The fact is most companies face the same
threats and should be doing their utmost to counteract those risks. However at
some point you may lose your precious data to a vicious cyber-attack, if you’re
ever in this position, contact the experts at DLA for assistance!
Here are the five most common successful cyber-attacks.
Cyber-attack
No. 1: Socially engineered Trojans
This is the No. 1 method of attack. Usually,
a website will tell users they are infected by viruses and need to run fake
antivirus software. Also, they're nearly out of free disk space and need a fake
disk defragger. Finally, they must install an otherwise unnecessary program,
often a fake Adobe Reader or an equally well-known program. The user executes
the malware, clicking past browser warnings that the program could possibly be
harmful. VoilĂ , exploit accomplished!
Cyber-attack
No. 2: Unpatched software
Coming in a distant second is software with
known, but unpatched exploits. The most common unpatched and exploited programs
are Java, Adobe Reader, and Adobe Flash.
The best countermeasure is to stop what you’re
doing right now and make sure your patching is perfect!
Cyber-attack
No. 3: Phishing attacks
About 70% of emails are spam. Even though
there are anti-spam vendors, you will probably receive several spam emails each
day, and a least a few of them each week are darned good phishing replicas of
legitimate emails.
Cyber-attack
No. 4: Network-traveling worms
Computer viruses aren't much of a threat
anymore, but their network-traveling worm cousins are. We don't see the massive
outbreaks of the past with email attachment worms, but the network-traveling
variety is able to hide far better than its email relatives.
Cyber-attack
No. 5: Advanced persistent threats
APTs usually gain a foothold using socially
engineered Trojans or phishing attacks.
A very popular method is for APT attackers
to send a very specific phishing campaign -- known as spearphishing -- to
multiple employee email addresses. The phishing email contains a Trojan
attachment, which at least one employee is tricked into running. After the
initial execution and first computer takeover, APT attackers can compromise an
entire enterprise in a matter of hours. It's easy to accomplish, but a royal
pain to clean up.
No comments:
Post a Comment