Common cyber-security attacks, how to spot them and
attacks appear in many guises and recognising the most common malware can help you
to ensure that you are taking the correct precautions to safeguard your
business from costly downtime. Here’s our guide to some of the most common
attacks, their symptoms and preventative measures.
A virus might corrupt, steal
or delete data – including passwords; wipe an entire hard drive, hijack your
browser or disable security settings. Symptoms of a virus include slow computer
boot-up, independent restarts, or repetitive crashes. Disappearing data, files
or programmes are a red flag, as is an unexpected change to your internet
Often highly infectious,
this type of attack spreads through your network and connected computers. Downloaded
unwittingly via a malicious website or online advertising banner and carried
via emails to other networks; this type of attack can blight your entire supply
Anti-Virus programmes will
protect you from the majority of virus dangers but, just like the common cold,
they quickly evolve so you can never be 100% safe. Larger enterprises can
install a second security layer to mitigate risks by spotting and blocking
malicious servers and web traffic. These systems can also be programmed to
automatically respond to breaches; for example, by shutting down network
segments or disconnecting individual computers and devices.
Ransomware restricts access
to files and displays a message that demands payment in return for their
release; the threat being permanent deletion of the files if the payment is not
made. Often this message indicates that the action has been taken by an
official body, such as the police, and that failure to pay the fine will result
in prosecution. The WannaCry attack on the NHS in 2017 is a high-profile
Never pay the ransom (it is
unlikely that files will ever be released). This threat is likely to require support
from an IT engineer and, in some rare cases, the ransomware can be removed,
data recovered, and the machine repaired. The more likely scenario will rely on
back-ups; so, it’s important to have a recovery plan in place, back-up your
files regularly and routinely test your back-ups.
Phishing scams attempt to
trick a victim into giving out personal information such as bank details; often
via phone, email or text and with a message that appears to be from a
legitimate source. Successful attacks can lead to significant financial loses.
There are various, more sinister forms of phishing, and scammers are getting
ever-more imaginative – a few examples;
Spear Phishing: the perpetrator poses as colleague, customer or another
trusted person, usually guiding the victim to a malicious website where they
will download malware onto their computer.
• CEO Fraud (sometimes called ‘Whaling’): the attacker poses as a CEO or senior manager to target an individual in the business with an urgent request to transfer funds or confidential information.
The best protection against phishing is to educate your employees to spot and respond appropriately to suspicious activity. There are also programmes available on the market that can support prevention, such as by flagging suspicious-looking email addresses and messages sent from external sources, quarantining suspicious URLs and filtering attachments.
Prepare for the worst and hope for the best
This is far from
an exhaustive list of malware; scammers are increasingly imaginative and
therefore it’s vital to have anti-virus programmes installed, and a robust
recovery plan in place should the worst happen. Best practice dictates that
regular scanning of your infrastructure for malware is a must, as is
maintaining back-up processes whilst keeping on top of security patches and
Get in touch
The Systems Assurance team is on-hand when you need to review and update your malware security systems and ensure that your business and data are as safe as they can be. Give us a call on 0114 292 2911.
Subscribe to our blog...
We will only use your email to send you new blog posts.