GOTO_CONTENT
Certifié BonBoss

Ransomware, Phishing and Other Business Cyberattacks

Reading time of 4 minutes

A very real threat

In spite of all the effort spent on preventing cyberattacks, it is estimated that cybercrime will cost over $6 trillion per year on average through 2021. These hefty costs require companies – particularly IT service providers – to invest time and resources in preventing cyberthreats, since they are responsible for protecting their customers’ IT environments against cybercriminals.

These customers are generally small and medium-sized businesses (SMBs), now the primary target of cyberattacks, because they are often the most vulnerable.  These circumstances represent a major opportunity for managed service providers (MSPs): to become leaders in cybersecurity, so their customers can count on them to prevent threats and work actively to reduce the risk of cyberattacks.

Different Types of Cyberattacks

Ransomware

Ransomware is a type of threat that totally blocks access to the victim’s files by encrypting them. Then, the attackers demand a certain amount of money in order to unlock them.  It is important to note that paying the ransom does not guarantee access to the locked data, and only 26% of companies who agreed to pay the money were able to recover access to their files.  Here, and more than ever, prevention is the best way to prevent future headaches.

The payment is generally requested in some form of cryptocurrency, such as Bitcoin, to ensure anonymity.  Like many other types of malware, ransomware can be spread using different vectors:

  • Attachments on a malicious email
  • Operating system exploits
  • Infected software or external storage devices
  • Compromised websites

Accessible Malware

Why is ransomware a threat that continues to spread like wildfire?  Because it’s easy for any moderately skilled programmer to put together this kind of software.  While some malware requires in-depth programming knowledge, creating ransomware is actually quite simple.  In addition, “Ransomware-as-a-Service” (RaaS) makes criminals’ work easier by allowing them to simply buy a subscription to the malware, encryption and ransom collection services they need to launch a swift attack, without having to create these elements themselves.

Since many users and organizations are willing to pay to recover their data, criminals can quickly generate thousands of dollars in income. Also, the cryptocurrency demanded by the criminals makes it very difficult to trace recipients.

Tips to fight ransomware:

  • Keep the company’s operating systems and application security patches up to date.
  • Use recognized endpoint protection software, and make sure to keep it updated.
  • Regularly back up company files locally, as well as in a remote location.
  • Plan for the worst-case scenario: disaster recovery plan.
  • Provide regular cybersecurity trainings for your employees to reduce the risk of infection.

Phishing

Phishing is the attempt to obtain sensitive information, like usernames, passwords and other sensitive third-party information, often for malicious, fraud-related reasons. Phishing is generally carried out via instant messaging or email, using a link to a fake website. Users are then asked to enter personal information on a site that looks almost identical to the legitimate website.

Phishing is increasingly common, and companies are generally more aware of it. Nevertheless, even now, 30% of phishing messages are opened by their recipients, and phishing attempts increased by 65% in 2017 compared to the previous year. It’s important to stay vigilant.

Phishing is a typical example of a social engineering attack. Social engineering is the act of tricking or manipulating another person by causing them to share sensitive or confidential information.

Tips to fight phishing:

  • Train your employees with relevant phishing simulations, so that they understand this type of attack.
  • Hover your mouse over links to see the real destination before clicking.
  • Don’t open email from unknown senders without first confirming their identity.
  • Use good endpoint security with built-in anti-phishing protection.
  • Consider using a DNS filtering solution to stop known phishing requests.

Brute force attacks

A brute force attack is a “trial and error” type cyberattack, in which the strength of hardware and software resources is used to crush security defences through the speed or frequency of the attack.  For instance, a brute force attack could use an algorithm to test all possible combinations of a person’s first name, last name and birth date in order to pinpoint their username. Another attack could involve sequentially attempting to figure out a password using a list of the several thousand most commonly used passwords, known as “dictionary attacks.”

It is worth noting that brute force attacks are on the rise.  Hacking attempts using brute force attacks or dictionary attacks increased by 400% in 2017.  This increase mostly comes down to the increasingly powerful and affordable software that makes this type of attack accessible to more people.

Tips to fight brute force attacks:

  • Scan your operating systems, looking for password-protected applications, and make sure that they are not configured with default login credentials.
  • Adjust the account lockout policy in order to use progressive daily lockouts, so that a dictionary or brute force combination attack is not possible.
  • Consider adding a CAPTCHA step to prevent automated attacks.
  • Use strong passwords and two-factor authentication whenever possible.
  • Update your tools and applications used for remote access.  The standard RDP protocol commonly used in companies is vulnerable to brute force attacks, but fee-based secured VPN solutions can make remote access much more secure.