Cyber security should be at the very top of your list of business concerns. In fact, most would say that it should be prioritised over physical security – the consequences of a cyber attack have become more severe so why shouldn’t it be your leading concern?
Technology has taken over; it now saturates the planet at a rate at which no one could have foreseen. The majority of the global population has access to internet connected devices – predominantly mobiles – and these numbers are anticipated to rise in coming times.
Like everything in business, anything that brings a positive inevitably brings a negative in its wake too. Alongside the innovation and exponential growth of the internet came a significant negative, and that is the likelihood of your organisation becoming a victim of a serious cyber attack that could – if sophisticated enough – spell the end of your business altogether. “Why bother with new tech then?”, I hear you say, and in theory this is a good point. It does immediately lessen the risk of a cyber attack but irradicating tech altogether can pose serious risks to the levels of efficiency and connectivity your team will be able to achieve. Not to mention the possibilities that tech has allowed. Diverting the blame from the tools we are using is essential. Instead of blaming the tools, blame a lack of education on the potential threats that come from poorly protected systems and inadequate cyber security measures.
A successful cyber attack could see your sensitive data being distributed for free or sold via the Dark Web.
The Dark Web is a familiar term, but, for those that haven’t heard of it before, it – in short – is a marketplace for criminals, and a hotbed of illicit activities occur there (where criminals congregate). In the following articles we will explore the Dark Web in more detail and highlight the seriousness of your sensitive data being sold and distributed there.
The Dark Web
The Dark Web is designed as a marketplace for cyber criminals. They can buy, sell, and advertise illegal goods and services to random criminal buyers around the globe – all whilst maintaining their anonymity.
The Dark Web consists of small one-to-one networks that operate alongside the larger legal networks – but don’t be fooled into thinking that it is run by a few tech-minded boffins – it is, in fact, an enormous platform designed for one purpose: causing carnage.
It is not illegal to access the Dark Web but it is a very dangerous place to navigate safely. Don’t even log in for a look, as it is very easy to click a link or access something on there that is highly illegal and could lead to your ending up on a government watchlist of some kind.
Your data ending up on the Dark Web could be a disaster - there is no knowing who may have control of it. Your data being in the grips of a cyber criminal could lead to business defining problems.
Let’s take a look at ways your data could find its way onto the Dark Web.
The methods cyber criminals use to get your data to the Dark Web:
Ransomware
Ransomware is malicious software that locks and encrypts your data. The cyber criminal will then demand payment for the return of access.
Ransomware attacks can feel particularly cruel in comparison to other forms of attack – this is because your information doesn’t go anywhere but instead remains on your computer within your grasp - the only problem is it is encrypted and unavailable for access.
The cyber criminal – once having encrypted your data – will then create a sense of urgency for you to pay the ransom under the threat that, if you don’t, they will delete your data or release it on the Dark Web and it will be lost forever. This is clever, as it forces you to make a decision quickly with little forethought.
Many come to the wrong decision at this point and end up paying the criminals. As good as it would be to just pay, consider it a lesson learnt and move on because, unfortunately, this isn’t the case. They are criminals that can’t be trusted – do you really think they will say thanks for the money and then give you your data back?
In reality, business owners pay the demanded amount and are left feeling silly with no data. Of course, there are occasions where business owners have been granted access again, but this usually comes before a second attack - the criminals now know that you are not only capable, but willing to pay too.
Phishing
A Phishing attack is when a cyber criminal uses fake/ fraudulent emails to gain access.
Cyber criminals use malicious links in emails as their vessel to carry out their attacks. The cyber criminal will construct an email that fools the recipient into believing that it is from a trusted source and of urgent importance. They usually pose as a bank or a colleague, as these are two of the sources that would evoke the right response - they won’t be ignored, and they need to be answered ASAP. The criminal then bases the email around a time sensitive subject – perhaps a ‘scheduled password change’ - once having clicked on the link, the recipient will have inadvertently granted access to the cyber criminal.
Malware
Malware is particularly malicious; it is designed with the sole intention of causing damage and chaos or with the aim of stealing private data.
Malware – unlike other forms of cyber attack – is managed by a team of cyber criminals, and their aim is to steal your money. The cyber criminals design the Malware software then sell it over the Dark Web – if it finds it’s way onto your system you could be in serious trouble.
Insecure connections
Cyber criminals will intercept data that is being sent across an insecure network (public Wi-Fi, for example). In our opinion public Wi-Fi is a no go, under any circumstances, especially not for business purposes, as it has very poor levels of security which leave you vulnerable when using it.
Cyber criminals have started using a relatively new method of cyber attack called a ‘rogue hotspot’. This involves the cyber criminal setting up their own public portal that imitates the existing legitimate one. A cyber criminal then distributes their Malware freely, whilst directing users toward other malicious sites and listening in on their target’s web traffic – all this can be done whilst the target is oblivious to the fact that they are using an unsafe source.
Now we have become familiar with some of the most common ways cyber criminals gain access to your sensitive data and credentials – and, in turn, put them up for sale on the Dark Web. In the following article we will look closer at the Dark Web, why the exposure of your credentials could be a disaster, and what to do to ensure that you are as prepared as possible in the event of an attack.
Secure your organization
AsiaCloud Solutions provides high-quality, reliable, and cost-effective Managed IT services to help your organisation succeed with IT. We offer a combination of enterprise-grade technology along with a fast, scalable, personalised service. We provide world-class IT you can rely on at affordable prices, with our specialists supporting you with a proactive service from right here in Singapore. Get in contact and find out what we can do for you.
Comentários