Common Cyber Attacks

Most cyber-attacks consist of four stages.

Passive Recon

Your infrastructure will be surveyed to see what vulnerabilities are publicly accessible.  This is often called the 'Passive Reconnisaince' phase

Active Recon

This is known as active reconnisaince where they will place 'beacons' into your network that can act as a delivery mechanism to gain access.

Exfiltration

This is the point where they do whatever they initially wanted to to do, be that manipulation of theft.  This is known as the exfiltration phase

Post Mortem

This is where you have to find what's happened what's been taken, compile the report.  There's more than one reason it's called a Post Mortem!

How do you fight against it?

User Education

Train all users to consider what they include in publicly available documents and web content.

Users should also be aware of the risks from discussing work-related topics on social media, and the potential of being targeted by phishing attacks

Secure Configuration

Remove unnecessary software and default user accounts.  Ensure default passwords are changed, and that automatic features that could activate malware are turned off.

Restrict system functionality to the minimum required for the business operation.

Malware Protection

A good malware solution can block malicious emails and prevent malware from being downloaded from websites.

Ensure that your malware covers all the devices that connect to the network as you are only as secure as your weakest link.

Patch Management

Keep up to date and apply patches at the earliest possibility to limit exposure to known software vulnerabilities.

User Access

Well maintained user access controls can restrict the applications, privileges, and data that users can access.

Password Policy

Prevent users from selecting easily guessed passwords, better still employ a password solution so users don't even know passwords.