Connected, but often with little protection small businesses are a desired goal for cybercriminals and hackers.
Therefore, Stormshield, European leader in digital infrastructure security, shows the ten most common entry points to the systems of these companies, as well as some tips and solutions to counteract these threats.
In this regard, Victor Poitevin, Digital Responsible for Stormshield, comments: "In small companies, which are often poorly protected, there are many security gaps related, almost always, to everyday activities such as opting for a public access point or using an external USB stick, so there are several points of entry for cybercriminals. "
Main entrance doors
- Email is, without a doubt, the favorite target to be pirated. A malicious attachment is the most commonly used vector for phishing or ransomware actions.
- Some Advertising Banner, especially in free sites, may be infected. By clicking on them, users can be redirected to a malicious site or even trigger a malware download.
- A poorly protected enterprise IT network, together with outdated workstations or servers, serves as an entry point for worms, which, unlike viruses, do not require user interaction to spread.
- On the Internet, the Watering Hole technique is a real threat. Simply hack a well-known website with a high volume of traffic to spread malware to the computers of users who visit it or are redirected to a malicious website.
- Applications, particularly those of Android, with fewer controls and more insecure than those of iOS, and scarewar (malicious software that shows alarming technical notifications) are the preferred vector of hackers.
- Unsecured WiFi systems, such as public hotspots, are the preferred entry point for cyber attacks, and are ideal for intercepting communications or recovering data and passwords.
- Connected Objects are very vulnerable and allow cybercriminals to access the corporate network, and / or be used to launch massive DDoS attacks.
- A USB stick can hold malicious software intended to infect workstations. For its control, it is recommended to use a computer isolated from the network.
- The Trust Relationship between a company and its suppliers often encourages carelessness. If a chain vector is poorly protected, it can become the link that hackers will take advantage of to access the ecosystem.
- Deceiving and becoming the CEO of a company to steal money is something much more common than it may seem. It is only necessary to gather information on the Internet.
In light of these examples, there is no doubt about the wide variety of entry points used by cybercriminals, nor about the harmful consequences of the attacks, especially for micro and small businesses. Therefore, it is vital that all companies, regardless of their size, protect and update frequently their operating systems and applications, also making periodic backup copies of the data.
Date update on 2018-11-28. Date published on 2018-11-28. Category: windows Author: Oscar olg Fuente: haycanal