5 Types of Internet Threats and How to Protect Your Business from them

By • June 29th 2016

IT Security Threats

As the digital age surges forward at lightning-quick pace, the number of internet threats to our data and businesses grows at an alarming rate. Due to the nature and differences in the type of these threats there is no single technology that can protect you from all but, hopefully after reading this short guide you will be more informed about these different types and the technology you can implement to help protect your business.

 

1. Network Probe / Hostile Scan

What is it ?

A Network Probe or Hostile Scan is an automated scan of your internet-facing device(s), ie, router/firewall, to try and find any vulnerabilities or ‘holes’ in your security. It’s carried out by millions of malware infections. Once a vulnerability is found it then infects the device itself or infects another device on your internal network. If no vulnerability is found it will move on to the next device on the internet.

What can I do now ?

One of the first things to do is review your router/firewall access rules and close as many ‘open’ rules (or ports) as you can. The less open ports means your chances of a Network Probe / Hostile Scan finding something to exploit is reduced.

What technology will help protect my business ?

To give your business the best protection from such threats (and a host of others) it is worth considering upgrading your firewall to a “Next Gen” (a ‘Next Generation (or more advanced)) firewall. These carry out a much more in-depth and ‘intelligent’ analysis of your internet traffic, and thus have the ability to detect and stop a much larger variety of threats.

 

2. Distributed Denial of Service Attack

What is it ?

A Distributed Denial of Service Attack or (DDOS) uses lots of devices on the internet to ‘bombard’ your router or firewall with garbage traffic, thus using all of its available resources and overloading it to the point where your device and internet connection can no longer function.

What can I do now ?

If your business does become a victim of a DDOS attack it might not be that easy to detect at first – you might just think your internet connection has a fault. The key to recognising a DDOS attack is by monitoring the performance of your router to see if it is processing more traffic than normal. Also, you could contact your Internet Service Provider (ISP) for reports on your internet traffic to see if it is more than usual.

What technology will help protect my business ?

“Next Gen” firewalls can help protect against this sort of attack, or if you have internet-dependent services that are critical to your business you might want to think about having multiple internet connections with different ISP’s.

 

3. Brute Force Attack

What is it ?

A Brute Force Attack is a systematic checking of all possible passwords for an account or service until the correct one is found. This can be run by malware or a hacker using a computer program and, if successful, may grant access to a system or network with administrator level privileges. If administrator level access is achieved the attacker has complete control of the system and its data.

What can I do now ?

To help mitigate this threat ensure you have a robust password policy for all internet-facing services or devices. Such services can be internally hosted web-based services (including email services like Outlook Web Access), remote desktop services, routers and firewalls. Make sure passwords are complex (a combination of upper-case, lower-case, numbers and symbols) and at least 8 characters long. They must also be changed regularly.

What technology will help protect my business ?

Certain technologies are more at risk than others with this type of attack. For example, if you have a commercial website hosted on your network or an SQL database that provides services to internet customers a secure setup for these scenarios would be to place these servers in a DMZ – this is an area that is separated from your internal network to help keep your network secure. In addition to a DMZ, to help protect your SQL servers it is recommended to use a “Next Gen” firewall.

 

4. Phishing Attack

What is it ?

Phishing is the act of trying to obtain financial or other confidential information from computer users, typically by sending an email that looks as if it is from a legitimate organisation. Emails can contain attachments that infect your PC and prevent you from reading your data or links that take the user to a fake website.

What can I do now ?

There are several things you can do to help protect yourself against these potentially disastrous attacks. The first and most effective thing to do is to make sure you (and your staff) do not have administrator-level rights on your machines. This right is easily removed and reports have shown that it can mitigate 92% of Microsoft vulnerabilities.
Another highly effective step to make your systems significantly safer is to regularly apply Microsoft’s security updates. These two steps alone will make a vast difference to the security of your network.
Security awareness training for staff also helps minimise the chance of malicious email attachments being opened or links followed.
Due to the nature of these threats one layer of protection is usually not enough to protect your systems. Other layers of protection are still needed to improve your chances of remaining safe.

What technology will help protect my business ?

To help prevent email-borne threats an Antivirus and Anti-spam email filtering service is recommended. This will stop many malicious threats making their way into your network as well as drastically cutting down the amount of spam emails you receive.
Good quality PC Antivirus software is another essential form of protection needed. Make sure you do your research and invest in a highly-rated antivirus solution. Although there are many free versions available they are usually quite basic and do not detect many of the nasty threats out there today. It’s also important to note that due to the sophistication of modern threats, Antivirus software on its own is no longer enough to protect your data.
Some threats of this type can encrypt your documents so you can no longer read them. Typically, the only way you can get your documents back is to restore them from backup. Therefore the last – and essential – layer of protection is to run regular and reliable backups.

 

5. Drive-by Download

What is it ?

A Drive-by Download is malware that is downloaded and installed on your computer or mobile device simply by visiting a malicious website. They will usually take advantage of existing vulnerabilities within certain web-based applications such as Java, Adobe Reader, Flash Player and Microsoft Silverlight, as well as web browsers.

What can I do now ?

One of the easiest ways to protect against this type of attack is to regularly update all web browsers and applications mentioned above with the latest security updates.
Security awareness training will also help to reduce the chance of staff clicking on rogue website links that are delivered via different channels, ie, email, social media or instant messaging software.

What technology will help protect my business ?

To help prevent malicious emails being delivered to users an email filtering service is recommended.
Web Protection software can be implemented to help prevent staff from reaching the malicious websites themselves. This can reduce the chance of infection significantly.

Andy Woods: Technical Director

Let Synium make your IT simply better

Contact the Synium team on 0121 663 0203, or via email to hello@synium.co.uk
let us offer you a free IT Security review and let us help you make your business more secure:

 

Subscribe to the Synium Blog

Receive our latest blog posts direct to your inbox.

Name
Email *

 
 
 

Contact us

Telephone:

0121 663 0203

Email:

hello@synium.co.uk

Instant Support:

Click Here

Address:

Brannan Phillips House
Shallowford Court
94-96 High Street
Henley in Arden
Warwickshire
B95 5FY