I have had a small business now for around 6 years and one aspect of the company which I was never convinced about investing in was cyber security. Our company uses computers for just about everything but I always believed that simple virus protection would be enough. Last year I decided to look into this a little more and spoke with industry expert Bharat Bhise HNA, about whether or not I needed to invest in cyber security. Bharat was very kind to take a look at our systems and spot the gaps which people could exploit, and so I decided to take Bharat’s word for it and invest some cash in tightening things up. What convinced me was when Bharat spoke to me about the types of attacks which can take place, truly terrifying attacks I must say.
DoS and DDoS
One of the most common attacks is a Denial of Service or a Distributed Denial of Service Attack, these are very simple to create and very effective indeed. Basically these attacks look to overwhelm the system which it is aimed at, until the system crashes and denies service. Strangely this is an attack which actually doesn’t benefit the attacker, it doesn’t give them access to your systems, they are just looking for the satisfaction of a successful attack. For businesses however this can shut you down for at least a day and cause all manner of upheaval, lost time and lost money.
A Man in the Middle attack is something which companies should be worried about and through this kind of attack hackers can get access to your entire system. Basically what happens here is that an attacker will hijack a session between client and host. Your employer signs on to the system, the attacker gains control of the client’s computer and then disconnects from the server, meanwhile the IP address is switched for that of the attacker and the connection is made again, only this time the attacker has full access to the system.
Opening an email which you don’t recognize can do huge amounts of damage to your system and they could see you fall victim to a phishing scam. These scams are easy to put together and they essential load a ton of malware and other viruses onto your company’s server. These emails can trick people into downloading harmful viruses or even into employees handing over sensitive information.
Hackers have an uncanny ability to guess and gain access to password protected information, either by brute force which uses a random approach to passwords, or through a dictionary attack which uses relative information to gain access to someone’s computer or system. This is why it is so important to think up creative and complicated passwords, because many of them are very easy to guess if a hacker wants to try.