How to Prevent Against Common Cyber Threats
Today, learn about two common cyber threats how to prevent them.
Phishing is currently the most common type of cyber-attack method, with new mutations and versions appearing every day. Hedge funds have become prime targets for attackers based on their valuable data and financial assets, and constantly evolving mutations are making these attacks even more difficult to detect.
Spear phishing attacks target individuals within a particular company as opposed to an organization as a whole. These attacks often contain the victim’s personal information in the form of an email and appear to be sent from a familiar address, making them highly effective.
Phishing attack methods also go beyond email, with victims now being targeted through telephone calls. These attacks, called V-phishing, often utilize both telephone calls and emails to gain access to personal data, further confusing victims.
In a common v-phishing scenario, a victim will receive an email from what appears to be their IT department, stating that harmful activity has been observed on their PC and that the IT department will call them to resolve the issue. However, the person calling is actually a cyber- criminal, and will use the call to gain access to the victim’s computer remotely. Once the criminal gains access, they will often plant destructive malware on the victim’s computer.
Phishing attacks can open a company up to a wide array of other attacks, such as APT’s and Cryptolocker, by composing the corporate network. These attacks are also financially destructive, costing firms an average of several thousand dollars in damages.
Advanced Persistent Threats
Advanced persistent threats (APTs) are a set of constant computer hacking processes, which often target businesses for moral, political or business reasons. APTs are almost always implemented by humans, and the motives behind these types of threats make hedge funds a prime target.
Successful APT attacks steal an organization’s private data, rather than destructing the network. The hacker will enter the network unnoticed, and remain there for an extended length of time to spy and steal data. In a typical hacking situation, a cyber-criminal will enter and cause destruction to a network as quickly as possible. APT attacks often go unnoticed for extended lengths of time, but firms that implement strong cyber protection plans have a better chance at preventing and identifying these attacks quickly.
APT’s are complex and can also utilize other attack methods, such as phishing, to gain initial network access. Once the hacker has access, they develop new, undetectable network access points, often causing immense damage.
While APTs are difficult to detect, they aren’t impossible to detect. Firms should look for warning signs, such as odd network behavior, i.e. increased activity late at night, and changes in the movement of network data.
Firms should take the following steps to avoid cyber attacks:
- Implement formal internal policies and procedures on security best practices
- Monitor network activity
- Conduct employee cyber training sessions
- Employ a Virtual CISO, a highly trained security professional, to explain and manage security practices from both a technical and operational perspective