18/10/2024 Info & News page

Cybersecurity: threats and controls – 1

Malware:

Malware, short for malicious software, refers to any intrusive software developed by cybercriminals (often called hackers) to steal data and damage or destroy computers and computer systems. There are several type of malware:

Malware TypeDescription
AdwareA malicious software that displays unwanted advertisements on a user’s device.
BotAn automated software that performs malicious tasks over the internet. The bot malware works alongside other computers infected with the same malware to create a botnet. This botnet is controlled by a command-and-control server responsible for sending out commands.
Fileless malwareA form of malicious software that operates within computer memory without leaving any traces on the file system.
KeyloggerA malware that records keystrokes on a computer to capture sensitive information.
Logic bombA malicious code that remains dormant until triggered by a specific event or condition.
MalvertisingA malicious advertisement that contains hidden code to deliver malware to users’ devices.
RansomwareA malware that encrypts files on a victim’s system and demands a ransom for their release.
RootkitA stealthy malware that is designed to gain unauthorized access and control over a computer system.
SpywareA malicious software that covertly collects user information and internet behavior without their consent, often for advertising purposes.
TrojanA type of malware that disguises itself as legitimate software, deceiving users into executing malicious code that can lead to data theft or system harm.
VirusA malicious software that attaches itself to clean files and spreads through a computer system, corrupting data and hindering performance.
WormA type of malicious software that often spreads autonomously, proliferating its destructive payload without requiring human facilitation.

How to prevent malware attacks:

  1. Update OS and software,
  2. install a trusted antivirus,
  3. ensure password security,.
  4. exercise caution with emails,
  5. exercise caution with downloads,
  6. back up data, and educate users.
  7. Organizations can prevent large-scale attacks by implementing an e-mail gateway and training users.

Social Engineering:

Social engineering is the tactic of manipulating, influencing, or deceiving a victim in order to gain control over a computer system, or to steal personal and financial information. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.

Social engineering types:

PhishingPhishing is a fraudulent attempt to obtain sensitive information by masquerading as a trustworthy entity through electronic communication. Typically, attackers mass distribute emails, hoping to trick recipients into providing personal data or clicking malicious links.

Phishing schemes are used to steal credentials. They often involve counterfeit versions of legitimate login pages designed to deceive individuals into submitting their usernames and passwords. In more sophisticated instances of these schemes, the stolen information is immediately used to access the actual site, preventing victims from realizing that their login attempt has failed.
Spear phishingSpear phishing is a more targeted version of phishing where attackers tailor their approach to a specific individual or organization. It involves personalized emails that appear credible enough to deceive the target into sharing confidential information.
WhalingWhaling attacks are a form of spear phishing that specifically targets high-profile individuals like CEOs or CFOs, the “big fishes” in an organization. Whalers often create highly sophisticated and executive-specific lures to acquire sensitive data or money.
VishingVishing, or voice phishing, uses phone calls instead of emails to scam individuals. The attacker pretends to represent a legitimate institution to lure individuals into providing personal, financial, or security information.
TailgatingTailgating is another form of social engineering. This physical security breach occurs when an attacker exploits a moment when a controlled entry point is opened by an authorized individual.
ImpersonationIn impersonation, an attacker adopts a false identity to deceive individuals or organizations into granting access to restricted areas or divulging sensitive information. This technique may involve posing as technical support personnel, company employees, or trusted vendors.
Dumpster divingDumpster diving, though not typically categorized as a social engineering attack, is a simple but highly effective method for acquiring confidential information. This attack involves searching through an individual’s or company’s discarded items for valuable data. Surprisingly, waste bins can reveal a lot of insight into an organization as they contain discarded letters, notes, and reports.
Shoulder surfingShoulder surfing involves directly observing a person’s private information by peering over their shoulder, a practice commonly seen when an individual is entering sensitive data, such as passwords. While this term traditionally refers to the physical act of spying, similar strategies include using reflective surfaces to view credentials.
HoaxA hoax involves the distribution of false alarms or misinformation to deceive, create panic, or manipulate individuals. Typically, a hoax might incite users to install unnecessary software or perform certain actions based on the fabricated information.
Watering hole attackA watering hole attack operates by lying in wait at locations frequently visited by the target. Just like predators in the wild wait at watering holes for their prey, cybercriminals identify and compromise websites that are popular with their intended victims. Unlike redirection attacks that steer users to malicious websites, watering hole attacks compromise a legitimate website that the attackers know their targets are likely to visit. Once the website frequented by the targets is identified, attackers concentrate their efforts on that site. They potentially exploit vulnerabilities within the site’s security or infect it through indirect methods, such as compromised ad networks, to deliver malware to unsuspecting users.

Preventing digital social engineering attacks:

Preventing digital social engineering attacks requires a multifaceted approach, combining technical measures with employee awareness and training.

Implement multifactor authentication (MFA)

One of the most critical steps in security is the implementation of MFA. MFA adds an additional layer of protection by requiring two or more verification factors, significantly reducing the risk of unauthorized access even if passwords are compromised.

Monitor network traffic

Ongoing monitoring of network traffic and user behavior helps promptly identify and respond to suspicious activities. Monitoring must be complemented by routine verification of sender identities to authenticate emails and calls, particularly those requesting sensitive information.

Identify and protect critical assets

Organizations should also dedicate efforts to identify and protect critical assets that are particularly appealing to criminals. Conducting thorough asset identification will help focus security measures where they are needed most.

Use secure socket layer (SSL) certificates

It is essential to encrypt data to secure sensitive communications and personal information. Data transmitted over the internet is encrypted using SSL certificates from trusted authorities, making it unreadable to anyone who might intercept the communication. This security measure is essential for protecting data integrity and privacy. Additionally, ensure to exercise caution when providing sensitive information online and verify the authenticity of websites. A simple method to do this is to check the URL. URLs that begin with “https://” indicate a secure and encrypted connection, whereas URLs that begin with “http://” should be treated with suspicion as they do not offer a secure link.

Perform penetration testing

Penetration testing or pen testing is another crucial element in a robust defense strategy, where security specialists simulate cyberattacks to find vulnerabilities before malicious actors do. On discovering such vulnerabilities, you must promptly apply security patches to mitigate potential threats.

Enable spam filters

Spam filters are critical tools that shield your email inboxes from deceptive tactics. You can enable spam filters to minimize exposure to phishing and other malicious emails and establish a barrier against perpetrators of social engineering attacks. These filters serve as a first line of defense by automatically detecting and quarantining suspicious messages. Most email service providers incorporate spam filters that scrutinize incoming messages for potential threats and segregate those that raise red flags. By leveraging the functionalities of spam filters, the laborious process of sifting through and recognizing dubious emails becomes significantly more manageable and less burdensome.

Be aware of digital footprints

Lastly, individuals and organizations must stay mindful of their digital footprint because personal and corporate information shared online can provide social engineers with the ammunition they need to craft convincing scams.

Preventing physical social engineering attacks

In addition to defending against digital cybersecurity attempts, it’s important to counter potential physical social engineering attacks.

Conduct awareness training

The first step in preventing such attacks involves educating employees about the dangers of “shoulder surfing,” a tactic where attackers peek over someone’s shoulder to glimpse sensitive information. Organizations should promote protective behaviors like shielding keypad entries when entering passwords and being cautious of their surroundings, especially in public areas.

Secure disposal practices

Implementing safe disposal practices can interfere with “dumpster diving,” where attackers rummage through trash to find confidential documents. Shred sensitive paperwork and securely destroy electronic media before disposal to prevent information retrieval from discarded materials.

Control access

Preventing “tailgating,” where unauthorized persons follow an employee into restricted areas, requires effective access control measures. Install entry systems requiring individual authentication and instruct employees to allow access only to those with proper clearance. Security personnel and surveillance systems can further deter unauthorized entries.

Verified by MonsterInsights