Nowadays, Our main concern is to stay safe from any kind of Security Threats. So, It is always better to know what kinds of threats we might fall into and how to overcome such Threats.
When we surf the internet we have the probability to face Security Threats even if we don’t want to.One of the greatest threats to network security has to do with people. It’s the people who manage and depend on the network who often put network security at the greatest risk.So, we need to know what and how our security is threatened.
Now, We will be introduced with Top Security Threats that are threatened the whole internet security from small to enterprise level organization.
- Malicious Emails.
- DDoS(Distributed Denial Service) Attacks.etc
Ransomware is a type of Malware which blocks access to a victim’s data and demands money to restore that access. Almost all ransomware today is “crypto-ransomware,” which blocks access to a victim’s files through encryption.
Basically, Once a victim is infected, the ransomware scans the whole available network systems for important files. It then encrypts the found files and alerts the user to the infection. The alert includes a ransom demand and a deadline for payment.If the victim fails to pay on time the ransomware destroys the decryption key and the victim’s files
remain useless. If the payment is made in time, victims usually receive a decryption key to unlock their files (though not always).
In the above screenshot, we see ransomware alert victims that his data is encrypted and demand money to decrypt data.
Ransomware Attacks Continue to Rise:
Ransomware is divided into many types and they continue to multiply.Such as Locky, CryptoWall, CryptXXX, CTB-Locker, and the list goes on and on. The number of ransomware families arrived in 2015 and continued to grow rapidly in 2016, according
to Trend Micro. Growth from January to September 2016 in ransomware families reached 400%.
What accelerates the Ransomware Attacks:
A few years ago, only experts could launch an effective crypto-ransomware attack. Today, ransomware-as-a-service makes it easy for anyone to purchase essential environment. Open source versions of ransomware were also released in 2016, accelerating the whole process.Now, Anyone able to launch ransomware attack without having deep knowledge in this field which provides great threats to our internet security.
How Ransomware Attacks can be prevented:
There are no exact rules for preventing Ransomware. But we can take some strategical steps to prevent Ransomware.
- Using email filtering and web filtering we can block malicious content before
it reaches users.
- Filtering outbound traffic can prevent ransomware from communicating with command-and-control infrastructure and prevent such infections from
- Data backup might help us to recover data which are encrypted by ransomware.
- Limited access to network shares resources prevent ransomware from infecting shared network drives.
- Always maintain the latest versions of the firewall, antivirus, operating systems, applications, and other systems prevents ransomware from being succeeded.
Email is one of the most favorite channels for Hacker group. Because They are simple and virtually free to send and almost every organization accepts email. it’s a door that is always open. people from the ground to high all have email accounts. So, it’s a good source for Hacker to start with.
Malicious Emails come in many forms. The four most dangerous types are described below.
- Spear phishing.
- Malware spreading.
- Business email compromise (BEC).
Phishing is an attempt to trick users into sharing login pages or personal information fill up pages. Attackers may do this by encouraging the user to respond to the email and prompts them to share information.
Spear phishing is simply a more targeted form of phishing. It includes sending carefully crafted emails to smaller lists of targeted people. For example, a fake accounting report may be sent to a list of accountants in a specific bank to trick them.
Email is one of the most popular ways to distribute malware. Ransomware is often spread through email. A malicious email may point directly to the malware and initiate the download immediately in victim’s system. Or it may point to a website that attempts to force the malware on the victim’s system secretly.
Business email compromise (BEC):
Business email compromise (BEC) is a fast-growing threat that actually works By sending a carefully crafted email and the attacker attempts to initiate a normal business function that will ultimately benefit him.
How Malicious Emails Attacks can be prevented:
There are no static rules for preventing Malicious Emails. But some prerequisite must follow to prevent emails attacks.
- Filtering emails for spam and malware give you much power to actually prevent Malicious emails.
- Malicious emails relay on the weaknesses of the user. So, educate yourself is the basic strategy to prevent Malicious emails.
- Some organization limits their emails for attaching any attached file.This gives you more secure form of emails.
DDoS(Distributed Denial Service):
Distributed Denial Service(DDOS) is a type of strategy which allows using thousands of
computers infected with malware to send traffic to a single target, such as a web server. This huge amount of malicious traffic overwhelms the server, crashing it and most of the time forcing it to go offline.
Denial of service attacks come in many forms but the strategy is the same. The goal is to make a target unavailable.
In the above picture, we see that an attacker is using infected malicious computers to deploy traffic to a victim’s computer. Simply attacker launch a DDoS Attacks victim’s computer.
Record-Breaking DDoS Attacks:
DDoS come into place many years ago. Worlds see its power when a young guy took out
some of the biggest websites of the day, including Amazon, eBay, and Yahoo.The attacks are still launched against networks and web servers every day, and they continue to strengthen.
A recent DDoS attack targeted on servers operated by Dyn( a major DNS service provider). Dyn estimates that its architecture’s 100,000 endpoints are flooded with
traffic, resulting in service failure for websites such as Twitter, PayPal, Amazon, and Netflix.
Botnets are collections of machines infected scripts with malware designed to give a hacker some control over the machine’s behavior.
Botnets Attacks on IoT(Internet of Things) Devices:
The world is going towards in emerge using of smart devices in the networking system.These internet-enabled gadgets such as thermostats, DVRs, and IP cameras, Smart Bluetooth Trackers etc are part of the Whole Internet of Things, or “IoT” devices. IoT devices make our life easier than before. But they also cause some problem in cybersecurity.
The problem is poor security found in almost all IoT devices. Many are not
created with enough memory or processing power to accommodate security functions properly. Many of them are also lacking in the ability to apply firmware updates,
making it impossible for the user to solve security vulnerabilities if they come to light. This makes possible IoT devices the perfect targets for hackers looking to expand their Botnets.So, IoT causes some serious problem in the whole networking system as they are part of.
More than 15 billion internet-enabled gadgets were installed as of 2015. This is predicted to double to 30 billion by 2020, and then more than double again to 75 billion by 2025. Since billions of these devices connect to the internet with poor security, and billions more
will soon follow, hackers are enjoying their parties to spread Botnets.
Botnets are used to launch distributed denial of service (DDoS) attacks
and So, the emergence of IoT devices helps to strengthen the attacks.
What fueled Botnets:
Mirai is a special kind of Malware which builds Botnets by searching the web for vulnerable IoT devices, infecting them.Mirai is the main culprit for several record-breaking
DDoS attacks in last year.
In the last year, The Author of Mirai fueled the whole world of Botnets by publicly releasing the Mirai’s code, freely giving the weapon to any hacker with the skills to launch it.
Preventing Botnets (Mirai):
- One of the major flaws in IoT devices is their use of default passwords, such as “admin” and “12345”. Mirai loves this kind of default configurations. So, Always change the default password on a device installed on the network. Doing so will help protect the network from automated malware strains like Mirai.
- Some IoT vendors are working to patch security flaws in their devices. Regularly check for firmware updates and apply them. If possible, choose devices that update automatically so patches are applied as soon as they are available.
Thanks for reading.I hope you find this article helpful. For any Information and Suggestion feel free to comment.