The most frequent cyber attacks on businesses, and what we're doing to protect our customers
Chris Barr, Technical Director at CT looks at the most frequent Cyber Attacks on Businesses – and what we are doing as a business to protect our customers.
Small firms in the UK suffer close to 10,000 cyber-attacks daily, according to research from the Federation of Small Businesses (FSB). This threat is evolving rapidly due to the current business climate with huge numbers now working from home and connecting to a remote system via the internet.
Cybercrime can sometimes be overlooked by businesses and it is vitally important organisations have the right protection measures and a bullet proof back up system should the unthinkable happen. Below we have taken a look at the most frequent cyber-attacks and how we, as a business, are working with leading global security and back-up specialists to provide our customers with the ultimate protection.
Distributed Denial of Service (DDoS)
A DDoS attack involves bombarding a website or server with artificial traffic to the point where it can’t handle it, resulting in long delays for users or a server completely failing. Sometimes a denial-of-service attack can act as a diversion – hackers don’t actually get any benefit from the attack itself but carry it out to create chaos so they can break into the organisation’s network whilst it focuses on restoring its website.
One of the most important things you can do to protect yourself against a denial-of-service is to secure your network with advanced systems – firewalls, anti-spam and content filtering together – will enable consistent defence and allow little outside traffic.
Phishing – a term meaning to ‘fish’ for passwords and financial data – involves scammers posing as a trustworthy business or service such as a bank in order to gain sensitive information from victims.
Spear Phishing is a little more complex and harder to spot. Just like Phishing, emails and messages will look completely convincing, but Spear Phishing is targeted. Attackers will take the time to create messages that are personal and relevant, often falsifying an email to make it appear as if it is coming from someone you know. They’ll even clone websites to fool you into entering personal information such as login credentials.
If you do receive a suspicious email, don’t respond, and take immediate action. Your IT team should run anti-virus software on the device, change all passwords for accounts that use the password captured by the hacker and contact the company or person that was impersonated. To prevent Spear Phishing, be suspicious of unexpected emails, keep spam filters turned on and check them regularly.
Man In The Middle (MITM)
You might not have heard of the name – but Man In The Middle or MITM attacks are very common and you may have even experienced it. It’s a type of attack that occurs when a cybercriminal disrupts communication between people or systems. An attacker could impersonate two users – using both to manipulate each other and gain access to their data. The users are unaware that they are communicating with a cybercriminal and not each other.
There are some simple things you can do to protect your business and its employees, such as HTTPS using browser plugs, to secure logins and online transactions, create separate Wi-Fi networks for guests, internal use and business data transfer, not allowing employees to use public networks for confidential work and asking your IT provider to install an Intrusion Detection System (IDS).
During a drive-by attack a cyber-criminal will target you through your internet browser. They will directly attack your computer, installing some form of malware as soon as you land on an infected site. It can even occur if you visit a legitimate website that has been compromised by hackers – or they may redirect you to a malicious site.
To protect yourself from this kind of attack, keep browsers and operating systems up to date and don’t keep too many unnecessary apps and plug-ins – this leaves you more vulnerable, for attackers to exploit through different means. Stick to sites you would normally use but be aware that popular websites may fall victim to drive-by attacks.
It’s important to keep up to date on the latest and most common attack methods and learn how your business can remain protected. A disaster recovery plan is the next step in data protection and one every business should have. This could save you downtime, the threat of a data breach and a loss of revenue.
At CT, our business continuity solutions involve a bespoke disaster recovery plan for your business. Please do get in touch with one of our sales team today to see how we can help protect your organisation.
Demonstrating how CT is leading the way in protection of our customers most valuable data
The surge in remote working not only increases the amount of ransomware threats, but creates a massive spike in the volume of unstructured data that businesses have to process, including phone calls, emails, IM’s and collaborative files. As a result we needed to find a solution to provide a more robust ransomware protection and cost effective back up O365 solution for our customers.
The technical team here at CT has joined forces with two global leaders, Veeam and Cloudian, to develop a unique solution that offers bullet proof protection for our O365 customers.
Together we developed a unique solution built on Veeam software and Cloudian’s HyperStore object storage platform. This object lock solution works on the techy acronym ‘WORM’ principle. ‘Write Once, Read Many’ which simply means you can write data onto a disk just once. After that, the data is permanent, cannot be infected but can be read any number of times. It is the perfect solution if you have vast amounts of data that you want to store and access as and when needed.
This also allows us to take advantage of more cost-effective service models and pass savings on to our customers, using smart algorithms to intelligently move infrequently-accessed data to low-cost archive storage, saving our customers money and allowing them to focus on mission-critical data instead. If you would like to find out more about this enhanced service, click the link below and view our recent global webinar. https://www.ct.co.uk/services/enhanced-data-protection-for-office365