Millions of small businesses are attacked by hackers every year. In fact, 43% of all cyber attacks are directed at small businesses. Many of these attacks can be neatly categorized, definable as malware, phishing, denial of service, etc., but some cannot. Identifiable attack patterns allow you to plan to defend yourself by creating cybersecurity protocols for your business and plans in case of an attack. Other attack patterns show no such rationale, making it difficult to determine how the attack happened, why it happened, or even what the attacker was hoping to gain.
Understanding why and how these attacks are likely to happen can help you to plan to defend against them or create measures to minimize risks and damage in case of an attack.
While most of us think of attacks against businesses as targeted and planned, with an end goal in mind, nearly half of all cyber attacks are automated. As a result, many attacks can seem random, unplanned, and goal-less, largely because they are. Automated attacks are typically created by botnets (networks of infected computers), which then send messages, viruses, phishing attempts, denial of service attacks, worms, or anything else the hacker wants to send.
While automated attacks typically have structure and go after specific types of files or computer users, they may also be completely random, especially if the automating software has been modified by a hacker.
Port scans make up an estimated 3% of all cyber attacks. While this might seem inconsequential, data shows that 4 to 10 million cyber attacks happen per day, meaning an average of 90,000 or more port scan attacks each day. Unlike many types of attacks, port scans are largely meant to gather information and find weaknesses rather than to steal data. Here, the attacker deliberately searches ports in your computers looking for access to your server or network, logs the results, and uses it to identify operational weaknesses which they can use to launch a future attack.
Port scans make up an estimated 3% of all cyber attacks against small businesses, but are largely meant to gather information and find weaknesses rather than to steal data. Here, the attacker deliberately searches ports in your computers looking for access to your server or network, logs the results, and uses it to identify operational weaknesses which they can use to launch a future attack.
Port scans are sometimes recorded as attacks by firewalls and antivirus systems, but are almost purely reconnaissance. Make sure that you run a firewall, keep your servers up to date, and download any security patches as quickly as possible to protect yourself from these types of attacks.
In some cases, hackers will attack websites through open ports. Domain Name Server, DNS attacks or DNS hijacking are a common problem because Port 53 is traditionally left open for DNS queries. These queries are quite literally what allow users to find and load your website, but hackers can use them to spoof your DNS. Here, the hacker introduces false data into your Domain Name Server so that visitors are redirected to a new website of the hacker’s choosing when they attempt to visit yours.
You can protect yourself by having your IT team use a random source port and ensuring that your servers are kept up to date.
Backdoor attacks are a common cybersecurity threat, but many small businesses are unaware they exist. Backdoors are typically installed through a port, through a service area, or even by using hardware, but all of them give a hacker access to your system, server, or network by bypassing your security system.
Protecting yourself from backdoor attacks means staying on top of your security protocols, monitoring physical access to your servers and computers, and ensuring that all your software and hardware is up to date. You should also monitor computer access, keep logs of user access, and monitor temporary IT workers who have access to your system.
While most of us don’t like to think of employees as a potential security risk, they can be. In fact, the Verizon Data Breach Investigations Report 2017 shows that 14% of all small business attacks were breach of privilege attacks, and nearly 25% of all cyber attacks against all businesses were carried out by an internal actor. While the risk is significantly higher if you own a large business, employee sabotage should not be discounted. These cyber attacks can range from data theft to physical tampering with hardware, to leaking internal passwords or data to hackers who can use them to cause serious harm.
Malignant attacks are difficult to classify or predict. However, you can mitigate risks by controlling security inside your network, controlling access so that users who don’t need it don’t have it, tracking employee access inside your system, and using cameras near your servers and other hardware containing sensitive data.
Cyber attacks can happen at any time, and it is important that you be aware of the risks so you can take steps to prevent them. A Threat Sketch Risk Assessment can help you to determine where to improve your cybersecurity, so you can protect your business and its assets, even from seemingly random attacks. Visit our education page to learn more about your potential risks and how they affect your business.
About the Author: Brandy Cross is a freelance writer specializing in technology and marketing solutions for SMBs, with experience writing for everyone from startups to Fortune 500s.