrieve or restore access to the ransomed data. Sometimes, such an attempt will result in additional damage or data loss.
How can companies avoid being victims? Implementing a multi-layered security and attack response strategy, including recurring education of employees about risks, is the best way to reduce risk and lessen damage from an attack. Few SMBs have the in-house expertise to deploy such a broad-based security strategy, so they often choose to outsource these IT services to a security-focused managed service provider or IT support company.
In today’s threat environment, experts expect virtually every business to be successfully penetrated at least once—if not repeatedly. Whether or not an SMB avoids disaster or is dragged into a major nightmare is completely within the control of corporate decision makers.
Specializing in managed IT services and network security, Atlanta-based DynaSis has been supporting small to midsized businesses for almost a quarter century. Among the services we provide are cloud computing through the DynaSis Business Cloud, 24 x 7 x 365 helpdesk support, and real-time monitoring to deal with issues before they become problems. For more information, please call DynaSis at 770.569.4600 or visit www.DynaSis.com.