Get All Access for $5/mo

Top 3 Cyber Threats Prevalent Globally and How To Combat Them Through monitoring, software professionals can verify security and compliance requirements regardless of whether data is stored locally, in a database, in a virtual environment or in the cloud

By Shomiron Dasgupta

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Shutterstock.com

Cyber threats have been prevalent on the internet for decades now. Unfortunately, malware has been evolving more rapidly than the anti-malware software needed to combat it. The three most active cyber threat categories worldwide are currently ransomware, phishing, and endpoint attacks.

Ransomware

Ransomware is malicious software that encrypts data on a target system and demands a ransom in exchange for restoring access to the encrypted data. The demand is typically in Bitcoin and requires a digital key to unlock the files. These attacks range from low-level nuisances to serious incidents such as the data lockdown of several organizations.

The recent incident of the ransomware "Petya", which hit Ukraine in 2017 and cascaded to several countries, brought into light the extent of damage a ransomware can bring. The attack spread through Ukrainian government systems that use Microsoft Windows. This resulted in the ransomware shutting down banks, state power utilities, ATMs, airport and metro system. It also resulted in the Chernobyl radiation monitoring system to go offline and forced officials to check radiation levels manually. The ransomware demanded $300 Bitcoin, which was allegedly paid by various companies.

Preventing ransomware begins with updating and patching operating systems and applications regularly. Furthermore, regular backups of all systems on a network can greatly reduce the damage caused by a successful attack. Remind users to be wary of suspicious files they receive, and make sure they understand how to identify and filter malicious emails. Lastly, be sure that a reputable antimalware solution is installed on all systems.

Security monitoring grants real-time visibility of users and their devices. Through monitoring, software professionals can verify security and compliance requirements regardless of whether data is stored locally, in a database, in a virtual environment or in the cloud. Additionally, monitoring solutions classify devices by type, owner, and operating system to deliver insights and make preventing and responding to risks easier. Here are just a few effective ways to implement security monitoring:

  • Use analytics to build a connectivity map within your infrastructure to detect anomalies in hosts and their connection patterns.
  • Use process monitoring to detect changes in process footprints.
  • Set up effective file access monitoring to detect large-scale changes to files. Quarantine suspicious hosts immediately to stop malware from spreading.

Phishing

Phishing attacks are hard to detect. They often appear to be every day emails from known and trusted sources, but they trick users into installing malware on their devices, giving hackers access to their victims' workstations.

These attacks are often used to steal confidential user data, like credit card numbers and login credentials. The attacker purports to be a trusted source or entity and convinces the target to click on a malicious link. This often leads to the installation of malware, or to a fake login page under the attacker's control.

Proactively blocking malicious emails and securing email gateways can reduce users' exposure to generic, opportunistic campaigns. Many security solutions also include features to help identify breaches and support regulatory compliance. Creating awareness among users, conducting training and running simulations can also reduce the effectiveness of phishing attacks.

Combining phishing awareness with training provides users with an easy way to act on their knowledge and empowers users to take charge of their own security. Being able to identify affected user accounts and their credentials is crucial. Supplementing user-based reporting with detection capabilities provides complete end-to-end visibility to the security authorities in an organization — when employees report breaches themselves, there is more time to take countermeasures that limit their impact.

A few anti-phishing monitoring techniques are listed below:

  • Set up an effective endpoint monitoring strategy to detect maliciously spawned child processes that might be used to steal data (discussed further in the next section).
  • Identify malicious files and URLs within emails by forwarding messages to a sandbox, or use lookups with service providers that maintain databases of known malicious files and URLs.

End Point Attacks

Endpoint attacks target user systems rather than their servers. These user systems are entry points to network and include smartphones, computers, laptops and fixed-function devices. Endpoint attacks also affect the shared folders, Network-attached storage (NAS) and hardware such as server systems.

Endpoint security is implemented on the user systems to prevent them from running malicious threats, which may be internal or external, from malware or non-malware, data theft, and system disruption. A way to prevent an endpoint attack is by setting up high endpoint security that combines prevention, detection, monitoring and determining root causes of an attack.

It is important to note that endpoint security is very different from traditional antivirus mechanisms as it uses predictive analyses instead of reactive actions.

Therefore, organizations should set up endpoint-monitoring solutions that monitor connection activity and can identify an anomaly indicating a potential threat. Another way to combat an endpoint attack is through behavioural analytics. It observes parameters such as user behaviour, network behaviour, other entities that connect to it and looks for patterns and tasks that are not within the norm.

Other steps include removing administrative access from an endpoint system, which does not require administrative rights for everyday applications, keeping systems up to date, implement advanced authentication.

These monitoring techniques can help to prevent the endpoint attacks:

  • Set up effective process profiling to identify, validate and investigate unknown processes spawned on endpoint systems.
  • Analyze connections made by endpoints to identify malicious transactions between hosts.
Shomiron Dasgupta

CEO and Founder, DNIF

Most Popular

See all
Business News

Microsoft Reportedly Lays Off Over 1,500 Employees in Cloud Sector as Partnership with OpenAI Strengthens

Alphabet also reportedly laid off employees from several teams in Google's cloud unit last week.

By Emily Rella
Side Hustle

This Former Starbucks Employee Started a Side Hustle That's Making More Than $70,000 a Month — and He's Not Done Yet

When Tom Saar moved to New York City, he spotted a lucrative business opportunity.

By Amanda Breen
Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

By Eve Gumpel
News and Trends

Sportskeeda's Parent Absolute Sports Acquires SoapCentral for USD 1.4 Mn

For Absolute Sports, this is their second acquisition in the US sports media sector. Absolute Sports had acquired a 73.27% stake in US-based Pro Football Network LLC earlier this year.

By Entrepreneur Staff
Leadership

ITC's Marketing Wizard: Shuvadip Banerjee, Chief Digital Marketing Officer

The FMCG giant's successful campaign #MyFantasyAdWithSRK broke the Internet and in just a few weeks of launch had 10 lakh participants

By Shrabona Ghosh
Business News

ChatGPT Users Report Mass Outage, OpenAI Says It's 'Investigating'

ChatGPT's outage was first reported early Tuesday morning.

By Emily Rella