Common cyber-attacks and how to prevent them...

Cyber-attacks can be a regular occurrence in business. Every business has something of value to a cybercriminal, but not everybody understands common cyber-attacks. Let’s look at common stages that cyber-attacks follow and how to prevent them at each stage.

Every organisation is a potential victim

While it’s impossible to say if you will suffer from a cyber-attack. One thing we can say is that every organisation has something of value to a cybercriminal. Most companies want concrete information about when and how they will get attacked before they invest in cybersecurity defences. It’s complicated to give an accurate assessment when it comes to cyber-attacks.

If you openly demonstrate weaknesses in your approach to cybersecurity by failing to do the basics, you will experience some form of cyber-attack. It’s as simple as this. Every organisation should implement even the most basic cybersecurity controls.

Four Stages of a Cyber Attack

Common cyber-attacks will follow four stages;

Cyber security

Let’s look at what happens at each stage including the affects it can have on you and what the cybercriminal does at each stage.

Survey

The Survey stage is the first part of a common cyber-attack. The hacker will be investigating and analysing available information about the target to identify potential vulnerabilities. It’s the easiest stage to execute for the hackers but doesn’t always guarantee results. They can look for open source information such as social media or use readily available commodity toolkits and techniques.

Delivery

Once an attack reaches the delivery stage cyber criminals can start to exploit vulnerable systems on your network. Infected E-mails or websites can see malicious code downloaded onto your devices. The malware can also include already infected devices such as USB sticks. The more information the cyber criminals gather in the survey stage, the more likely the delivery phase will be successful. 

Breach

The breach stage is where the damage starts to take place. The attackers will be able to make changes that affect the system’s operation. They can gain access to online account and systems which in turn gives them full control of a device. Despite achieving a high level of access, they can still go undetected without the user knowing.

Affect

Depending on their motivation, the attacker may seek to explore your systems, expand their access and establish a persistent presence (a process sometimes called ‘consolidation’). Taking over a user’s account usually guarantees a continuing presence. Taking over an administrator’s account is an attacker’s Holy Grail. With administration access to just one system, they can try to install automated scanning tools to discover more about your networks and take control of more systems. When doing this, they will take great care not to trigger the system’s monitoring processes, and they may even disable them for a time.

Survey

If you can make the survey stage difficult for the hackers, it will decrease your chances of suffering a cyber-attack massively. You will never stop 100% of attacks, but you can follow these two steps to help your business;

• User training – Previously mentioned. Make sure everybody is aware.
• Secure configuration – Implement a security protocol at your work such as password protection, and administrator rights 

Delivery  

If the hacker gets past the survey stage, you can still block the attacks. Instead of personal changes to prevent the delivery stage you need changes to your network;

• Up-to-date malware protection – Malware protection will stop software that tries to gain access or damage a computer without the knowledge of the owner.
• Firewalls and proxy servers – A firewall filters what will come through onto your network. Anything that looks like spam or an attack isn’t allowed onto the network.
• Technically enforced password policy – See below for our password guide.
• Secure configuration – See the previously mentioned survey stage.
• Everybody can be responsible for the first two stages of mitigation.

Breach

• The breach stage is dangerous as it’s where the hacker first gets access to your network, but there are ways you can protect yourself;
• Effective patch management – This is making sure the process of deploying and maintaining software in business gets planned and checked correctly.
• Malware protection with internet gateway – See above.
• Well implemented and maintained user access controls – Make sure each member only has access to what they need and nothing more. Keep a record of who has access to what.
• Secure configuration – Yes, it’s here again!
• User training, education and awareness – This stage should be for the most advanced members of your team (managers, etc.).
• Monitoring capability – Not only should you make sure that all members of staff are aware of cyber-attacks and how to avoid them but make sure they can carry out the techniques. If it comes quickly to them, let them teach others!

Affect

Once a cybercriminal gets to this stage it can be challenging to stop the attack. The good news is by following the previously mentioned controls you will prevent most attacks that use commodity capabilities. If the hacker is using bespoke capabilities, it stands a good chance they will be able to get into your system.

To help with this stage, you should understand what normal activity looks like on your network. Having systems that detect unusual activity will help safeguard you against any attacks. Just by reading this article you’ll already be more clued up on cyber-attacks then the majority of business.

By understanding the common stages and how they can harm your business it allows you to think logically about your cybersecurity.

Don't let inferior IT support hold back your business - Speak to one of our experts today and see how we can help your business reduce risk and achieve success using our fully managed IT support service.

Contact Aero Networks today on 0191 484 1230