2021 CYBERSECURITY CHECKLIST: PROTECT YOUR SYSTEMS AND NETWORKS FROM A CYBERATTACK.

As the pandemic continues to unfold, organizations are operating in a real-life multi-stress environment, facing cyber attacks along with many other COVID-19 related challenges. In the spirit of “never letting a good crisis go to waste,” organizations will, and should, rapidly redefine their new operating model and gain the speed of combating the growing cyber attacks.

To do that securely, organizations need to understand how their cyber risk profiles have changed and must revamp their strategies, training, and exercises to address threats and minimize risks.

Here, we will closely examine cyber-attacks that can affect an individual, or a large business, depending on the scale and ways we can protect our self from these attacks.

PASSWORD ATTACK

It is a form of attack wherein a hacker cracks your password with various programs and password cracking tools like Aircrack, Cain, Abel, John the Ripper, Hashcat, etc. There are different types of password attacks like brute force attacks, dictionary attacks, and keylogger attacks.

Preventing password attacks

Use strong alphanumeric passwords with special characters.

Abstain from using the same password for multiple websites or accounts.

Update your passwords; this will limit your exposure to a password attack.

Do not have any password hints in the open.

MALWARE ATTACK

This is one of the most common types of cyber attacks. “Malware” refers to malicious software viruses including worms, spyware, Ransomware, adware, and Trojans.

The Trojan virus disguises itself as legitimate software. Ransomware blocks access to the network's key components, whereas Spyware is software that steals all your confidential data without your knowledge. Adware is software that displays advertising content such as banners on a user's screen.

Malware breaches a network through a vulnerability. When the user clicks a dangerous link, it downloads an email attachment or when an infected pen drive is used.

Preventing malware attack

Use antivirus software. It can protect your computer against malware. Avast Antivirus, Norton Antivirus, and McAfee Antivirus are a few of the popular antivirus software.

Use firewalls. Firewalls filter the traffic that may enter your device. Windows and Mac OS X have their default built-in firewalls, named Windows Firewall and Mac Firewall.

Stay alert and avoid clicking on suspicious links.

Update your OS and browsers, regularly.

PHISHING ATTACK

Phishing attacks are one of the most prominent widespread types of cyber attacks. It is a type of social engineering attack wherein an attacker impersonates to be a trusted contact and sends the victim fake mails.

Unaware of this, the victim opens the mail and clicks on the malicious link or opens the mail's attachment. By doing so, attackers gain access to confidential information and account credentials. They can also install malware through a phishing attack.

Preventing Phishing attacks

Never click on links, download files or open attachments in messages even if they appear to be from a known, trusted source – unless you are absolutely sure that the message is authentic.

Always scrutinize the email address, established institutions usually use their own domain and not, say, a Gmail address.

Look out for shoddy spelling and grammar mistakes, as phishing emails are often ridden with them.

Watch out for domains that are often slightly altered to resemble the domains of legitimate service providers.

Be wary of a sense of urgency or threat that the messages typically seek to evoke. Make use of an anti-phishing toolbar.

Update your passwords regularly.

INSIDER THREAT

As the name suggests, an insider threat does not involve a third party but an insider. In such a case; it could be an individual from within the organization who knows everything about the organization. Insider threats have the potential to cause tremendous damages.

Insider threats are rampant in small businesses, as the staff there hold access to multiple accounts with data. Reasons for this form of an attack are many, it can be greed, malice, or even carelessness. Insider threats are hard to predict and hence tricky.

Preventing the insider threat attack

Organizations should have a good culture of security awareness.

Companies must limit the IT resources staff can have access to depending on their job roles.

Organizations must train employees to spot insider threats. This will help employees understand when a hacker has manipulated or is attempting to misuse the organization's data.

MAN-IN-THE-MIDDLE ATTACK

A Man-in-the-Middle Attack (MITM) is also known as an eavesdropping attack. In this attack, an attacker comes in between a two-party communication, i.e., the attacker hijacks the session between a client and host. By doing so, hackers steal and manipulate data.

As seen below, the client-server communication has been cut off, and instead, the communication line goes through the hacker.

Preventing MITM attacks

Be mindful of the security of the website you are using. Use encryption on your devices.

Refrain from using public Wi-Fi networks.

KEY LOGGERS

It is a piece of Hardware or software that records your keystrokes, save them to a log file or transmit them to a third party.

It hides in your computer and gather confidential and security information like password, Bank accounts or credit card numbers

The Hardware type are Tiny inline devices placed between the keyboard and the computer. Because of their size, they can go undetected for long periods of time.

The Software type is done by using the Windows function SetWindowsHookEx that monitors all keystrokes.

The spyware will usually appear packaged as an executable file that initiates the hook function, plus a DLL file to handle the logging functions.

An application that calls SetWindowsHookEx is capable of capturing even autocomplete passwords.

Example : The Zeus Trojan

Preventing keyloggers

Try an alternative keyboard layout - screen keyboard to eliminate the keyboard connection.

Use comprehensive security solutions – Make use of reputable antiviruses

Verify your process threads

Implement security policies that will ensure security best practice

Monitor computer’s behavior

Know your suppliers and contactors.

Make use of available anti keylogger programs

DENIAL-OF-SERVICE ATTACK

A Denial-of-Service Attack is a significant threat to companies. Here, attackers target systems, servers, or networks and flood them with traffic to exhaust their resources and bandwidth.

When this happens, catering to the incoming requests becomes overwhelming for the servers, resulting in the website it hosts either shut down or slow down. This leaves the legitimate service requests unattended.

It is also known as a DDoS (Distributed Denial-of-Service) attack when attackers use multiple compromised systems to launch this attack.

Preventing a DDoS attack

Run a traffic analysis to identify malicious traffic.

Understand the warning signs like network slowdown, intermittent website shutdowns, etc. At such times, the organization must take the necessary steps without delay.

Formulate an incident response plan, have a checklist and make sure your team and data center can handle a DDoS attack.

Outsource DDoS prevention to cloud-based service providers.

WATERING HOLE ATTACK

The victim here is a particular group of an organization, region, etc. In such an attack, the attacker targets websites which are frequently used by the targeted group. Websites are identified either by closely monitoring the group or by guessing.

After this, the attackers infect these websites with malware, which infects the victims' systems. The malware in such an attack targets the user's personal information. Here, it is also possible for the hacker to take remote access to the infected computer.

Preventing the watering hole attack

Update your software and reduce the risk of an attacker exploiting vulnerabilities. Make sure to check for security patches regularly.

Use your network security tools to spot watering hole attacks. Intrusion prevention systems (IPS) work well when it comes to detecting such suspicious activities.

To prevent a watering hole attack, it is advised to conceal your online activities. For this, use a VPN and also make use of your browser’s private browsing feature. A VPN delivers a secure connection to another network over the Internet. It acts as a shield for your browsing activity. NordVPN is a good example of a VPN.

In addition, these are a few personal tips which you can adopt to avoid a cyber attack on the whole.

Change your passwords regularly and use strong alphanumeric passwords which are difficult to crack. Refrain from using too complicated passwords that you would tend to forget. Do not use the same password twice.

Update both your operating system and applications regularly. This is a primary prevention method for any cyber attack. This will remove vulnerabilities that hackers tend to exploit. Use trusted and legitimate Anti-virus protection software.

Use a firewall and other network security tools such as Intrusion prevention systems, Access control, Application security, etc.

Avoid opening emails from unknown senders. Scrutinize the emails you receive for loopholes and significant errors.

Make use of a VPN. This makes sure that it encrypts the traffic between the VPN server and your device.

Regularly back up your data. According to many security professionals, it is ideal to have three copies of your data on two different media types and another copy in an off-site location (cloud storage). Hence, even in the course of a cyber attack, you can erase your system’s data and restore it with a recently performed backup.

Educate your employees (Cybersecurity awareness). Employees should be aware of cyber security principles. They must know the various types of cyber attacks and ways to tackle them.

Use Two-Factor or Multi-Factor Authentication. With two-factor authentication, it requires users to provide two different authentication factors to verify themselves. When you are asked for over two additional authentication methods apart from your username and password, we term it as multi-factor authentication. This proves to be a vital step to secure your account.

Secure your Wi-Fi networks and avoid using public Wi-Fi without using a VPN.

Safeguard your mobile, as mobiles are also a cyber attack target. Install apps from only legitimate and trusted sources, make sure to keep your device updated.