Get All Access for $5/mo

Top 3 Cyber Threats Prevalent Globally and How To Combat Them Through monitoring, software professionals can verify security and compliance requirements regardless of whether data is stored locally, in a database, in a virtual environment or in the cloud

By Shomiron Dasgupta

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Shutterstock.com

Cyber threats have been prevalent on the internet for decades now. Unfortunately, malware has been evolving more rapidly than the anti-malware software needed to combat it. The three most active cyber threat categories worldwide are currently ransomware, phishing, and endpoint attacks.

Ransomware

Ransomware is malicious software that encrypts data on a target system and demands a ransom in exchange for restoring access to the encrypted data. The demand is typically in Bitcoin and requires a digital key to unlock the files. These attacks range from low-level nuisances to serious incidents such as the data lockdown of several organizations.

The recent incident of the ransomware "Petya", which hit Ukraine in 2017 and cascaded to several countries, brought into light the extent of damage a ransomware can bring. The attack spread through Ukrainian government systems that use Microsoft Windows. This resulted in the ransomware shutting down banks, state power utilities, ATMs, airport and metro system. It also resulted in the Chernobyl radiation monitoring system to go offline and forced officials to check radiation levels manually. The ransomware demanded $300 Bitcoin, which was allegedly paid by various companies.

Preventing ransomware begins with updating and patching operating systems and applications regularly. Furthermore, regular backups of all systems on a network can greatly reduce the damage caused by a successful attack. Remind users to be wary of suspicious files they receive, and make sure they understand how to identify and filter malicious emails. Lastly, be sure that a reputable antimalware solution is installed on all systems.

Security monitoring grants real-time visibility of users and their devices. Through monitoring, software professionals can verify security and compliance requirements regardless of whether data is stored locally, in a database, in a virtual environment or in the cloud. Additionally, monitoring solutions classify devices by type, owner, and operating system to deliver insights and make preventing and responding to risks easier. Here are just a few effective ways to implement security monitoring:

  • Use analytics to build a connectivity map within your infrastructure to detect anomalies in hosts and their connection patterns.
  • Use process monitoring to detect changes in process footprints.
  • Set up effective file access monitoring to detect large-scale changes to files. Quarantine suspicious hosts immediately to stop malware from spreading.

Phishing

Phishing attacks are hard to detect. They often appear to be every day emails from known and trusted sources, but they trick users into installing malware on their devices, giving hackers access to their victims' workstations.

These attacks are often used to steal confidential user data, like credit card numbers and login credentials. The attacker purports to be a trusted source or entity and convinces the target to click on a malicious link. This often leads to the installation of malware, or to a fake login page under the attacker's control.

Proactively blocking malicious emails and securing email gateways can reduce users' exposure to generic, opportunistic campaigns. Many security solutions also include features to help identify breaches and support regulatory compliance. Creating awareness among users, conducting training and running simulations can also reduce the effectiveness of phishing attacks.

Combining phishing awareness with training provides users with an easy way to act on their knowledge and empowers users to take charge of their own security. Being able to identify affected user accounts and their credentials is crucial. Supplementing user-based reporting with detection capabilities provides complete end-to-end visibility to the security authorities in an organization — when employees report breaches themselves, there is more time to take countermeasures that limit their impact.

A few anti-phishing monitoring techniques are listed below:

  • Set up an effective endpoint monitoring strategy to detect maliciously spawned child processes that might be used to steal data (discussed further in the next section).
  • Identify malicious files and URLs within emails by forwarding messages to a sandbox, or use lookups with service providers that maintain databases of known malicious files and URLs.

End Point Attacks

Endpoint attacks target user systems rather than their servers. These user systems are entry points to network and include smartphones, computers, laptops and fixed-function devices. Endpoint attacks also affect the shared folders, Network-attached storage (NAS) and hardware such as server systems.

Endpoint security is implemented on the user systems to prevent them from running malicious threats, which may be internal or external, from malware or non-malware, data theft, and system disruption. A way to prevent an endpoint attack is by setting up high endpoint security that combines prevention, detection, monitoring and determining root causes of an attack.

It is important to note that endpoint security is very different from traditional antivirus mechanisms as it uses predictive analyses instead of reactive actions.

Therefore, organizations should set up endpoint-monitoring solutions that monitor connection activity and can identify an anomaly indicating a potential threat. Another way to combat an endpoint attack is through behavioural analytics. It observes parameters such as user behaviour, network behaviour, other entities that connect to it and looks for patterns and tasks that are not within the norm.

Other steps include removing administrative access from an endpoint system, which does not require administrative rights for everyday applications, keeping systems up to date, implement advanced authentication.

These monitoring techniques can help to prevent the endpoint attacks:

  • Set up effective process profiling to identify, validate and investigate unknown processes spawned on endpoint systems.
  • Analyze connections made by endpoints to identify malicious transactions between hosts.
Shomiron Dasgupta

CEO and Founder, DNIF

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

News and Trends

WhatsApp Launches Bharat Yatra to Empower Small Businesses in India

This initiative builds on WhatsApp's recent innovations tailored for SMBs, including the Meta Verified feature, which enhances credibility, and customized messaging tools for more efficient customer communication.

News and Trends

growX Ventures Launches Fund II with a Target Corpus of INR 400 Cr

Fund II aims to target early-stage and growth-stage investments, backing 20–24 startups in deeptech sectors. It plans to deploy INR 10 crore in seed and INR 20–30 crore in Series B rounds.

News and Trends

Aampe Gains USD 18 Mn from Theory Ventures and Z47 to Enhance Digital Product Personalisation

With the new funding, Aampe plans to double its workforce to meet the growing demand for its agentic infrastructure. The company aims to onboard more customers and streamline the integration of its technology into their workflows.

News and Trends

India's Data Center Capacity to Reach 2,070 MW by End of 2025: CBRE

Cumulative investment commitments in the data center sector in India to cross USD 100 billion by 2027. Mumbai, Chennai, and Delhi-NCR to lead data center supply addition

Business News

I Tried Buying a Car on Amazon. Here Are the Pros and Cons.

Amazon Autos just launched, and users can buy a new car online. Here's how it works and what needs to improve.