Five Cyber Threats that Security Teams Should Pay More Attention to

Ransomware has been a major threat to organizations for the last couple of years and is one of the most publicised threats online. But it is by no means the only cyberthreat your organization will face. Preparing to face these threats head on can facilitate increased security while preparing IT risk managers to improve their strategy’s reliance and so support business goals.

1. DNS: A vehicle for phishing

DNS-based phishing is on the rise. Phishers use wildcard DNS records to coax unsuspecting users to provide sensitive information such as social security numbers. This means that when organizations accept the DNS from their ISPs, there is always the risk that the DNS is not “clean”. DNS is an important component of your security and can be used as the first line of defence against phishing. It’s therefore advisable to ensure that your DNS-based security filters can effectively block malicious domains.

2. Vulnerable web applications

Although DNS attacks are some of the most prevalent online security threats, there are less obvious threats that can be as damaging such as vulnerable web applications. Security is not implemented through an internal application which means web applications lacking security lies at the root of this problem. This is exacerbated by the sheer number of devices connected to it. Each device is a potential attack vector for malicious actors.

3. Cryptojacking

Cryptojackers employ the same types of ransomware that’s used to encrypt data in order to hold an organization’s resources or systems hostage, to mine for cryptocurrency. This type of malware is similar to Petya and NotPetya but for the fact that it’s silently running in the background. This is known as cryptojacking or crytomining. The rise in cryptojacking incidents means that the argument, often put forward by SMB owners, that their business is too small to warrant an attack, is void.

4. Internet of Things (IoT) device threats

As mentioned above, as organization are adding more devices (such as commercial security systems, smart containers, enterprise platforms, etc.) to their infrastructure, they often overlook the security aspect – managing and updating these devices regularly to ensure they don’t become vulnerable to security threats. Organizations should ensure that their IoT devices are manageable and have a process in place to update them in order to stay safe.

5. Cross-site scripting attacks

Cross-site scripting (XSS), or reflected and stored attacks, entails an attacker taking advantage of a vulnerability in an existing webpage to insert their own, often malicious, code. The code is written with the aim of stealing user information, login credentials, session cookies and similar, sensitive security data. Cross-site scripting is unique as these vulnerabilities do not target the website or the app since it’s only an vehicle for the attack. XSS makes use of scripts executed on the user’s machine, in other words, client-side scripts that are coded in JavaScript of HTLM.

Stage2Data have successfully assisted numerous organizations to recover from ransomware and security attacks and, with threats to your data increasing daily, as highlighted in this post, can you really afford not to call us today?