Know your enemy:
What are 5 sources/types of potential digital threats to your organization?
1. AI-Powered Cyber-Attacks
AI attacks can be far more powerful than traditional ones. AI is able to analyze large amounts of information fast, it can mimic the tone and cadence of people flawlessly, and it can run independently at fast speeds. With these possibilities, there are many ways that AI can be used to steal important information.
AI can be used to flawlessly encrypt a virus’s digital footprint in a system. It can also be used to create highly personalized communications, such as emails and voice calls. This makes it easier to trick people into clicking on malicious links or sharing sensitive data.
2. Insider Threats
Insider threats come from employees or business partners. These are people who have been granted access to company systems. This includes insiders who intentionally cause harm, and people who accidentally cause security vulnerabilities.
This can come in the form of an unhappy employee who got fired, and so they want to get back at the company by sharing their trade secrets or software. On the other hand, it may come in the form of a malicious actor. Perhaps someone from a foreign country that is at odds with our country has infiltrated the company and wants to steal information.
https://www.mcgriff.com/resources/articles/insider-cyber-threats/
3. Phishing
Phishing is a way to steal sensitive information by posing as a trustworthy source that has something alluring to offer. It’s used to steal passwords and usernames. The information that is stolen is often information that can give them access to bank accounts and credit cards.
An attacker might send an email to an employee that says it’s from one of their suppliers. This email will contain a link to a malicious copy of the supplier’s login page that sends any information to the attacker. This gives the attacker information that could hurt the company.
https://www.cloudflare.com/learning/access-management/phishing-attack/
4. Unpatched Systems
These are systems and software that haven’t been updated to the latest patch. Software patches are used to fix vulnerabilities and improve the software. If left unupdated, this leaves a door wide open for bad actors who want to make use of known vulnerabilities in the software.
To update software constantly can be a hassle; it costs time and money. So some companies don’t do it often. For instance, there was a massive data breach at Equifax in 2017(1), caused by a security vulnerability that the company had known about for months.
https://www.splashtop.com/blog/risks-and-vulnerabilities-of-unpatched-software
1. https://www.reuters.com/article/us-equifax-breach/equifax-failed-to-patch-security-vulnerability-in-march-former-ceo-idUSKCN1C71VY/
5. Ransomware
Ransomware is a virus that locks down your computer and encrypts files until a payment is given to the attacker. These often come with a deadline and a threat to leak the information if not paid in time. It’s a form of digital extortion that is often found embedded in phishing emails, ads, or malicious websites.
https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-frauds-and-scams/ransomware
Know yourself:
Identify 5 digital processes, systems, and/or functions your company has in place.
1. WiFi Systems
Depending on the level of security, WiFi can be a powerful tool to gain sensitive information. With Open/unsecured networks, a bad actor can track and gain anyone’s data that is on the network. It’s slightly trickier if the network has a password, but it’s still easy to steal information if they know the WiFi password. Another level of security is a MAC address, but all you need to bypass this is a spoofed or modified address.
It gets hard if the network has the latest Encryption protocol, or people are using VPNs. But with the old WPA2 protocol, it was possible to use something called KRACK to manipulate and decrypt data. Sadly for hackers, this has since been patched with WPA3.
https://www.cisco.com/site/us/en/learn/topics/networking/what-is-wi-fi-security.html
2. Emails
There are alot of security threats that come with using emails. For example, phishing, malware, or social engineering can happen within them. If your employees are untrained, they can easily fall for many different kinds of attacks that happen through email.
A bad actor could use AI to personalize an email by making the email look like it’s from one of the victim’s coworkers. That opens up the possibility that the victim will trust it and thus click the attachment it has. Malware is then installed onto the victim’s computer, letting the bad actor gain access to valuable data within the company.
https://www.darktrace.com/cyber-ai-glossary/the-most-common-email-security-threats
3. Website Software and Plugins
Plugins account for 90% of security breaches on CMSs like WordPress. And the more plugins you have on your website, the higher the chance that they can get hacked. That’s why plugins are a powerful door for any bad actors who want to gain access to valuable information.
If you were a bad actor, you could search through the latest patches on popular plugins to try to see what the vulnerability was. Once you figure it out, you can then do a mass attack on websites that have that plugin until you find ones with that vulnerability. This is then a door to valuable information.
4. CRM systems
CRM systems hold tons upon tons of customer data. This leads them to be a big target for bad actors who want to get access to this gold mine. There are vulnerabilities with the people using it, because these tend to be underpaid workers who aren’t well-trained. And there are vulnerabilities with the software that CRMs connect to. These integrations with other software tend to be the weak link.
https://cacm.acm.org/blogcacm/the-cyber-vulnerabilities-lurking-in-crm-systems/
5. Document sharing systems
Any form of document sharing can come at a risk. It’s prone to social engineering and sometimes hacking. But mostly, with the use of secure sharing methods, the risk comes from social engineering.
Bad actors can impersonate a victim’s coworker or a trusted vendor. They tend to use urgent wording to get the victim to act fast without thinking. Some might send documents with attachments that are malicious. Or some might ask for personal and sensitive corporate data.
Develop your strategy:
Make 5 recommendations that your company should adopt to be safer, secure, and reliable.
1. Update software frequently
Having a timely schedule for updating software will help to address point 4 of “Know your enemy” and point 3 of “Know yourself”. Having frequent updates decreases the chance that company data will be stolen by bad actors who are making use of vulnerabilities in software and plugins. Frequent updates will also keep your software running faster and better.
2. Train employees in cyber awareness.
Proper training helps to negate social engineering attempts and similar digital coercion, like I addressed in alot of my previous points. A few points in the training should be on how to spot bad links, bad emails, etc. And how to properly verify that messages and documents have been sent by a trusted individual.
3. Secure networks
Securing any WiFi networks to the latest standard of encryption will negate most of the threats that WiFi networks pose. You can also set up preventive devices that scan networks to try and find potential security risks. And there are some other devices that will scan networks to block any unwanted traffic.
4. Segment access
Segmented access is a way to prevent any breach from becoming viral. It segments each employee’s access to software and files, only allowing them to access what they need for work. This will contain a hack if an employee clicks on something they shouldn’t have, or if an employee gets their password stolen.
5. Use backup servers
Backing up any and all data is a good practice if anything goes wrong. It’s good against ransomware because you have an extra copy of the data they are trying to sell back to you. It’s good against hackers and viruses that brick computers. And it’s generally good in case something crashes or breaks, like during an update gone wrong.
0 Comments