Cyber attacks: how to protect yourself and your business

The current health situation favors the increase in cyber-attacks with massive recourse to teleworking and increasingly connected homes. The solution? Protect yourself with a comprehensive security suite.

Cyber-attacks are not taking any break with the COVID-19 crisis, quite the contrary. Au contrary, all indicators show an increase in threats to the security of individuals and businesses alike, in the face of increasingly sophisticated malware such as ransomware.

From where a need more important than ever to protect oneself, and to do it with a solution which goes beyond the simple antivirus to also ensure the protection of the confidentiality, the personal data and the performances of its devices, via modules like a pare -fire, anti-phishing and anti-ransomware tools, a VPN can provide effective protection against tracking. Today, a tool like VuzeVPN helps protect against such attacks.

Cyber attacks: why are there more and more?

One would think that with increasingly secure operating systems and increased user awareness of the dangers of viruses and other spyware, cyber-attacks would tend to decrease. However, this is not the case, and they are even more than stagnating: on the contrary, they are increasing.

How can we explain it? The current situation and the COVID crisis play a big role in this explosion. Successive confinements and more generally health measures have generalized the use of teleworking in many sectors. And while an administration or a company can provide certified and secure hardware, this is not the case for everyone, and as a result, many users work from their personal computers, which are not always well secured. Professional activity is therefore added to the many tasks that we already carry out daily: shopping, administrative procedures, streaming entertainment, communications on social networks…By using more and more digital tools, we are vulnerable to attacks such as phishing, credit card fraud, or ransomware that encrypts user data.

This context encourages us to protect ourselves: how to escape the hackers who seek to recover our personal data and our banking data?

In the event of a cyber attack, time is running out to protect your business

Chains of attack, which were once just theory, have become a reality.

Additionally, with the advent of cryptocurrencies, attackers are now able to easily monetize data. They relentlessly seek out and exploit vulnerabilities to gain a foothold in systems and networks, then access and monetize corporate data using encryption and extortion.

Their strategy is to try to force the locks on any door or window (multiple times) until they find a way to enter. It is therefore no exaggeration to assume that any vulnerable system connected to the Internet has already been compromised. Any Internet system that works with a connection, vulnerable or not, is probably under a so-called “brute force” attack right now (Attackers are trying countless combinations of usernames and passwords until you find one that works).

Over the past year, different modus operandi have been observed: some attacks have been launched from loopholes in VPN devices, remote access servers or even file transfer servers.

Employees open their network doors to cybercriminals by clicking on links that trick them into disclosing credentials or downloading malicious code. If an attacker does not wish to break into a system themselves, they can also buy their entry on the Dark Web. The data is then used as a weapon against the company and leaves it with a decision: should the ransom be paid?

How do cyber criminals operate

Once attackers take control of a server or terminal, they usually follow the same instructions:

  • First of all, setting up a control system (Command and control) to use the first server as a starting point,
  • then a basic reconnaissance of the network with well-known stealth techniques,
  • to then compromise accounts with greater privileges, by exploiting internal weaknesses, loopholes or by resorting to brute force attacks,
  • These accounts are then used to steal data and install backdoors,
  • And finally, the encryption of the data, and the sending of a ransom note, to be paid in cryptocurrency, in exchange for a decryption key…and a questionable guarantee that the stolen data will not be disclosed.

Most businesses are completely caught off guard when they receive a ransom demand.

How to protect yourself and your business

Start with the end: the safe.

Attackers target the data because this is what they can most easily monetize. Where are the most critical and risky data vaults located? Care must be taken to ensure that sensitive data is in the safe, and especially that only authorized persons can access it and that a user can be detected making an unusual withdrawal.

Practice responding to attackers.

If criminals have entered the bank account and one of the workstations, servers or gateways is compromised, you should try to detect the next phase of the attack. Do we see the recognition? Is there unusual activity in the Active Directory? Unusual access to data or systems? This requires establishing a baseline of “normal” user behavior.

Multiply the force used to ward off attacks.

When it comes to computer security, the guesswork is no longer appropriate. Any known flaw will be the subject of an attempted attack. Too many IT departments are unable to track the application of patches. If a site only requires entry of a username and password, it will be targeted by hackers trying to guess the required combination. In addition, too many businesses allow single-factor authentication on online services.

By following these advice, the chances of the company coming out against competent and highly motivated attackers are increased. Just trying to keep them at bay is just not realistic. In any case, with the presence of resources in the Cloud and the rise of teleworking, “the outside” is nothing more than theoretical data.