Skip to main content

Have you ever had a Virus, Spyware, or Malware?

These are terms most people are more familiar with, but they all mean the same thing- the security of your business was compromised (you've been hacked). Most people are familiar with the tell-tale pop-up ads that occur when your computer has been infected with spyware. Most malware today is not so obvious; it infects your computer and silently sends details back to its controller. Information such as bank accounts and intellectual property are the targets of today's cybercriminals.

Questions for your I.T. Department:

  • Could we detect large amounts of data exiting our network?
  • Do we track the movement of data classified as highly sensitive from one user to another?
  • Would we be able to detect non-standard data transferred on common ports?
  • Do encrypted communications channels signal an alarm?
  • What level of an attacker can we defend ourselves against?

Questions for Business Owners:

  • What information is really the "secret sauce" of our company and must be protected by all means available?
  • What is the true impact of a breach on our business financially?
  • Are we realistic about our chances of being breached?

Cyber attacks today come in various skill levels:

Enthusiasts- Sometimes referred to as "script kiddies" in the industry. These are opportunist and unskilled attackers that look for any easy opening. Enthusiasts surf the Internet looking for easy to exploit vulnerabilities in software without any particular victim in mind.

Skilled Enthusiasts- This level of attackers are akin to Network Administrators. Skilled enthusiasts are attackers that have a good understanding of how networks and companies work. Attackers at this skill level use similar tools to the "script kiddies," but skilled enthusiasts understand when to use a particular attack tool and may have a specific target in mind.

Professional Cyber Criminals- These are the for-hire bad guys of the cyber world. They are not as obvious as the average attacker, and they're very good at getting what they are after. These attackers typically go after bank account numbers, intellectual property, social security numbers, credit cards, and patient information. Professional criminals use either modified, or off-the-shelf variety attack tools or, in some cases, custom written malware, making them much harder to detect.

Nation-States or Advanced Persistent Threats (APT)- Attackers are highly skilled and well funded at this level. It is thought that many of these attacks go unnoticed, so it's tough to get a good feeling for how common they are. Attacks at this level include the breaches at Google, RSA, Stuxnet, Flame malware, and other nation-state or well-funded attacks. The tools these attackers use are custom written to avoid detection.

Be Realistic!

Your company must be realistic about what sort of attackers it's likely to face. It's equally important that the current state of your company's security program is understood. Suppose your company has never had a risk assessment, start there. A risk assessment will help you quantify your biggest threats and prioritize your resources.

Nick Gibson
Post by Nick Gibson
February 21, 2024