Although it is important to educate yourself on how to protect your businesses, it is also important to help you understand what you are protecting yourself against. Showing you these is not designed to increase the fear of crime but to increase your knowledge base so you are better prepared to understand the world of cyber security. Some of the most common threats are seen below.

Phishing

Phishing refers to the process of deceiving recipients into sharing sensitive information with an unknown third party (cyber criminal). It is often carried out via email, masquerading as a legitimate source but in fact is looking to steal personal details such as login information. It is often difficult to distinguish between legitimate and phishing emails but often clues give them away such as spelling mistakes, unusual attachments or emails that are simply from a business or source that you have never had dealings with.

Spam

Spam, unlike phishing which has the intention of causing significant harm, is sent to try and get the recipient to visit a certain website for sales or to drive up website visitor numbers. Spam can sometimes be linked to fraudulent means so it is important to be cautious when opening a spam email.

Malware

Malware is a general term for malicious software. Malware includes viruses, worms, Trojans and spyware. The software is used to gain unauthorised access to computers and can gather sensitive and private information.

Virus

A virus is a file that runs on a computer, sometimes it is visible but sometimes it runs in the background without being noticed. There are a variety of viruses, including worms and Trojans. Worms are designed to spread from computer, infecting every computer it passes through. Trojans are malicious programs that pretend to be legitimate software, but actually carry out hidden, harmful functions.

Adware

Adware should always be treated with caution. Adware delivers advertisements by tracking your usage and can redirect you to unwanted website. It can often come with free software that you install and unless it notifies you that it is collecting data from your computer then it should be considered malicious.

Ransomware

Ransomware is a form of malware where criminals can lock your computer and display a message demanding a certain amount of money to be aid otherwise they will wipe your computer of its data. Ransomware is often activated through human error, opening a corrupt email attachment or visiting an infected website so it is important to ensure all staff are aware of online security to at least a basic level.

Distributed Denial of Service (DDoS)

A denial of service attack often targets websites. A denial of service attack uses one computer to flood a network meaning no one else can access that network. A Distributed Denial of Service attack involves multiple computers, often botnets (a network of infected robot computers) being used to flood the network. This is often used as a temporary attack to prevent the use of a website or other online systems run by a business but these are often large corporations who are victims of a targeted attack.

Trojans

Trojans are malicious programs that pretend to be legitimate software, but actually carry out hidden, harmful functions. These can be used in a number of ways, deleting data, creating back-doors around security processes or sending spam emails.

Malicious software commonly known as ‘malware’ affects businesses on a daily basis. It disrupts IT and computer processes and in extreme cases can delete, steal or hold to ransom valuable business and personal data, such as the ones mentioned above.

Malware can be thwarted by firewalls and cyber security but by being vigilant and understanding how different types of malware work can help prevent your computer and network becoming infected, hence keeping businesses and individuals safe online.

To get an idea of the extent of the problem, Warwickshire Cyber Safe team conducted a Survey in 2017 into Cyber Crime. They found that 59% of people surveyed felt at risk online, 15 000 had been a victim of phishing scams in the last 12 months and 30 000 of these fell victims to viruses and malware. Compared with the previous survey, this survey identified lower numbers of people who do not know how to protect themselves online. A total of 8.8 million has been lost to cyber crime in 2017.

According to the Regional Organised Crime Unit, ransomware accounted for just below 50% of all live cyber reports received by Action Fraud in September 2018. Remote Desktop Protocol (RDP) attacks continue to be the most common infection method throughout September 2018. Reports concerning DDoS also increased with reports of multiple DDoS attacks targeting businesses and government bodies. Data breaches have remained a trend in the last couple of months, employees and subscribers losing their privacy to cyber criminals who use their personal information such as email address, date of birth and home addresses for illegal purposes.

Business Watch is here to help businesses guard against the threat, committed to identifying gaps and tackling this problem through partnership working.

Keylogging

Keylogging is the process of secretly recording keystrokes by an unauthorized third party. This software is often used for malicious purposes such as stealing passwords, financial and personal information, as well as for business espionage.

Remote Desktop Protocol (RDP) attack

To maintain the networks that support this type of working arrangement, many small and medium-sized enterprises (SMEs) rely on off-site tech support teams using remote desktop protocol (RDP) to diagnose and repair network problems. RDP allows for secure network communications between a terminal server and a terminal server client. It is commonly used by network administrators to remotely access virtual desktops and applications.

Using RDP does carry a certain level of risk, particularly because unguarded remote desktops are quickly becoming the favored point of entry amongst hackers. Sadly, many companies are leaving themselves exposed by not following a few simple security measures.

In an RDP brute force attack, hackers use network scanners such as Masscan (which can scan the entire Internet in less than six minutes) to identify IP and TCP port ranges that are used by RDP servers. After tracking one down, the criminals try to gain access to the machine (typically as an administrator) by using brute force tools that automatically attempt to login over and over again using countless username and password combinations. During this time, server performance may take a hit as the attacks consume system resources.

Once an attacker has access via RDP, they can do pretty much anything within the hacked account’s privilege limits. Criminals who have gained administrator access can do more or less anything they want, including disable antivirus software, install malware, steal company data, encrypt files and much more. As you might imagine, this level of disruption can have an enormous impact on a company’s reputation, finances and day-to-day operations. While some cyber criminals simply want to create chaos, many launch RDP attacks with set goals in mind, that is stealing and causing internal issues to companies.

Things to consider:

• Cyber Essentials Cyber Liability Insurance (This comes with the completion of Cyber Essentials)
• Firewalls and Internet Security Protection (Anti-virus)
• Backing up of data

For more detailed information on the above you may like to visit the following or look at some of the other advice sheets on the Warwickshire Business Watch website:
Get Safe Online – https://www.getsafeonline.org/
Cyberstreetwise – https://www.cyberstreetwise.com/

Reporting Business Cyber Crime If you have been or believe you have been a victim of Cyber Crime please report it directly to Action Fraud. This can be done by visiting www.actionfraud.police.uk or calling 0300 123 2040. Action Fraud is not an emergency service, in case of an emergency please dial 999.