Flint Tech’s Cybersecurity Awareness Series: Malware Threats and Defenses
Flint Tech’s Cybersecurity Awareness Series: Malware Threats and Defenses

[image credit: Ales Nesetril on Unsplash.com]

Credit: Hannah Wei on Unsplash.com

Thanks for joining us during Cybersecurity Awareness Month!

As you know from our last post, cybercrime is a growing trend affecting big and small businesses alike. We’ll be examining each of the most common network threats this month, including what business owners like you can do to defend yourselves.

So let’s get started with the most well-known threat:

credit: Lin12345pikinhater on Tenor.com

Malware is a standard term for software with a malicious purpose. This includes viruses, adware, worms, the Trojan horse program, and spyware. Cyber criminals install their weapon of choice on your computers and other devices, which allows them to spy on your company’s online activities, obtain passwords and files, or attack others from your system.

This is not just a threat to Windows users—Mac devices, all types of smartphones, even security cameras are all at risk. And speaking of security cameras, if your business is connected to the internet of things (Smart in-home devices, like Amazon’s Alexa, that are connected to everything from your computers to your fridge and coffee maker), those are also at risk of attack. Anything with an IP address is fair game.

In the case of ransomware, criminals can lock your out of your files until you pay a ransom. There’s lots of money to be made for cybercriminals the more devices they affect, which means this is one threat that everyone should take seriously.

So what to do?

If you’ve ever booted up a brand-new computer, chances are you’re familiar with the ubiquitous McAfee antivirus software offers that last as long as the device itself (until you get your tech-expert cousin or brother-in-law to remove them). If you’ve ever caved in and purchased that or any other antivirus protection subscription, turns out you were only handling part of the problem.

Viruses are only one type of malware, and cybercriminals are continuously developing new, cutting-edge threats that are harder to catch. Antivirus software needs to be constantly updated to detect the newest types of malware. In addition, the best way to ensure you never lose anything to a malware attack is to back up everything either on Cloud-based services or on offline external hard drives.

Additionally, there is another way to protect yourself: Managed Security Services (MSS).

credit: Siemens on giphy.com

Simply put, MSS is what happens when a trusted tech partner (the Managed Service Provider, or MSP) handles cybersecurity for an organization, be it big or small. Their services monitor the organization’s devices for signs of potentially threatening activity, but they’re able to filter out false positives and only deal with real issues. This saves the organization time and effort in reviewing potential threats, which allows them to spend more time focusing on their mission.

MSP’s often create and implement a high level IT strategy, backup the organization’s data, update their systems, fix any technical issues, and arrange security controls. Far beyond trusting in a few antivirus programs, they provide many layers of security to their clients.

“Why does this matter to a small business?” you may wonder. “It sounds like pointless expense. After all, McAfee’s not that bad.”

And we get it–time is money, and small business owners rarely have enough of either.

But why worry about cybersecurity all on your own when investing in a solid tech partnership can give you peace of mind as well as more time to devote to your business? Properly handled, MSS can minimize the human errors we all make that will leave your business open to a costly attack.

To learn more, stick around for our next post highlighting another common cyber threat–security breaches.

Stay tuned!

Join us in October for Cybersecurity Awareness Month!
Join us in October for Cybersecurity Awareness Month!
credit: Pete Linforth on Unsplash.com

You make sure to have working locks (and maybe cameras) on your home, your office, even your car . . . but what about your computer system? According to the FBI’s Internet Crime Complaint Center’s (IC3) 2020 internet crime report, complaints of suspected internet crime have increased by more than 300,000 since 2019. If your business is relying more heavily on the internet now to keep things running smoothly than it was in 2019 (or if it’s joining the digital age for the first time), you cannot afford to pass up educating yourself about cybercrime.

In preparation for Cybersecurity Awareness Month in October, Flint Tech will be taking a close look at cybercrime, including how to identify the different types of cyberattacks and what small businesses can do to protect themselves.

“But I’m a small business,” you say. “Are hackers really going to bother with little old me?”

According to a 2014 Year-End Report from the National Small Business Association, “half of all small businesses report they have been the victim of a cyber-attack–up from 44 percent just two years ago.”

Half of all small businesses in 2014. And it’s only grown from there.

You could put on your best Clint Eastwood expression and decide luck is on your side . . .

Or you could stick with us for the month of October and equip yourself to better protect your company.

Let’s dive in by identifying the most common types of network security threats.

Most of them fall into one of six categories:

  • Malware
  • Security Breaches
  • Denial of Service (DoS) attacks
  • Web attacks
  • Session hijacking
  • DNS poisoning

We’ll begin with one most of us know about:

Malware: A generic term for software that has a malicious purpose, including virus attacks, worms, adware, Trojan horses, and spyware. It is the most prevalent danger to your system. Some common ways to protect yourself include keeping your software updated, be cautious of links and attachments in emails, and identify malicious/compromised websites (tip: look for numerals substituted for letters or unintentional misspellings in the domain name).

Security Breaches: These attacks include any attempt to gain unauthorized access to your system. Cracking passwords, elevating privileges, and breaking into a server are all things you probably associate with the term “hacking.” A Stanford University study shows that 88% of data breaches are down to human error. When a solid tech partner has your back, you can rest easier about your system’s security.

Denial of Service (DoS) Attacks: This attack happens when legitimate users are unable to access devices, information systems, and similar network resources. This can include email, online accounts, websites, etc. It costs organizations time and money while their resources are inaccessible. Partnering with a solid tech administrator can help reduce the effects of an attack on your system.

Web Attacks: This is any attack that attempts to breach your website, including SQL injection and cross-site scripting. Website vulnerabilities include a system flaw or weakness that can be exploited to compromise security.

Session Hijacking: These attacks are pretty advanced and involve an attacker using cookies to take over a session. This type of attack has become easier to perpetrate over time, as certain social media giants can attest.

DNS Poisoning: This type of attack seeks to compromise a DNS server so that users can be redirected to malicious websites, including phishing websites. It is one of the trickiest cyber attacks out there. Secure web hosting is a crucial part of defending against it.

Threats are always more frightening when you don’t know anything about them. We look forward to giving you more information on each of these types of threats over the next month as well as the keys to defending yourself and your small business. Stay tuned!