Security is big business on the internet because there are a lot of people out there who know that data is important, and they are trying to get it from you by hook or crook so they can make money from it. What should you be looking for?
Table of Contents
1. Ransomware Attacks
That sensitive data that you have is worth something to you, and so is the access to your computer. Ransomware seeks to exploit you by threatening the release of data or preventing you from getting into your computer system, which can be avoided if you hand over money. Acceding to blackmailers is no guarantee that they are going to stop trying to get more money though.
2. A Breach Of Sensitive Or Confidential Data
There have been some pretty far-reaching examples of this lately. Equifax has been one of the hardest hit, and are involved in settling a huge payout to those affected. A lot of places are now offering a service where you can be notified if your data flags up anywhere online as part of a breach. Seeing how many large companies have had this happen to them can be more than a little worrying.
3. Malware Infiltration Through Https/SSL Web Traffic
The Secure Sockets Layer or SSL that is supposed to actually protect you when you surf around the web is now being exploited to get past any security measures that you have on your computer by encrypting the malware payload. You are going to have to keep an eye out for exploit kits, malware, adware, and malware callbacks that sit there in the SSL, and new TLS or Transport Layer Security. If you’re reading this and wondering how do I get a secure connection, then you should be asking what is a vpn?
4. Targeted Attacks/Zero-day Exploits
Some software or hardware has flaws in it, and there are people out there who like to exploit this weakness. The zero-day refers to either the flaw itself or the fact that it took zero-days from the discovery of the flaw until the attack took place. Keep your software and firmware as up to date as possible. They are hard to detect because the attack hasn’t happened yet, but out of character behavior for a user can be a flag that a zero-day attack is happening.
Do you have a policy for what software can be downloaded onto your machines? Is it enforced? If not you may end up with a whole heap of untrustworthy programs that your employees download without knowing if they are safe or how to check that out. This opens up your whole network to risk. Setting it up so that they have to have the approval to install anything is a great idea.
6. Endpoints Compromised By Botnets
An endpoint is where one system interacts with another. A botnet is a bunch of internet-connected devices that someone has compromised that are used most often to perform spam attacks, steal credentials, or spy on people. In this instance, they sit there at the point where your various systems talk to each other and steal that data.
There are all these things out there trying to exploit your data and connections, but there are solutions. Making yourself more aware of both the danger and the solutions are going to stand you in good stead.