Attacks 101: What you should be protecting your network from
In today’s world, cyber crime is rampant. Criminals are everywhere and they are getting more sophisticated as technology evolves and we become more reliant on it. Data is very valuable and if someone can hold that data hostage, it’s likely that the executive team would pay whatever amount to retrieve that data. That does not mean that we have to live without technology to stay safe, but it does mean that understanding the most common types of network attacks and how to protect against them.
What is a network attack?
A network attack is simply someone trying to get access to an organisation’s network with the intention of stealing data or doing something else to compromise your access or data. There are two main types of network attack: passive, which means attackers gain access but leave everything intact, and active, where attackers gain access and not only steal data but also delete, modify or encrypt it, preventing your access or retrieval. These are different from endpoint, malware, exploits and advanced persistent threat attacks. In network attacks, hackers are fixated on gaining access to internal systems, and once inside they will combine other types of attacks, like spreading malware or exploiting an internal network vulnerability.
What are the most common types of network attacks?
DDoS or Distributed Denial of Service attacks
These are probably the more commonly heard of attacks, thanks to Hollywood. Hackers use fleets of compromised devices called botnets and use them to direct false traffic to your network or servers. It’s like a flood, and the system would not have been built to cope with that level of traffic so a DDoS can bring your network to its knees.
Remember when the IT department said to change your passwords and you thought it was too much of a bother? Well, weak passwords are one of the few ways attackers gain unauthorised access, along with low protection against social engineering, insider threats and compromised accounts. An easy way to nip this in the bud is through more secure passwords that are changed on a frequent schedule and educating all employees about the dangers of attacks through social engineering.
Man in the Middle attacks
These are interesting because they exploit weaknesses in your communication protocols. It’s like a train going from A to B and the attacker sees a weak spot en route and jumps in and gains access to the train. Man in the middle attacks are like this in that attacker intercept either within your network or between your network and an external site, and steal the data being transmitted, grab user credentials and hijack their sessions.
Once an attacker is in your network, they can expand their reach by either moving horizontally, gaining access to additional systems, or vertically, gaining a higher level of privilege for the system they penetrated. Both methods mean that more of your network is compromised.
Insider threat attacks seem like a type of attack out of a James Bond film, with a malicious person planted inside of a company at a high security level to gain internal access to their network. However, this does happen off the screen, and it’s an attack that is harder to trace, since it’s coming from the inside, leaving little or no trace of attack.
How to protect your network
This is where experts like Connectium can lend a helping hand. They will be able to look at your network and advise on the best level of security that fits your needs. Some of the more common ways of protecting networks include segregating networks into zones making it harder for attackers to gain access to your entire network, regulating internet access through proxy servers, installing firewalls, and software to monitor network traffic and identify anomalies in user behaviour.
Give us a call today on 0208 933 3001 or send an email to firstname.lastname@example.org to find out how we can support your business and protect your network from attacks!