• Security
  • 17/10/2020
Strategies cyber criminals use to access your data

Here are a few strategies a hacker may use to attack your systems:

Ransomware

Typically a form of malware which seeks to take control of your computer, stealthily encrypting your files with an encryption key of which only a hacker knows.

God forbid you find yourself in such a situation but if you do, your options would be to either pay the ransom, attempt to crack the encryption or to simply cut your losses. Most people pay but why let them win. Hackers tend to not ask for much to encourage a quick payment. The payment is usually via a largely untrackable cryptocurrency like bitcoin.

 

Malvertisement

A malware-infected online advertisement. They will pay to which ads they are.

Hackers are now placing their own ads containing scripts. To get around security checks, these scripts point to other scripts, which download other scripts from other locations, repeating this process until malware infiltrates a user on the website.

This intelligent method of misdirection uses these chains of scripts from an assemblage of changing locations, leading the advertising network on a merry dance and makes it difficult for them to know the difference of a good ad from bad. Particular ad's like these are placed through automatically. Many websites have their own advertising network although many of these websites still fall foul to this form of attack and have unwittingly hosted malware in the past. Malvertisement is a growing attack vector to be reckoned with.

 

Drive-By Attacks

Dramatic name for when you visit a website containing code to exploit your machine.

 

Naivity is your weakest link.

It is naive to believe going to a well-known website will mean you are safe to browse. Malvertisement should serve as an affirmation of this. Can you tell if a website has been hacked?

Jamie Oliver had his website hacked three times – the surface of his website had been infected with a bit of script, reaping much reward for the hacker. Jamie Oliver may have the resources to recover from such a misfortunate event but how about you?

Before clicking an ad, how sure are you of your staff asking themselves 'is clicking through worth the risk?'

I recommend typing 'HTTPS' directly into your browser but if you feel the website is being promoted suspiciously, remember 100% ignorance to an ad is as close as you can get to eliminating the risk.

But will your staff remember to do that?

Recent Post

The Cloud Question

Security

Are IT preconceptions holding the business back?

Security

How secure is the Cloud?

Security

The Six R's of Cloud Migration

Security

Cloud Computing and the Property Sector

Security

Related Posts

  • Security
  • Jan

Do we value our data enough to protect it?

I’m sure you know yourself. You know your business. Of course you want to protect everything in it,

Read More
  • Security
  • Jan

Privacy or anonymity? - Which is more important in the digital era?

Technology is evolving quicker than most peoples’ ability to understand it; therefore it is increasi

Read More
  • Security
  • Jan

If all computers are vulnerable, how strong are your security defences?

You should now understand the difference between Privacy, Anonymity and Pseudonymity. which should l

Read More
  • Security
  • Jan

The Cyber Security Landscape - Best Practices to Protect Your Business Data

What business owners consider to be valuable assets will vary from one business owner to another  bu

Read More