By Dave Bell
In my role as an IT professional, I'm regularly asked about the types of cybersecurity threats facing small to mid-sized businesses. It's a tough question to answer. That's because the cybersecurity landscape is constantly changing. As hackers and their technology become more sophisticated, so do cyber attacks.
But as we move into 2019, business owners should continue to look out for these two threats: firewall penetration attacks and Trojan horse strategies. Both have been around for quite some time, and it appears they aren't going anywhere anytime soon. Here's what you should know about them.
Firewall penetration attacks
You're probably familiar with firewall penetration attacks, as these are featured in several blockbuster movie plot lines. You know how it goes: the nefarious hacker finds a way to infiltrate the protagonist's internal network. And yes, it happens in real life. Hackers primarily launch these cyber attacks in one of two ways:
- Hacking into your firewall using brute force
This is when the hacker simply tries to obtain a firewall's user name and password. Leaving your firewall login credentials on the default setting could make this a quick and easy job for a hacker, so be sure yours are solid.
- Exploiting vulnerabilities in your firewall
If your firewall isn't updated with the latest security patches, it could be vulnerable to a cyber attack. And here's the thing: Hackers don't spend all day trying to hack into firewalls. To quickly find vulnerable firewalls, hackers employ software that scans a large range of IP addresses (firewalls are attached to these) to identify active firewalls and search for security lapses in each.
Trojan horse attacks
Like the name "Trojan horse" implies, this type of cyber attack is when a hacker infiltrates your network by concealing malware in an email that includes a malicious URL or attachment. When an unsuspecting user clicks on the link or downloads the attachment, the machine becomes infected with the malware. The most common type of malware infection is an exploit kit. Once installed, an exploit kit will sit stealthily on your machine and "phone home," giving the hacker control.
With control of your machine, a hacker might take one of the following actions:
- Install ransomware
This type of malware encrypts the data on your machine or your entire network, and holds it hostage until you pay a hefty sum.
- Install a key logger
A key logger is a form of malware that allows a hacker to monitor your keystrokes. All the hacker has to do is wait for you to visit, say, an online banking website and enter your user name and password.
- Spy on other network machines
Rather than encrypt your files or monitor your keystrokes, a hacker might use your machine as a springboard to find other vulnerable machines on your network.
- Harness your computer's power for cryptocurrency mining
Bitcoin is a digital currency that is—for all intensive purposes—a computer file that is stored in a digital wallet. All bitcoin transactions are recorded on a digital ledger called a blockchain. This serves as "proof" that the bitcoin changed hands. But calculating these transactions is computationally intense.
This is where it gets even more complicated: People who compute bitcoin transactions are called cryptominers, and they earn a small commission for their efforts. With this in mind, hackers will install exploit kits that allow them to harness a machine's power to compute bitcoin transactions. If a hacker has control of thousands of machines via exploit kits, their commission totals could really add up. If this were to happen to your machine, you might not notice performance changes, but you are likely to see your electricity bill go through the roof.
Another way your machine could be infected by malware via an exploit kit is to visit a webpage with ads that have been compromised by a hacker. We call this a "drive-by infection." Even if you don't click on the ad, the fact that your browser opened the page may be enough to give the hacker a foothold.
Don't let your guard down.
The cybersecurity landscape is constantly in flux, so it's important to remain vigilant. Protecting against the threats I've mentioned here—as well as what 2019 could bring—requires a multi-layered defense strategy. Now is not the time to put cybersecurity on the back burner. While cybersecurity threats may change, they aren't going to go away anytime soon. If you're ready to protect your business against the cyber attack du jour, give us a call today.
