Two recent global cyber attacks demonstrate how vulnerable businesses and government organizations are to data breaches. On May 2017 a ransomware attack called WannaCry struck hundreds of business, government and personal pcs world wide. In June 2017 another cyber attack first struck Kiev and spread internationally.
Both attacks are believe to used a hacking tool developed by the US agency NSA that was leaked or stolen earlier this year. The viruses exploited a known vulnerability in the Microsoft platform. Microsoft issued a patch to fix the issue in March 2017 but many organizations and individuals failed to implement it.
Every business, organization and individual PC user needs to take cyber threats extremely seriously as an infected computer or network compromise data or literally make a system inoperable.
What type of cyber threats exist today?
Cyber attacks can be classified into three broad categories based on hacker intent:
- Ransomware: A computer or network is infected with a computer virus that encrypts the internal data making it inaccessible to the user. The hacker offers a “virus antidote” in exchange for a fee, usually paid in bitcoins.
- Data Acquisition: Personal or private information or data is accessed for profit. Types of data that are valuable to hackers are credit card numbers, social security numbers, personal medical data, email accounts and passwords. The hacker will usually sell this information.
- Malicious Intent: The intention is not profit driven but more malicious. It may be politically motivated or driven by disgruntled ex-employees or hacker just wanting to create havoc. It could be one government attacking another government by compromising its power grid or nuclear power plant.
How do systems or computer become compromised?
Email: Perhaps the most common way that systems are compromised are through email. An email is sent to a user that encourages the user to download a file that contains a virus or click on a link that takes them to website that will download the virus to the computer. Once the virus is downloaded to one computer in the system, the virus can automatically spread to all computers on the network.
Another common technique using emails is called phishing where the email attempts to “trick” the user into divulging passwords. For example, one may get an email that looks like it is from PayPal or a bank. The email warns the user that the account has been shut down due to recent activity and that they should log in to the account to fix the issue. The link that is on the email is actually a fake website that has a log in that will simply collect the access data unwittingly provided by the user.
Drive-by Viruses: Users can unwittingly download a virus onto their computer by simply browsing infected websites. It use to be these websites were created by hackers and try to lure users in with fake promotions or simply using pornography. The recent trend is that hackers are infecting more mainstream websites with this code.
Malvertising: Ads are placed on well known sites through common legitimate advertising networks. The Ads are infected with a small code that can get downloaded onto a user’s computer.
Phishing Websites: Related to drive by website is a user is lured to a website that can “freeze” the browser and show a message that states that your computer is infected and you need to call a phone number immediately. The message may appear to be from a legitimate source such as Microsoft. When the victim calls the number, they are advised to download special sharing software so that the hacker can access your system.
How can you protect yourself?
Businesses and organizations should hire knowledgeable IT companies to set up and manage their computer networks. They can implement the firewalls and virus protections and make sure that the systems are updated.
Keep your system and platforms up-to-date. It was noted that may systems failed to upload the latest Microsoft patch that addressed the vulnerability exploited by the wannacry virus.
Install a good virus/malware protection system and keep it updated.
Isolate your file systems from your email. This may be inconvenient but if someone downloads a virus from email and corrupts there computer, the virus has no path to infect the important files.
Back up your files onto a separate system that is not connected to the internet. If your computer does come under attack, you still have access to your valuable data.
For documentation, many organizations are backing up their digital files to microfilm. By doing this they can still manage the documentation digitally, but will have access to physical documentation if their computer system becomes corrupted.
Never browse the internet with an admin account. Create a guest or second account for browsing the internet. This account is isolated from your valuable data and generally can’t be accessed from a different account. This also prevents a virus from infecting the data.
Training and awareness: Your employees are perhaps the weakest link in your security system. There should be periodic training and communication regarding safe email practices.
Disgruntled or dishonest employees are another common way that a business can get there data compromised. There have been a number of major data breach incidents over the years where experts suspected help from an “insider”.
Microfacs specializes in converting digital files into “eye readable” microfilm. You can read more on the various reasons for doing this here.