Recently, I received a call from a business-owner friend of mine who was frantically asking for advice on an unforeseen situation. Apparently, one of his staff had clicked on an illegitimate link in an email and the staff member’s computer was acting up. After asking a few probing questions about the behavior of the computer, I realized that the machine was in fact infected with a malware. Luckily, we were able to take some immediate actions and contain the damage only to one machine.
Then I got to thinking, perhaps incidents like this are more prevalent than many of us realize. Lo and behold, according to a report by Ponemon Institute, 75% of small businesses in the United States suffered from cyber attacks in 2019. Consequently, this article looks at some of the undesirable situations that can happen to any one of us who use computers throughout the day. I’ve also included a one-page infograph at the end of this page that you may find helpful around the office.
Internet was created with the idea of sharing knowledge and information with no locks and safeguards. Its creators did not anticipate Internet to become a mega-channel for commerce. They also did not expect that certain types of users would exploit this open library to cause harm to others, and make money doing so.
Over time a number of factors has led to an increase in malicious activities on the Internet. These factors include availability and ease of access to the Internet, emergence of the dark web where stolen material and credentials are traded, and others.
Malware – Malware is a computer program created with malicious intents. A few common types of malware include viruses, spyware, and ransomware. Bloatware and adware are examples of less-malicious software. These types of software typically don’t cause damage to the device yet they impact the performance of the device and they report on users’ behavior and habits.
Virus – Viruses are unwanted pieces of software that damage other programs and eventually make the computer unusable.
As the name suggests, spyware monitors the behavior of the user and reports to the mothership. People operating the spyware can then target the user with specific products and promotions. With the increasing popularity of the on-line services, spyware has branched out into ransomware and targeted on-line ads.
Ransomware – Instead of just monitoring the user’s behavior, ransomware does something far more vicious. Engineers behind the ransomware break into the victim’s computer and encrypt the hard drive. In that case, the perpetrator becomes the owner of the data on the victim’s machine and only s/he has the key to unlock the encryption code. When hit by ransomware, the natural tendency is to pay the ransom and obtain the key form the hackers. However, the reality is that all the ethical gloves are off in that situation. There’s no guarantee that after paying the ransom, the attacker will share the key. And even if you receive the key, you may not know how to use the encryption key to unlock your files.
Typically carried out by fraudulent email messages or instant messaging, phishing often directs users to divulge personal information at a fake website, which matches the look-and-feel of the legitimate site.
Phishing attackers use social engineering tactics to trick victims into revealing sensitive data. Perpetrators either sell victims’ data on dark web or use the data to directly exploit victim’s financial or other assets.
Spear phishing is a phishing attack directed at high ranking individuals. Attackers often spend a great deal of time researching their victims, their lifestyles, family members and their connections. Once enough pieces of the information have been collected to build a comprehensive picture of the victim, the attacker strikes using a well-crafted email message. In 2016, Group-4127 used spear phishing to exploit John Podesta’s email account, where contents of emails were released on WikiLeaks.
Whaling is a type of spear phishing attacks directed at senior executives and other high-profile targets. In these cases, the content is crafted to target upper managers and their roles in the company. The content of a whaling attack email may be an executive issue such as a subpoena or customer complaint.
Pharming is a form of social engineering cyberattack, where attackers redirect web traffic to a specially designed fraudulent website intended to mimic the appearance of a legitimate site.
Cyber criminals compromise the domain name system (DNS), redirecting Internet traffic to their pharming site. Once victims reach the fake site, attackers wait while the unsuspecting users log in as usual and submit their sensitive and personal information to fraudsters.
Ways to Reduce Risk
At this point, you might be thinking whether you can protect yourself on the Internet, and the answer is yes. Being vigilant instead of being paranoid is an effective approach to staying safe online. Always be aware of web sites you visit and pay attention to the address bar. If the address of the web site looks suspicions, or a web site you’re visiting redirects you to another unfamiliar address, close all instances of the browser. If you suspect your computer is being infected by a malicious code, scan the computer for viruses and other malicious software using a virus scanner.
Following approaches and recommendations should minimize the risk of falling victim to cyber criminals.
- Make sure your operating system, security and other software are up to date. Outdated software makes your computer vulnerable to exploitation.
- Change the default password on your wi-fi router. When a scammer tries to access your computer, the first place they check is the router. If the router still has the default password, your network is vulnerable to attack.
- Be cognizant of websites you visit. Fraudulent websites can install malicious software or browser extensions on your computer that will modify the DNS cache.
- Be mindful of any emails you open. An email attachment can also contain malware. Always make sure the email is from a known or reputable source. Although, spoofed email accounts can send infectious attachments, so ask yourself: “Am I expecting this email from a dear friend?” If not, either delete the email or verify with the friend whether s/he actually sent you the email with the attachment.
- Refrain from using public wi-fi. Free wi-fi is tempting but it can be costly. First off, these free networks are open to all kinds of vulnerabilities and eavesdropping. For instance, a coffee shop is not in the business of providing the most secured network. If you see two similar wi-fi networks such as Joes_wifi and Joes_Private_wifi, it is possible that a hacker sitting just a few chairs away has set up a wi-fi trap to capture uninformed patron’s information. You’d be much safer activating your phone’s hotspot service and connecting through that. If you absolutely must use a public wi-fi, make sure to have a reputable VPN service to go with it.
- Use strong passwords with a password manager. Days of using a combination of your dog’s name with the name of the city you were born in are over. Along with social engineering techniques, hackers use sophisticated dictionaries to arrive at all kinds of complex phrases. Strong passwords are ate least 8 character long, employ a combination of upper and lower case letters with numbers and special characters such as #, &, @. Remembering such a password is not easy and that’s why you need to use password managers to track all your passwords. Of course, you should not use the same password for multiple web sites, especially if those web sites are critical to your lifestyle, and we’re not talking about social media web sites.
- Use 2-factor/multi factor authentication to access important web sites.
- Back up your critical data.
You can find these tips in the pdf document here. Feel free to use this document as a reminder to yourself and to your staff and keep your business safe from malicious activities.