5 Cyber Threats Could Affect Your Organisational Data

It’s imperative to educate your team on how to safeguard organisational data against attack vectors. But what threats should you be concerned about?

Published on 23 May, 2016

It’s imperative to educate your team on how to safeguard organisational data against attack vectors. But what threats should you be concerned about?

Top 5 Cyber Security Threats That Could Affect Your Organisational Data

Data is very valuable. Organisational data is extremely valuable. Today, bad actors (hackers, attackers) are motivated by hactivism, political alliances and financial incentives. The insights gained through data breaches and data compromises are at risk by myriad groups and individuals scattered throughout the world. Whatever their motivation, those that threaten an organisation’s cyber security posture are devising new and increasingly complex ways to obtain data through social engineering and targeted attacks.

Cyber security is not just an issue isolated to IT. Ponemon Institute’s report shows that over the last 3 years, the cost of cybercrime has steadily increased in the UK, now at an average cost of £4.1m a year. It’s imperative to educate your team on how to safeguard organisational data against attack vectors. Recently, The Cyber Security Breaches Survey 2016 published findings that two-thirds of UK businesses suffered from a cyber security breach in past year. However, despite being a costly and high priority issue, only 29 percent of UK companies have written cyber security policies and only 10 percent of businesses have “formal incident management processes.”

With a high chance of data compromise, what threats should you be concerned about? Here are the top 5 cyber security threats to your organisational data:

1. Vulnerabilities

Software updates and patches are, well, quite annoying. No one is fond of the time spent updating software, especially when one patch is followed by an inevitable series of more updates that mires down IT teams. While, yes they take time to install onto devices, these software patches are being released to strengthen an organisation’s security perimeter. Security vulnerabilities can be exploited through a number of attack vectors to gather data. Inevitability, any device contains a security vulnerability, but don’t fall into a state of paranoia; Microsoft defines a security vulnerability as a weakness in a product that could allow an attacker to compromise the integrity, availability, or confidentiality of that product.

Vulnerabilities can be exploited with varying techniques like buffer overflows, injections, bugs, and broken authentication or session management. In layman’s terms, these are attack techniques leveraged during a window of vulnerability where attackers access a security flaw for exploitation. A memorable example of this is the Shellshock bug discovered in September 2014. As the BBC first reported, Shellshock had the capability to exploit at least 500 million machines, including computers and smart home appliances. Shellshock was launched by attackers to exploit a vulnerability that existed in operating systems since 1989, but was only recently discovered… 25 years later.

“Shellshock was launched by attackers to exploit a vulnerability that existed in operating systems since 1989, but was only recently discovered… 25 years later.”

The good news is that there are global teams of cyber security professionals devoted to regularly parsing system data to detect underlying software weaknesses. In order to reduce the window of vulnerability, it’s in good favour for you to patch early and patch often.

2. Insider Threats

Insider threats are a top concern for organisations because insiders have intimate knowledge of how to access corporate data. Generally speaking, there are two kinds of insider threats: those at the will of ill-intent (malicious insiders) and those conducted by heedless personnel (unintentional insiders). Malicious insiders are employees that access data for their own malicious incentives. Unintentional insiders are employees who are negligent towards security measures, policies, and practices.

With a high chance of data compromise, what threats should you be concerned about

Quite often, malicious insiders are disgruntled employees who act out of emotion. These insiders are sometimes aware that they are on their way out of the company (either by their own accord or through the terminative power of management choice) and seize the opportunity before exiting to acquire data to sell on the darknet or use in the future at a new position, possibly even with a competitor.

Unintentional insiders, while a lot less venomous in nature than their counterparts, don’t act out of malice. However, you’d be remiss to ignore the scope of the threat they pose; Infosecurity Magazine reported that insider threats are the biggest concern for UK businesses. These employees accidentally expose data through misuse or ignorance of security measures. This is especially the case for frequent business travelers. Most on-the-go employees aren’t wary of connecting to open WiFi networks or Bluetooth devices. Security practitioners should develop training for employees that covers basic cyber security fundamentals how-tos, such as:

    • Regularly updating account credentials
    • Using official apps instead of mobile browsers
    • Connecting to the secure corporate wifi or a virtual private network
    • Vigilantly locking mobile devices while traveling

Overall, the key to managing insider threats is understanding who has access to what data and what tools, devices, apps or people can pose as threat vectors.

3. Distributed Denial of Service Attacks

A denial of service attack, more commonly referred to as a DoS attack, is an attempt to make a computer or network resource unavailable to its intended users. Using a single device, a bad actor targets a system by exploiting an existing software vulnerability or floods the target’s network infrastructure with fake requests (bogus traffic). The interruption caused by a DoS attack can be temporary or indefinite. These attacks are executed with the end goal of suspending services or rendering websites and apps offered by a particular host unavailable.

A distributed denial of service (DDoS) attack is a type of DoS attack, but is much more serious and detrimental. In a DDoS attack, online services are made unavailable when they are overwhelmed with exorbitant amounts of traffic from multiple devices distributed across the internet. By their state of execution, DDoS attacks are much more complex than DoS attacks. Frequently, they are deployed by botnets or “zombies” – a network of privately owned devices infected with malware and remotely controlled as a group without the knowledge of their owners.

In essence, these botnets function as an army of devices at the control of an attacker, meaning that your computer could be part of an orchestrated DDoS attack and you’d never know. So, if your computer was a botnet, what exactly would it be used to do? At the hands of the bad actor puppeteer, your computer could be one of 100,000 zombie systems used to send spam emails laced with viruses, as a conduit to disperse malware, or, of course, as part of an orchestrated DDoS attack. DDoS attacks are in the top 3 most costly cyber security threats, with a financial impact on organisations costing an average of £11,545 per day. Due to the high volume of traffic flooding the target, it’s difficult to identify and resolve the root cause of a DDoS attack. Given all of these factors, the mean time to resolution is generally longer and costly.

4. Phishing Campaigns and Social Engineering

Phishing campaigns send fraudulent emails and text messages that appear to be from legitimate organisations such as banks, schools, social networks, or service providers. The Inquirer reported that in 2015 100,000 people in the UK reported they were the target of phishing scams; 70 percent of these messages were sent through email campaigns. Phishing messages are disguised to look trustworthy and official. However, these messages are sent to “phish” or lure personal data from you. In the second stage of a phishing attack, links and attachments embedded within these messages have the ability to inconspicuously install malware onto a user’s device.

Regularly update your passwordsThe phishmonger (the sender) encourages or intimidates the recipient into updating, validating, or confirming sensitive information, including account credentials and banking details. Once the bait is taken, the sender of the phishing message now has access to data and financial information. Phishing messages have different degrees of sophistication. For instance:

      • Spear phishing is a targeted type of phishing where messages appear to be composed by individuals or organisations with whom you are familiar with or know.
      • Whaling is a type of spear phishing campaign that is directed at executive level or high profile members of an organisation.

These types of phishing cunningly utilise social engineering to appear more authentic. The attackers use the information about you that’s listed online. Companies can avoid more sophisticated types of spear phishing and whaling by mandating that all employees don’t link their social networks or bank accounts to business emails or devices.

5. Ransomware

Imagine this: you’re innocuously bouncing between websites and search engines, when suddenly your lockscreen comes on, glossed over with an intimidating (and sometimes threatening) image forbidding you from accessing your own computer. Next, a notification pops up and demands a payment to unlock your device. You’ve just become a victim of ransomware – a type of malware that holds your computer or files hostage until a payment is received.

Ransomware is an infection that is usually obtained from attachments in phishing emails or those pesky pop-up advertisements on websites. Ransomware can take even scarier forms. If the infection gains access to your device’s camera, it can take a picture of you. Using your picture, the ransomware message will threaten to send your picture as evidence of some sort of illegal online activity to authorities unless the payment is received. While the majority of ransomware attacks are for smaller sums of money, as Computerworld UK pointedly illustrates, in the past, more targeted ransomware has demanded £1m from organisations.

Unfortunately, fear and intimidation are major motivators in ransomware. Most people hand over a sum of money to avoid false persecution or to unlock their device. However, if you comply and submit a payment, there is no guarantee that you’ll regain access to your system. If you’ve fallen prey to ransomware, it means that your device has already been compromised by an infection and your data is at risk. While you are losing access to organisational services, applications, and data while the system is locked up, you’ll end up increasing your financial losses by paying the demanded sum on top of quarantining, cleaning, and securing your network.

Cyber security professionals advise that you don’t submit a payment. Instead, report the occurrence to the UK’s national fraud and cybercrime centre, ActionFraud.

Mimeo Marketing Team

Mimeo is a global online print provider with a mission to give customers back their time. By combining front and back-end technology with a lean production model, Mimeo is the only company in the industry to guarantee your late-night print order will be produced, shipped, and delivered by 8 am the next morning. For more information, visit mimeo.com and see how Mimeo’s solutions can help you save time today.

Mimeo Talk of the trade podcast

Recent Updates