Here's how hackers convince employees to install various forms of malware onto their devices
Various groups and individuals try to get employees of businesses to install spyware, adware, malware or viruses to their computing devices, like laptops, notebooks, and desktop computers. These devices are vulnerable because they run complex operating systems that aren’t walled off like a mobile device.
Check out this infographic for a detailed view of hackers' frequented points of entry into company networks.
A common malware entry point for desktops/notebooks is directly from the web. The two methods employed are:
Drive-by download: A program automatically downloaded to your computer without consent or knowledge). Drive-bys occur when a vulnerability in the web browser or a browser plugin is exploited.
Social engineering: The user is tricked into accepting a download from the web that is actually malware.
Another common entry point is via email. Opening attachments that are either malware or a malware install program is the most common method of infection via email.
Finally, thumb drives can be configured to automatically run a program when accessed. Unknown thumb drives either found or received from an unknown source can and occasionally do contain malware that will automatically infect when the thumb drive is inserted.
This topic is especially important because people use these endpoint machines to store lots of data and intellectual property (IP). Some is stored on servers and/or the cloud, but not all. Once a piece of malware is resident on your PC/Desktop/Notebook, it can execute and start doing things to your data.
Making servers more vulnerable still is the fact they often have applications that provide services across the network and these services can be compromised – affecting or infecting multiple machines. Once inside one machine, malware can crawl other linked machines on the same network and infect them.
Your server may be at risk from hackers because it’s a target for many types of attacks. For example: many servers that store critical data for websites and services use SQL (‘structured query language’ – a programming language used to communicate with databases) to manage the data in their databases. A SQL injection attack uses malicious code to get the server to expose information it normally wouldn’t.
Network security attacks
A network is a collection of computers, servers, network devices and/or other devices connected to one another. While this is done to allow the easy sharing of data, it also opens up multiple attack vectors to threats.
The network is typically used as a transportation mechanism for malware once inside, but there are also threats that attack directly from outside.
As such, there is a wide and terrifying array of network security attacks that use the network to reach your business’s devices. It is essential to protect your network against external or internal attacks.
Cloud computing has been beneficial to most businesses, with its access allowing increased efficiency of collaborative working and delivery of digital assets amongst others. But with convenience come dangers.
By having your private and/or sensitive data stored outside a locked box – outside your network - it is vulnerable to hackers.
The cloud can leave you open to data breaches (theft), data loss and service hijacking. Making this more hazardous is week user credentials.
This is a key way in which hackers acquire access to your assets whether internal or in the cloud, so it’s essential to keep your passwords protected. While instituting a strict company password policy is a sound business practice, it is not always enough. Use a secure password manager in tandem with your policy and you’ll be safer.
The proliferation of mobile devices in the work place has brought new threats. Whether you operate a BYOD policy (bring your own device) or you provide company devices for work, your business is open to new risks.
The main threat comes from devices without a PIN (or a weak PIN) that get stolen. And while there is often not much data on the devices, they allow access to company systems and software. Strong passwords on mobile devices are essential.
A key challenge is making sure the owner’s activity is safe. If they access something malicious by accident in their own time – from their personal email or a website - they may endanger the whole business by giving access to hackers. Many businesses advise their staff not to use public wi-fi while out of the office – as it is a key entry point for hackers and malware.
As well as external attacks, many companies worry about internal threats from employees taking advantage of access: stealing data or damaging/infecting systems on purpose. The actions of your staff cover a range of potential threats – as it is often their failure to spot a threat that allows hackers and malware into systems and software. Social engineering threats are designed to trick people and many click on links in emails or open attachments that infect whole networks. What makes this harder is that many staff either don’t know, or try and conceal their mistake.
Most businesses closely monitor the software their people use and don’t allow the download of free or unauthorized software or apps – a wise move.
Many organizations are now training their staff to be vigilant and know how to recognize vulnerabilities and threats.
The Internet of Things
Connected devices are one of the latest new potential entry points. If you have connected items, you may be opening your company up to cyberattacks. The problem is that many IoT devices have poor communication implementation between the device and supporting cloud service. This can make many devices vulnerable, in some cases allowing attackers to take over your IoT devices for further attacks or even spy on your business - where think cameras are connected.
Not only is privacy a key concern, but people may be able to hijack your devices and take control of what those devices control.
It is predicted that 50 billion devices will be connected to the internet by 2020, so it is essential that we make sure they, and our businesses, are protected.
Emails are a common source of entry, from phishing to malware.
Email phishing is one of the oldest and most successful hacking techniques.
Attackers send out mass emails disguised as an authentic communication from a bank, subscription service or online payment site. The email tells the recipient to verify their account information by clicking on a link. The victim supplies log-in information and the hackers take money from that account or divert money to theirs.
Many websites carry malware and other threats – some without even knowing it. Hackers can break into a company’s website, steal data (cross-site scripting) and/or use it to deploy malware and viruses onto unsuspecting visitors.
Buffer overflow techniques are used by high-level hackers who gain access to customer data via online forms. Hackers navigate to an online form and provide excessive data in a form field. Sophisticated hackers can often break through the system with complex lines of code to steal data, cause damage, or provide the hacker with an alternate point of entry. Simple security techniques are often unable to combat these attacks.
While two-factor authentication is becoming a standard in business, it is no longer recommended. The fact that people think that ‘it is safe’, means it is prone to social engineering attacks. Hackers have been known to target individuals, saying they need to download an app to do two-factor authentication, which then monitors their texts, stealing passwords when they arrive on the second device.
Unsecured or public Wi-Fi can be as hazardous for users as it is for providers. By offering unprotected internet to your staff or guests, you may also open yourself up to threats from hackers.