Cyberattacks skyrocket, part two

Jumping into the nitty-gritty of the six most popular cyberattacks used against U.S. companies, in which cyberattacks shot up 93 percent over the past 12 months, I engaged the help of cybersecurity expert, Rodney Thayer, convergence engineer at Smithee Solutions LLC. Let’s explore what each of the six attacks are and what you can do to help prevent them.

But, first, a little about Thayer … “I was a software developer building communications protocols; therefore, I was doing things with networking and people started asking about systems getting defended,” he said. “I realized that because I used to build software, I actually could recognize failures of some sorts. I ended up being one of those people who could figure out how to build exploits to break certain kinds of networks, so I used my superpowers for good!” 

This is great news for us because Thayer offers some great insight and advice on the following six types of attacks:

What is custom malware? Most frequently seen is "noise-generating" or "noisy" custom malware that makes a lot of noise to cover up some other event and is most commonly used in a botnet format where multiple machines are infected and configured to execute the malware at the same time. 

What is commodity malware? This just means malware that is widely available to buy or even offered as a free download. 

What is a supply chain attack? Also known as a "value chain," a bad actor infiltrates a system via an outside partner, for example, a vendor partner with an infrastructure or network that is not secure, but connected to the intended victim's network.  

What is ransomware? A form of malicious software that locks and encrypts a computer or connected device, and the bad actor’s connected to that piece of software, contact the victim directly, usually demanding money to restore access to the victim’s data. 

“Ransomware is just another version of a natural disaster,” Thayer explained. “I’m in California; I’m standing 100 feet away from an earthquake fault, so I better be able to handle things like ‘what if my entire building, computers, disks, etc. went away?’” 

In other words, businesses should have a disaster recovery plan. According to Thayer, “you should have really good backups and you should know that they work by checking them periodically along the way,” Thayer advised. 

What is hollowing? “You have some sort of software running inside your organization and then some bad guy sends some malicious email to somebody within your organization, and they click on the link, it is then able to execute software inside the victim’s computer,” explained Thayer.

What is island hopping? “If it still means what it used to, it is when a bad actor jumps from one part of infrastructure or network to something else,” he said. “The famous example is the Target hack, where the hacker got into the internet-connected meat scale and from there, they managed to get into the cash registers which were connected to the meat scale.” 

Now that you know what each of these attacks are, here is some advice from Thayer on how to protect yourself and your company from such attacks. 

“Most of the stuff is the same as before March [pre-COVID] … don’t click on weird emails; be security vigilant; make sure your equipment is well-maintained and up-to-date,” he said. “BUT, what I think I would add now is, even though you have to move faster and be more forgiving [in daily life with COVID] with the types of communications you do with computers and networks, you still have to be careful. Use credit card monitoring. Make sure you run antivirus software on your desktop computers. Don’t let your kids load random games onto your work iPhone.” 

Perhaps the best piece of advice from Thayer: “Anyone who’s living a digital life should be worrying about it, a little at least. There’s no such thing as somebody who doesn’t have cybersecurity as a part of their world these days.”