If you’re in business, you have enemies — and they’re trying to get into your network.
For-profit malware authors after baking information or files for extortion want in. Script-kiddies want in because mayhem is their game. And if you’re large enough, criminals seeking data about your customers for espionage want in too.
“For instance, if you’re a law firm,” F-Secure Labs Senior Researcher Jarno Niemelä said in a recent webinar, “your clients might be interesting.” And it’s not just the clients of lawyers, who may be “interesting”. He noted companies that specialize in car rental, car leasing, cleaning and catering all have customers that are attractive targets for your enemies.
In order for an attack to be successful, the attacker must first get information about his or her targets. And the worst part is we may be letting our enemies in.
Here are the 5 most common methods that is done:
Spam is designed to hit anyone and only needs to work a tiny fraction of the time. A spear phishing attack was designed to get you.
2. Hacked websites.
Like a lion hiding in a savannah, the best attackers infect a website you’re likely to visit — naughty and not naughty — and wait for you to become their prey.
3. Search Engine Poisoning.
Criminals target a specific search term and tries to drive an infected site up the Google rankings.
4. Traffic Injection.
These more advanced attacks hijack your traffic and send it to a router controlled by the enemy. Once you’ve become the victim of a man-in-the-middle attack any web site you visit could be infected just for you.
5. Social engineering.
What your enemy lacks in technical savvy, s/he could make up with the ability to fool you.
6. Affiliate marketing.
Some criminals — and intelligence agencies — simply buy their victims in bulk. Jarno calls it “the digital slave trade”.
Of course, these aren’t the only ways into your network. Jarno also explained how offline attacks through external drives, for instance, can provide access. But these are the six most likely ways your enemies will find their way in your network. And you should have some idea what they’re up to, since their success depends on your mistakes.
In less than two months, the world has seen the two biggest ransomware outbreaks ever…
July 7, 2017
UPDATE: For the latest on Petya, check this F-Secure Labs post. Are we still calling…
June 28, 2017