Top five most common security hacks and how to avoid them | Central Technology
 


Top five most common security hacks and how to avoid them


No matter what size your business is, small or large, there’s always a risk of falling prey to predatory hackers.

Hackers are often out to steal passwords in order to gain access to secure services such as online banking, or to encrypt documents and holding the decryption key to ransom. Sometimes, their purpose is to destroy a company’s reputation or exploit its vulnerabilities, to devastating effect.

Unfortunately, in a day and age when most business is done digitally, it’s becoming easier and easier for hackers to target organisations through the likes of email, social media and software.

Thankfully, that’s where we step in. To help you recognise the threat of hackers, we’ve put together a list of the five most common hacks and what steps you should take to avoid them to keep your business safe.

Phishing

It’s always important to be cautious when opening emails, as phishing uses carefully crafted email messages to trick people into giving up personal information.

Whether it’s a not-to-be-missed deal, a court summons, an alert from the police or a must-have software download, these bogus emails will often prompt you to type in your password or click on links that take you to infected sites.

To prevent your business from falling foul to Phishing:

  • Always double check the source if you’re unsure, even if this means calling up the office or person who sent the email
  • Stay up to date on the latest scams and security threats. Sites such as The Hacker News can help keep your business in the loop
  • Make sure all software, operating systems and browsers are updated with the latest patches
  • Always retype the URL of any link you receive into your browser before automatically clicking it (if your hover your pointer over a link in an email, the true URL will be shown).

Website Vulnerabilities

There have been many instances where hackers have found a weakness in a website and used it to harvest user account information. A famous example of this was in 2012, when hackers cracked a whopping 6.4 million LinkedIn passwords using this technique. This presents a significant risk where the same password is used to access different online accounts, a breach on one of these websites potentially allows access to other accounts for different services.

To prevent this from happening to your business:

  • Use a unique password for every account
  • Use a password manager such as LastPass or Dashlane to keep track of them all securely.

Malware Attacks

A hacker’s greatest weapon is malware, which is software designed to disrupt, damage or gain access to a computer system.

The likes of viruses and Trojans can enter your network via malicious malware like USB drives, infected websites or applications that can capture keyboard strokes and data.

A high-profile example of this technique occurred when hackers targeted 40 companies including Apple, Twitter and Facebook. They achieved this by infecting a mobile developer’s website.

To prevent malware attacks on your business:

  • Be cautious when dealing with emails and attachments
  • Restrict your software downloads to approved manufacturers only
  • Keep your security software updated regularly
  • Update all software as soon as it requires it

Ad Baiting

This malicious move involves attackers selling advertising space to third parties on high-profile websites. They secure sidebars or pop-ups by registering a verifiable email address and linking it to a seemingly legitimate website. Once the advert goes live, visitors who click on the link will be directed to an infected page where they fall into a malware-ridden trap.

To stop this happening to your business:

  • Always obtain the likes of products and software from a reputable source such as app stores and big brands
  • If you’re selling advertising space, be wary of buyers. Make sure to do background checks, twice if necessary

Password infringement

Commonly known as ‘keylogging’, this is one of oldest and easiest hacking techniques. Using basic software to record the strokes you make on your keyboard or the movements and clicks you make with your mouse, hackers can work out sensitive data such as user names and passwords. This is especially easy to achieve as 80% of passwords are weak, with 55% of people using the same password for all logins.

To prevent this from happening to your business:

  • Use a unique password for every account
  • Always make sure it’s at least 20 characters, including numbers and special characters
  • Use a password manager such as LastPass or Dashlane to keep track of them all securely
  • Use an on-screen keyboard which will scramble or encrypt your text as you click on each key (you can also get these as apps for personal use)
  • Toughen up on your employee access control and never send login details by email in the event that an unauthorised user has gained access to the account

Denial of Service

Also known as DoS, or Distributed Denial of Service (DDoS) – where multiple sources are used to make blocking the unwanted traffic very difficult, this classic hack is used to take business systems offline by overloading them with the likes of login attempts and data requests.

These attacks are sometimes used as a distraction to allow a vulnerability to be exploited while IT staff are busy trying to block unwanted traffic. The UDP protocol is usually used to send data to the target as this allows the payload of data to be delivered without establishing a connection, saturating the connection even if the firewall is configured to block the traffic.

Due to the size of these attacks they typically have to be blocked on the service provider network upstream of the target’s internet connection to ensure a continuation of service during the attack.

To protect your business from DoS, check your service provider includes DDoS protection as part of the service. Central Technology has a DDoS solution in place to protect all our services.

Of course, while these hacking techniques are common and fairly easy to look out for, there are many more complex ways that cyber-crooks can infiltrate your business.

The very best defence against hackers is to let us take care of your cyber security.

To find out how we can help your business stay safe, get in touch with one of our team members today.

  • Share:  

No Comments

Be the first to comment!

Leave a comment