Types of Online Threats
Our digital era is rife with data breaches and cyber hacks. And these attacks are not limited to huge corporations — small businesses are at just as much risk, if not more. According to a 2020 study by Fundera:
- 43% of cyber attacks target small and mid-sized businesses.
- 60% of small businesses that are breached go out of business within six months.
- Cybercrime costs small and medium businesses more than $2.2 million a year.
- There was a 424% increase in new small business cyber breaches in 2019.
- 50% of small and mid-sized businesses suffered at least one cyber attack in 2019.
- 47% of small businesses cannot recognize or protect themselves against threats.
From social engineering to DDoS attacks, there are numerous ways a business can fall victim.
To help you recognize and understand what threats could impact your business, we have compiled some of the most common threats that organizations face on a regular basis.
Malware is a term that describes any type of software designed to inflict damage on a computer. There are many types of malware, including (but not limited to):
Virus - a malicious computer program that can infect other devices.
Ransomware - malware that prevents access to data unless a ransom is paid.
Spyware - software that collects sensitive information without users being aware.
Adware - software that displays unwanted advertisements on a users device.
Trojans - malicious software disguised as legitimate that can take control of a device.
Worms - a program that can duplicate itself and spread to other devices.
Remote Access Trojan - software that gives intruders remote control of a device.
Keylogger - software that monitors and logs keystrokes.
Malware can be spread in many different ways:
- From phishing emails, when users open up malicious attachments.
- Over the internet when a user visits an infected website, and the malware is downloaded and installed without the user’s knowledge.
- Through outdated software — Malware combs through the internet to find vulnerabilities in outdated software.
- By infecting peer-to-peer file-sharing systems and spreading the malware into the user device.
- When users click on malicious pop-ups that look like legitimate alerts.
- Via Local Area Networks (LANs). A LAN is a group of computers that connect locally and share information over a private network. If one computer in the network is infected with malware, it can spread to all the other computers.
Ransomware is a type of malware that takes over a computer and denies access by encrypting everything on the computer. The ransomware attacker then demands a ransom from the victim in order to restore normal access. Users are instructed to pay a fee to get the decryption key. The ransom cost can range from a few hundred dollars to thousands and thousands.
There are a few different kinds of ransomware:
- Crypto malware. This is the most common type of ransomware that encrypts files on the device in order to extort money.
- Lockers. This kind of ransomware infects operating systems to completely lock users out of their devices.
- Scareware. This is fake software that claims to have found issues on your computer, and demands money to resolve the fake issue.
- Doxware. This type of malware threatens to publish your stolen information online if you don’t pay the ransom.
If you do end up infected, don’t pay the ransom. In very (very) rare cases people get lucky and paying the ransom gets their data restored — but more often than not, the cybercriminal asks them to pay again and again, without ever releasing the data.
DDoS attacks are one of the most common types of online threats. DDoS stands for Distributed Denial of Service and occurs when a single system crashes after being targeted by multiple systems to flood its bandwidth. DDoS attacks can be compared to a group of people crowding the entry door to a shop or business, or vehicles trying to merge onto a road that has been brought to a halt by bumper to bumper traffic. By stopping traffic, these criminals effectively prevent legitimate customers and online users from entering your shop.
To execute a DDoS attack, an attacker will spread malicious software to vulnerable devices, typically by using infected emails and attachments. This will create a network of infected machines, also known as a botnet. The attacker has control over the botnet and can direct it to flood the target website with unrelenting waves of internet traffic — so much so that the targeted network stops working and the entire website goes dark.
One-third of all downtime incidents are attributed to DDoS attacks — and thousands happen every day. DDoS attacks are primarily used against developers and publishers, to harm the reputation of a website or to protest a controversial person or platform. "For businesses, any disruption in service can cause serious damage," said Francis Dinha, CEO of OpenVPN, Inc. "Not only is there harm to the actual business in terms of potential legal issues, clients could be lost forever if they believe their personal information is not safe with that business."
Social engineering is a tactic that involves deception and manipulation to get victims to willingly disclose information that can be used for fraudulent purposes. Rather than utilizing specialized software or malware to break into systems, social engineering depends on the human element to gain access to sensitive data.
Two of the most notable types of social engineering are phishing and pretexting.
Phishing. Phishing is a technique used by hackers to obtain sensitive information by disguising oneself as a trustworthy entity. Attackers often use hand-crafted emails or other types of messages that are designed to trick people into divulging personal or confidential data such as passwords and bank account information.
Pretexting. Pretexting is a type of social engineering where the attacker impersonates another person in order to gain the trust of their target. This could be as innocuous as a teenager creating and using a fake social media account to find out information about their ex — but in a business context, it could be a very convincing request coming what appears to be Human Resources, Payroll, or the CEO.
Preventing Cyber Threats
While it can be possible to recover from a breach, a better alternative is to prevent yourself from getting targeted in the first place. Here are some important steps you can take to prevent attacks on your business:
- Use security software. Install and use a trusted security suite that offers more features than just basic antivirus software.
- Update your devices. Make sure all your internet-capable devices are protected from viruses and malware, and keep your security software current and up to date at all times. Turn on Automatic Software Updates whenever possible.
- Filter web traffic. You may employ a blacklist of websites not safe to access, or go the safer route and define a whitelist: sites that you know are secure. Cut down on the risk of inadvertently clicking on dangerous links that would download malware to your devices.
- Use email filters. Set them up to stop spam on both inbound and outbound emails. Stop those harmful emails before they even hit your inbox.
- Set strong password requirements to make sure that credentials can hold up to a brute force attack.
- Backup your information frequently. All critical information should be included in a regular backup plan and tested for quality. If ransomware strikes, you will be able to restore your most important data and continue on with normal life much faster.
- Understand your network. Could you draw a visual representation of your network? Do you have one already mapped out? If not, figuring out where an attack has access to spread can cost you valuable time.
- Educate your employees. Cybersecurity procedures must be taught effectively and reinforced regularly. Your staff will likely fall out of the appropriate practices and will need reminders and training to get back on track.
- Always use a VPN. A reputable VPN will keep all your sensitive data secured, and allow you to set up access control, network segmentation, zero trust, and other configurations that can help prevent falling victim.
OpenVPN provides flexible VPN solutions to secure your data communications, whether it's for Internet privacy, remote access for employees, and mitigating many cyber threats. Our OpenVPN Access Server works as a strong security solution and can be deployed on-premises using standard or virtual servers, or on the Cloud.
To deploy Access Server, you can:
- Deploy it yourself, using our Quick Start Guide.
- Deploy a ready-to-launch instance on Amazon Web Services
- Deploy a ready-to-launch instance on Microsoft Azure
- Deploy a ready-to-launch instance on Google Cloud
- Explore some of our more detailed self-deployment options
By following our suggested steps and utilizing OpenVPN Access Server, you will greatly reduce your risk of falling victim to cyber threats.