By Jim Kramer
Cybercriminals are getting smarter, and with technology part of nearly everything we do, it’s critically important to be aware of potential cyber threats.
A cyber threat is defined as the possibility of a malicious attempt to damage or disrupt a computer network or system. Our goal is to prevent potential attempts from becoming actual and successful. There are three primary types of threats: remote exploits, social engineering and insider threats.
Remote exploits. A remote exploit is when a bad actor takes advantage of a software vulnerability to access a system. There are a couple of quick fixes for this. First, make sure you have a good firewall and are running an up-to-date anti-virus program. This will block most of the attempts. Secondly, make sure all of your software is up to date. Policies that require employees to do software updates can go a long way, but there are software packages that assist with this as well.
There is no single solution. The layering effect of using multiple initiatives provides the best protection against remote exploits.
Social engineering. Many cybercriminals have realized we can protect our systems from remote exploits, so now they have moved to a new approach: social engineering, the use of deception to manipulate individuals into performing actions or divulging confidential information.
For example, I’m sure you know someone who has a rich uncle in a third world country who wants to give you $15 million, right? All you have to do is send him your bank account information and he’ll wire the money right over.
Maybe we’re too smart for that strategy today, but what if you receive an email that your package wasn’t delivered, or the IRS is going to seize your property if you don’t follow the instructions and click on a hyperlink? These are phishing attempts.
- IT’S FREE | Sign up for The Lane Report email business newsletter. Receive breaking Kentucky business news and updates daily. Click here to sign up
Again, the solution is having multiple safeguards. Talk to your IT department or support vendor to make sure you have a good email content filter. Also, ask for a visual cue when emails are received from outside your organization.
A few other social engineering attacks include physical access attempts and “man-in-the-middle” attacks. Most security systems are designed to keep external people and software out of your system. If you let them in, you put your data at risk.
If you find a USB drive in your office parking lot, don’t plug it in to check it out. If you insert the drive, it may load software onto your machine that will allow the cybercriminal access to your entire network. Assume anything you plug into your computer could have a “payload” you aren’t expecting.
Insider threats. We always want to provide users with minimal privilege. A security-conscious network administrator often will have a general user account for daily network access, and only use the account with greater network privileges when performing network administration tasks. Just as we only give users keys to the departments they need, make sure network users only have necessary data access.
Internal accounting departments often have different people performing accounts payable and accounts receivable responsibilities, and others balance the books and provide strategic finance direction. Apply the same logic with cybersecurity, and should a breach occur, you will have better odds at isolating any risk or damage.
Use common sense, look for visual clues, and reach out to your IT department or vendor if something seems strange. A small dose of skepticism and some education can go a long way against cyber threats. ■
Jim Kramer is a partner at MCM Kramer Technology Solutions.