In-depth

How to protect against cyber threats

IT Pro looks at the four biggest enterprise cyber threats and how to protect against them...

The cyber threatscape is a dynamic and rapid environment where individual threats hit the victim, the headlines and the waste-bin of history in quick succession. Some threats, however, are the hardy perennials of the security world. So how do you deal with those?

Malware

Malware is short for malicious software, and long on threat durability. Last year enterprise organisations downloaded a piece of known malware every 81 seconds. Malware itself is constantly mutating, with some reports suggesting as many as 12 million new variants were produced every month last year.

Advertisement - Article continues below

To frame that rate of growth in some contextual perspective, more 'new' malware was seen across the last two years than the entire previous decade in total. As more and more criminals cotton on to the fact that they can still make a tidy profit by selling 'malware-as-a-service' packages, expect this number to keep growing.

Endpoint protection software - i.e. software which protects the actual laptops and smartphone used by employees - is a good first line of defence against malware, as many forms of malware (particularly older strains) will be caught by modern anti-virus programs and the like.

For the same reason, making sure your software is as up-to-date as possible when it comes to security patches is a must. Most malware takes advantage of security holes in older versions of software that go unpatched by lazy or overworked IT departments, and issuing the appropriate fixes can often plug many vulnerabilities with a single stroke.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Sometimes, however, the caca inevitably hits the fan, and if the worst should happen, backups are an excellent way to ensure your business can bounce back in hours rather than weeks. Taking regular backups is an excellent way to de-fang ransomware in particular, as simply restoring from yesterday's backup is easier, faster and cheaper than ponying up the bitcoin to get your devices unlocked.

Phishing

Due to the extremely low entry requirements, phishing remains by far the most common attack vector for cyber criminals. The goals of a phishing attack can vary, ranging from simple financial fraud to credential theft and the installation of ransomware and rootkits.

Thankfully, phishing is relatively easy to defend against. There are numerous vendors selling phishing detection solutions and whatnot, but the simplest way of foiling phishermen is staff education. Training employees to spot suspicious emails in simulations and mock attacks can improve infection rates dramatically, and will pay dividends over time.

Advertisement - Article continues below

Of course, some attacks are more targeted than others and criminals will often use carefully-crafted 'spear-phishing' campaigns that have been specifically adapted to work against a certain target. These are more difficult to detect, which is where tools like spam filtering can be beneficial.

Distributed Denial of Service (DDoS)

Although malware remains at the top of hacker tools to disrupt network traffic and take websites down, enterprise-targeted DDoS attacks are hot on the heels of such strikes. In fact, the two often run side-by-side to cause as much disruption as possible to an organisation.

The problem with DDoS attacks is that they cause a huge amount of damage to a business and can bring an entire website down, even if the organisation thinks it has the capacity to deal with a digital battering ram. Consumers are largely kept out of the loop, only experiencing the results of the attack essentially, not being able to use a website rather than finding themselves directly targeted.

The motivation behind such attacks varies. Sometimes the attacker wants to take a political stand against the business in question, while other criminals might want to cripple the company financially. There's also the possibility of holding the firm to ransom, although it's less common than the other reasons behind DDoS attacks.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Whatever the reason hackers decide to launch a DDoS attack on a company, the overall motivation is to cause business disruption, affect customer churn and increase the cost of operating. Added to that, criminals sometimes use DDoS attacks to take the focus away from another attack on the network, so the onslaught could end up costing more than it originally appeared.

Business can protect against DDoS attacks using layered defences including 'scrubbing' networks, which entails passing it through high-capacity networks using scrubbing filters that clean the traffic, or by using web application firewalls that stop attacks from infiltrating the network.

Shadow IT

At number three on our list of cyber threats to the enterprise is something way too many people don't properly understand: shadow IT.

Although the term itself is becoming more commonplace, it tends to be wrongly dismissed as being synonymous with the Bring Your Own Device (BYOD) mobile technology phenomena. The real threat, however, comes to the organisation through rogue services that employees (and management up to and including the C-suite are often amongst them) use to increase productivity but which are completely unauthorised.

Advertisement - Article continues below

By flying under the organisational radar these services, which can range from cloud storage provision through to social media tools, are also off the security map. Securing endpoints that aren't visible to you isn't easy. In fact, it's pretty much impossible to stop all shadow IT use, but you can control and secure it through a mix of education, policy and technology.

Educated staff who are aware of the risks associated with unauthorised service use are more likely to ask for help, especially if policy encourages this rather than brandishing an executioner's axe. The final piece of the puzzle is technology, which can help bring visibility and control back to the organisation. Small steps such as monitoring expenses and implementing authentication through a centralised billing system can have a big visibility reach. 

WATCH: Learn more about the security threats facing businesses today and how to combat them in this free webinar WATCH NOW

Advertisement
Advertisement

Recommended

Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020