Internet has been a part of our lives for almost 30 years now and, as it developed, it became a place packed with knowledge. However, it is also the magnet for dangerous hackers, with advanced skills. How dangerous are they? Symantec broke this down for us in their report.
As most of you may presume, on-line pranks are the tale of the past. Right now, hackers are more interested in attacks that may bring them some kind of gain. Because of that, you are exposed to data stealing, financial losses or even reputation damage.
Nowadays, tools used by hackers are much more complex, they work faster than most enterprises can launch their defence. According to Symantec report, in 2009 we were exposed to 2.4 million pieces of unique malware, whereas today these numbers increased up to 430 million.
To fight the enemy, we must get to know them better.
Let’s focus on some of the practices that are already in hackers’ hands.
What kinds of attacks are there?
- Targeted attacks – directing entities in a particular organisation by sending legit-looking e-mails that ask you to perform a certain action (e.g. clicking a button), which then infect your entire system.
According to Symantec, this type of attacks increased during the years.
- Zero-day vulnerability – happens when hackers are able to find a way to enter applications and get to know their vulnerabilities. It is called ‘zero-day’, since developers only have a few hours to find patches.
Symantec claims that this kind of threat doubled in 2015 in comparison to 2014.
- Watering-hole attack – it is finding a well-known and often visited website, which is pumped up with malicious code that ‘waits’ to unleash malware, allowing hackers to control the targetted machine.
According to Symantec, in the next two years these attacks may become even more common.
- Ransomware – hackers came up with two forms of this attack – computer locker, which blocks your device, and prevents you from accessing it, and data locker which disables access to your personal files and folders. To get them back, hackers want to be paid.
- Advanced persistent threats – series of attacks done slowly, one right after the other. The malware is designed to suit a specific hacking campaign.
While protecting your data, you must focus on multiple layers of defence and quickly respond to potential threats. Carefully chosen security measures are crucial to keep you safe.
Remember to backup most important data and store it in an encrypted form. Employees’ hard drives should be encrypted as well.
It is also wise to think about the multifactor authentication, such as combining passwords with numbers sent via external automatic party while accessing most valuable data. This will surely hinder hackers’ malicious practices.