The criminals use various methods to infect our systems, either to steal money or sensitive information.
Let’s have a look at the top three cyber security threats on the rise at present, how they work and how you can secure yourself from them.
(1) CEO Fraud
What it is?
This is one of the common internet frauds these days in which the fraudsters try to trigger an unauthorised transfer of funds.
How It Works:
A fraudster posing as a Chief Executive Officer (CEO) sends an email to Chief Financial Officer (CFO) with a request to transfer a considerable amount to an account. There may or may not be a reason elaborated in the email for the request.
Sometimes, extra instructions are also provided to the victim while in most cases, only the email proves enough.
These emails look legitimate to CFO, and he transfers the amount. When CEO returns to the office, he finds that fraudster has caused a huge loss to the company.
According to Federal Bureau of Investigation (FBI), around 1200 companies fell victim to such fraudulent activity in the US in the last three years, losing a total of 2.3 billion dollars.
How to Counter It:
Since this type of attack technically not falls into the category of cyber crimes, there is not a technical solution of it.
The only thing you can do to make that this never happen in your company is to ask your CFO not to transfer funds just on email instructions and also make a conformation phone call to CEO.
What it is:
Ransomware is a piece of malware that blocks the users from accessing their system until they pay a certain amount of money.
How It Works:
It all begins when you click on an infected popup advertisement visit an infected website, allowing the malware to penetrate in your computer.
As a result, the cyber criminals hold your computer hostage and ask you pay a certain amount of ransom through an online payment method to get a key to unlock it. Ransomware attack puts pressure on victims, stating that an increasing number of files would be deleted after every 30 minutes if you do not pay up.
The amount of ransom varies but most often the criminals ask for a small payment, which the victim prefers to pay to avoid the hassle of coping with the malware.
How to Counter it:
Always keep an off-line back-up of all of your important data and make sure that it can be restored when required.
A major drawback of connecting your back-up to the network is that it could also be encrypted by the criminals.
With a backup available, you have no need to worry if your system comes under ransomware attack.
(3) Advanced Persistent Threat
What it is:
This is a highly customised and sophisticated attack in which an unauthorised person gets access to a network and stays there for a long time without being detected.
How it Works:
Unlike many traditional threats, APT is are planned and designed with an objective of targeting a specific company to steal its data.
In these attacks, the attackers use different techniques to break into to a network. A common method to carry out such attack is spear phishing, an e-mail spoofing fraud to spread malware to the machines of a company/ organisation.
After getting access to the network, the attacker can monitor its activities and navigate from system to system to obtain desired data while remaining undetected.
In past, APT attacks were used primarily to gather sensitive data of high-profile organisations or companies. However, these days, the criminals also target small or less-known companies/organisations using this method.
How to Detect and Counter APT:
As mentioned above, such attacks are very difficult to detect. However, a constant network analysis tells you that is your network is working normally or there are unusual activities happening inside it.
Increased in log-ins at the time when the employees usually not access the network, large flows of data and transportation of unexpected data bundles in the network are some of the key indicators of APT attack.
It is unarguably very important to Implement sophisticated security measures capable of detecting these threats on the network and responding to them. But the more important measure is to monitor the behaviour of the network and take immediate action if there is any warning indicator.