Tech Insights

rss

Contributor Columns on Information Technology and Security

5 Most Common Cyber Security Risks That Businesses Are Facing In 2014

 

For businesses today, keeping up with the latest security threats can help to ensure that an IT infrastructure is secure from malicious activity. Without doing this, enterprises are vulnerable to hacking, packet sniffing, fraud, and other nefarious activities. In most cases, cyber security risks are easy to mitigate by fixing common security vulnerabilities where threats often occur. 

Below is a list of important security concerns that businesses need to be aware of in order to prepare themselves for the possibility of an attack in 2014.

1. Heartbleed

Heartbleed is a security exploit in the popular OpenSSL software library used to convey encrypted data communications over the internet (see visual breakdown here). The vulnerability permits malicious users to initiate a buffer overload, allowing contents on a server to be selectively read by outside parties. Hackers could easily use this to obtain private encryption keys, passwords, sensitive documents, source code, and other security information from both clients and servers. After Heartbleed was discovered on April 1st, the OpenSSL Foundation quickly patched the vulnerability and more than 98.5 percent of affected websites have been secured. However, affected businesses should still be sure to change passwords, re-issue SSL certificates, and implement internal controls to detect system exploitation.

2. Unauthorized Cloud Storage Access

As the cloud continues to grow in importance, it will become increasingly critical that businesses find ways to control unauthorized access to cloud properties. Since these servers can be accessed from anywhere in the world, malicious users can typically gain unauthorized access from a foreign country with a simple password. Businesses should make sure that only critical personnel are given access to cloud servers and that their need for access is regularly reviewed. By doing this, businesses will be able to reduce the chances of suffering losses due to unauthorized access on these important proprietary systems.

3. Insecure Data Transmission with Cloud Services

Another major concern related to the cloud is the way that the information is transmitted. In many cases, businesses are connecting to their cloud servers without any encryption for protection. As a result, these businesses are leaving themselves vulnerable to packet sniffing, digital surveillance, and corporate espionage. Since these are real threats, it is critical that businesses use a secure VPN when connecting to cloud services. Additionally, businesses should ensure that existing VPNs are updated to protect them against the heartbleed vulnerability.

4. Botnet Bitcoin Mining

Bitcoin is an encrypted digital currency allowing for semi-anonymous transactions that are verified on a public ledger. The technology operates using peer-to-peer technology, offering users who host the network a chance to earn bitcoins through a process called "mining". Unfortunately, these innovations have also led to a proliferation of botnet viruses that maliciously turn computers, servers, smartphones, and even security cameras into "miner" bots. 

In the past few months, there have also been cases where outside hackers or rogue employees have used excess capacity in an organization's datacenter for mining. Since a single bitcoin is worth more than $620, businesses should be aware that their IT infrastructure can now be lucratively and anonymously exploited by unauthorized users in this way.

5. Ransomware

With the usage of encryption becoming more widespread, viruses are now exploiting this technology to encrypt an entire hard drive and extort payment from victims. After getting one of these viruses, payments in excess of $500 will be demanded to get the information back. If ransomware spreads throughout an organization, losses could be devastating. In many cases, these viruses can be stopped with simple antivirus software and ensuring that updates are regularly installed. Therefore, it is more important than ever that organizations take steps to close potential vulnerabilities in their infrastructure to prevent these problems from occurring.

Showing 0 Comment


Comments are closed.
The Number One Menace to All Organizations
 

Learn more about how to protect your organization against this growing menace
https://info.knowbe4.com/ransomware-simulator-tool-its