A Beginner’s Guide to Cyber Security Threats

Unfortunately, cyber attacks are increasingly common for Canadian SMBs.

According to the 2020 Cyberthreat Defense Report, 78 percent of Canadian organizations experienced at least one cyber-attack within a 12-month period. However, the report also found that companies with a solid strategy in place to guide security initiatives were significantly more likely to report successful outcomes.

There is a common misconception within the cybersecurity industry that bigger means better. But, your company’s smaller size doesn’t mean you can’t or shouldn’t build a resilient approach to security. Cyber-attacks are increasingly sophisticated, so it is wise to keep up with and understand the cyber threats your organization faces. Learn about the most common types of malware and phishing threats, how they’re delivered, and the vulnerabilities they seek to exploit.

Malware

Planted “malware” breaches a network when a user clicks a dangerous link or an email attachment which installs malicious software inside their system. Malware can access information by retrieving data from the hard drive, interfere with the system, or even make everything irrecoverable. The most common types of malwares include:

A Virus. This is a type of computer program that can replicate itself by modifying other computer programs, inserting its own code, and infecting other code in the system. Viruses can also create a decoy virus file with the same name as one of your files, but with an .exe extension.

Ransomware threatens to publish a victim’s personal data or forever block access to it unless a ransom is paid. Advanced ransomware uses crypto viral extortion, so the victim’s data is impossible to decrypt without the decryption key.

Spyware, which is a type of program installed to collect information about users, their systems and/or browsing habits. This data is sent to a remote user and the hacker then uses the information for blackmailing purposes and/or to download and install other malicious programs.

A Trojan is a type of malware that appears to be legitimate software. Trojans are used by hackers trying to gain access to users’ systems. Unlike viruses, a trojan doesn’t replicate itself as it is commonly used to establish a ‘backdoor’ to be exploited.

Worms are self-contained programs that propagate across networks and computers. Worms are often installed through email attachments, sending a copy of themselves to every contact in the infected computer email list. They overload an email server for a denial-of-service attack.

Phishing

Phishing attacks are a type of fraud in which an attacker poses as someone else via email (usually) and tries to trick the recipient into clicking an attachment to download malware so they can gain control of a device, or log into a website to extract login credentials and account information. Phishing gets its name from the idea that attackers are fishing for random victims by using spoofed emails as bait. Phishing is very popular among cybercriminals because it is easier to trick someone into clicking a sinister link in a seemingly legit phishing email than it is to break through a network’s backdoor.

Phishing attacks also take place on various online communities and social networks, especially through direct messages. Phishers often use these spaces to collect information about a target’s work, interests, and activities, which helps them derive convincing messages. There are several types of phishing attacks, including:

Spear Phishing, which is a targeted attack, directed at specific companies and/or people. They are very successful because the attackers give very specific information, like referencing a recent conference the recipient had attended, to make it seem like it’s coming from someone the recipient knows personally.

Whaling– a type of phishing attack specifically aimed at senior executives and/or stakeholders within an organization, as this type of higher-profile targets is more likely to have access to confidential information.

Smishing, a joining of “phishing” and “SMS,” is a cyberattack that uses misleading text messages to deceive victims into believing that a message has arrived from a trusted person or organization. It then convinces you to take action that gives the attacker exploitable information like bank account login credentials.

Vishing stands for “voice phishing” because the victim receives a call with a voice message claimed to be from their financial institution. Oftentimes, the message asks them to call a number and enter their account information or PIN for security, but the phone number directs to the attacker through a voice-over-IP service.

Pharming installs malicious code on a computer system or server which directs those targeted to fraud websites that mirror legitimate ones to trick and misguide them.

While the methods change, the goal of stealing personal information (login credentials, financial information, personal details) remains the same. Someone can fall victim to pharming by clicking on an authentic link if the website’s domain name system (DNS) has been hijacked by a hacker.

What to do to stay safe?

Watch for Phishy Emails

Phishing emails tend to have grammatical errors and are usually written to invoke fear and/or a sense of urgency. They may also want to verify personal information, such as financial details or a password. Try to avoid clicking on unexpected email attachments and make sure to cross-check any unfamiliar emails.

Check for HTTPS in URLs

DNS spoofing doesn’t work on HTTPS websites. Shady links tend to be subdomains, misspelled URLs (typosquatting), and otherwise suspicious URLs.

Multi Factor Authentication (MFA)

Using multiple authentication methods (one-use texted codes, biometrics, and physical keycard) to gain access into your network makes it harder for attackers to hijack accounts with just the username and password.

Cybersecurity Awareness Training

Unfortunately, employees are the most vulnerable link in the chain of cybersecurity. So, it is incredibly important to provide employees with proper security awareness training to guide them to identify the potential cyber risks.

Layer Security Controls

Use antivirus software, an anti-phishing toolbar in your web browsers, a web security gateway, a gateway email filter, firewalls for both desktop and network, anti-spyware software, and a phishing filter from a trusted vendor like Microsoft. At WW Works, our preferred product is Covalence, which provides a complete solution for monitoring, detecting, and responding to cyber threats across every aspect of a modern IT environment. This includes networks, cloud services, endpoints, and devices used for remote work. We trust its security capabilities for our small- and medium-sized business partners, and of course, we trust Covalence to protect us too!

Due to the pandemic, companies and their employees were pushed into sudden remote working without safe remote networking capabilities. This quick shift has left many unsecured cracks that cyber hackers are constantly looking to exploit for financial gain. Becoming more aware of cybersecurity threats, specifically malware and phishing, is the first step. What else can you and your organization do to prevent them from happening?