The short answer is – lots of ways! But several common ways are used over and over by bad guys. These common ways are used repeatedly for one simple reason — they work! And because they work, you can bet that these techniques are being used against your network. So if you’re going to secure your network, you have to get control of these common infiltration points. Let’s briefly review the most common entry points and summarize what can be done to limit access to the bad guys.
Perhaps the most common way an attacker gains a foothold is by sending a user an email that contains either an infected attachment (such as a pdf file, spreadsheet file, or picture) or a link to an infected website or server. When the user clicks on the link or opens the attached file, a program will run in the background that gives the attacker control over the computer. Attacking a network through the use of email is called ‘phishing’. From that initial foothold the attacker may be able to spread to other computers in the network, download data, grab user accounts and passwords, change information, steal money, launch a denial of service attack, or any of a million other things. Because email is such a common route by which to compromise a network, it is really important to secure email. Besides good antivirus on a laptop or tablet, I also recommend that businesses use a hosted exchange service that scans incoming email for infected attachments or links.
Server Attack
A second common attack mode involves compromising an internet facing server. For example, let’s suppose you run a web server that hosts your company website. Because that server is on the internet, it is available for anyone in the world to see. Because anyone in the world can see it, you can guarantee that bad guys are constantly attacking that web server. Their goal is to exploit any vulnerability they find, establish a foot hold in the web server, and then use the server for their own purposes. If you have an internet firewall that is also an IPS (Intrusion Prevention System) or IDS (Intrusion Detection System), check the firewall logs and you’ll likely see various attacks against your web server. But don’t think these attacks only come against a web server. Attackers are looking for an email server, ftp server, application server, or anything else accessible across the internet. Even devices like IP security cameras or internet enabled baby monitors are open to attack. Have a good, current firewall with current intrusion prevention signatures as well as gateway antivirus is a good start. If you’re running a web server, I’d be sure there is a good Web Application Firewall (WAF) with current WAF signatures in place.
Infected Website
Ever visited a website and ended up with a computer virus? This virus may have come from the website itself (when an attacker compromised the website), but it could also have come from the ads or other media that is served through that website.No matter how the third party website was infected, your protection methods are the same – be sure your device has all current updates, be sure it has current antivirus, and stay away from websites with a higher likelihood of infection.
Infected Toolbars, Games, Apps, Other Programs
All of us like free stuff. Yet that free stuff costs to produce and has to be paid for somehow. Many times that pay comes as malware is packaged with the free program. I’ve seen infections in browser toolbars, games, cell phone apps, and other free stuff that we all like to download. Obviously you need to keep current antivirus on your device. But you also might want to stop and ask yourself if you really need that free item. If it’s infected, you might find out that ‘free’ comes at a very steep price!
Weak Passwords
We’ve all seen the news stories – some celebrity has their email account hacked and photos, message, or other private information is stolen. One common thread these stories often share is that the email account was secured with a weak password. Unfortunately, passwords are part of our life. Be sure you don’t use a simple password. Also, be sure you don’t use the same password across multiple sites. If you do, you’re setting yourself up for failure.
Social Engineering
You may have gotten the call yourself – a person claiming to be from Microsoft calls to let you know your computer is infected and offers to help you remove the infection. As the caller continues, he asks for permission to connect to your computer and do the work. Unfortunately, if you give permission, all you’ll end up with is a truly infected computer. Social Engineering tries to exploit the natural human tendencies to trust people or the tendency for greed. Because either emotion is so powerful, an attacker can often easily exploit these emotions to gain network access.
Infected Media
Another common attack vector involves using infected media. For example, let’s suppose you find a lost flash drive in the parking lot. Being the helpful person you are, you take it into work, plug it into your computer, and look for signs of who the flash drive belongs to so you can return it to it’s owner. But unknown to you, this lost flash drive was infected with malware. As soon as you plugged it into your computer, the malware on the flash drive began infecting your computer and possibly spreading to other computers on the network. Even if you remove the flash drive, your computer is still infected. Any kind of removable media can be infected and used as a vector to compromise your computer.Once again, good antivirus, Security Awareness training, and a policy against inserting unknown removable media are all ways to combat this attack vector.
Wireless Hacking
How about attacking your computers through the wireless network? Many times we forget that the wireless signals travel outside the walls of our office. Because they do, it is entirely possible for an attacker to be across the street or across the block while hacking into your wireless network. And don’t get complacent – it is even possible for attackers with specialized equipment to access your wireless from miles away without you ever seeing them! Securing your wireless is obviously an important step.
The point is – there are lots of ways for an attacker to get into your network. Let our team help you secure your network and make it much harder for the bad guys to get in.
Practical Cybersecurity Webinars:Series 2 Starts November 14, 2024!
Learn practical information your business or organization can put to use to improve your cybersecurity stance with the short, monthly webinars.
- Preparing for Insider Threats
- Easy Policy Management
- Intro to Microsoft Copilot
- What’s Included with Microsoft 365
- Get Ready for Windows 11
- Getting Your “Digital Clouds” Under Control
Registration is FREE!