• (775) 229-4254
  • support@itmsnv.com
Information Technology Professionals

Call Today (775) 229-4254

Top Three Cyber Security Attack Threats by Mark D. Albin, M.S.

Created: October 27, 2017
By Mark D. Albin, M.S.

Don't be distracted by the current security threats in the news. Far to often we see that company's are being reactive instead of proactive. Make sure your company is investing time and money defending against the threats your particular company may face.

Socially engineered malware

Socially engineered malware, lately often led by data-encrypting ransomware, provides the number one method of attack (not a buffer overflow, misconfiguration or advanced exploit). An end-user is tricked into running a Trojan horse application, often from a website that they trust and visit often. The website is temporarily compromised to deliver the malware instead of the normal website content.

The hacked website tells the user to install some new piece of software or application in order to access the website, run fake Anti-virus software, or run some other “critical” piece of software that is unnecessary and malicious. The user is often instructed to click past any security warnings emanating from their browser or operating system and to disable any build in defenses that might get in the way of the malware.

Sometimes the Trojan application pretends to do something that appears to be legitimate and other times it fades away into the background to start doing its rogue actions. Socially engineered malware programs are responsible for hundreds of millions of successful cyber attacks each year. These types are easy to launch and often very successful.

Remediation

Social engineered malware programs are best handled through ongoing end-user training programs that cover many of todays threats (such as trusted websites prompting users to run surprise software). Enterprises can further protect themselves by not allowing users to surf the web or answer email using elevated credentials. An up-to-date anti-malware program is a necessity for businesses all sizes but also we recommend strong end-user training.

Password phishing attacks

It is estimated that approximately 65 to 70 percent of all email is SPAM or junk email. We feel that much of that are phishing attacks looking to trick users out of their account logon credentials for different types of accounts (Banking, Financial, etc.). The good news for everyone is that anti-spam vendors and services have made great progress is handling SPAM and other junk email so that we can have clean email in-boxes. But unfortunitly, we all get several SPAM emails every day, and a least a few of them each week are good phishing replicas of legitimate emails.

Good phishing emails will look legit and often are made to look like other emails from the person or company. The only thing that gives it away is the rogue link asking for confidential information.

Remediation

The primary countermeasure to password phishing attacks is to have logons that can’t be given away. This means two-factor authentication (2FA), smartcards, biometrics and other out-of-the-band (e.g., phone call or SMS message) authentication methods. If you can enable something other than simple logon name/password combinations for your logons, and require only the stronger methods, then you’ve beat the password-phishing game.

If you’re stuck with simple logon name/password combinations for one or more systems, make sure you use accurate-as-can-be anti-phishing products or services, and decrease the risk through better end-user education. I also love browsers that highlight the true domain name of a host in a URL string. That way windowsupdate.microsoft.com.malware.com, for example, is more obvious.

Finally, it is good practice to make sure your users know that you will never ask them to provide user account information in an email.

Unpatched software

Coming in close behind socially engineered malware and phishing is software that is left unpatched with known vulnerabilities. The most common unpatched and exploited programs are browser add-in programs like Adobe Reader, Office Programs, and other programs people often use. It is known that smaller businesses usually that don't have dedicated IT staff often use out dated and unpatched software

Remediation

Either make this a priority within your organization or hire someone to do it for you. It is very important that you focus on the most exploited products, whatever they happen to be in a given time period. Everyone knows that better patching is a great way to decrease attack surfaces and reduce risk. IT is important that you make sure that you’re 100 percent patched on the programs most likely to be exploited versus trying unsuccessfully to be fully patched on all software programs.

Client Testimonials

It is my pleasure to comment on my relationship with Mark and on the work he has done for me over the past few years. Basically, there are few service providers (of any type) who are as committed, honest, diligent and patient as Mark Albin. For me the recent experience of totally converting/updating my office was a fantastic one primarily due to Mark’s abilities. As you can tell, I would recommend his services without hesitation.

Jennifer Q.
Reno, Nevada