Back to News

08/02/2021


Common cybersecurity threats

From ransomware and DDOS to malware, phishing and more, join us as we take a look at some of the most common cybersecurity threats facing businesses today. 

According to the Eastern Region Special Operations Unit (ERSOU) the average cost of a cyber attack to small businesses is £11,000, while one insurer put the cost of insured cyber losses at $1.8bn in 2019, up 50% year on year – and cyber attacks are becoming more prevalent. According to Checkpoint research, hacks in healthcare have increased by 45% since November 2020.

All of that makes for pretty shocking reading. So, what are the common cybersecurity threats you should be looking out for?

Types of cyber attack

Denial of Service/Distributed Denial of Service

This type of attack overwhelms your systems with multiple requests, so it can’t actually do what it’s supposed to. Attackers may use multiple computers to do this, for instance, sending thousands of emails to on computer at the same time.

Phishing/Spear phishing

Regular phishing uses email communications to impersonate someone else in order to fraudulently gain payment details, bank transfers or to encourage the receiver to download malware. This tends to be a randomised attack, sending blanket emails to a large number of email addresses in the hope that a percentage of recipients fall victim.

Spear phishing is more insidious because it targets a specific person or organisation, usually following a period of research, which enables the attacker to more legitimately impersonate a trusted contact.

Malware

This is a broad term, used to describe a wide range of malicious programs that may attack your business’s computers and servers in a variety of ways. 

    • Ransomware: Stops you gaining access to your own key information and systems. Access usually returns after a ransom is paid.
    • Spyware: Monitors processes and data on your hard drive. May include key-logging, which monitors the keys you type in order to identify vital information
    • Worms: May enter your machine via insecure software or phishing scams and can infect whole networks via one computer. Worms can do a wide range of things from deleting or changing files to overwhelming your system, stealing data or allowing other hackers access to your systems. 
    • Viruses: These are usually spread via an infected file, which is either downloaded or attached to an email. These are not dangerous unless opened. When they are, they act like other viruses, multiplying and spreading, often throughout a whole network. 
    • Bots: These are infected machines that can be controlled by an external user. Often these are joined together to form ‘botnets’, which when combined, can wreak havoc, for instance in a Denial of Service attack (see above). This often goes undetected by the owner of the computer. 
    • Trojan horses: Like the mythological story, a Trojan horse acts as a doorway. The problem is, that doorway allows other malware and hackers access to your computer, network and servers. Like a virus, it may appear to be an innocent email attachment from a trusted connection, but once opened, it creates a gateway to your systems.
    • Adware: Be aware that those annoying pop-ups on suspicious-looking websites could be dangerous. Clicking them may result in you downloading malware. 

Man in the Middle 

With this type of cybersecurity threat, the attacker will eavesdrop on a conversation or transaction in order to gain payment details. The attacker may also use the opportunity to install malware. It commonly occurs over a public (or insecure) wifi connection; you access public wifi via a hacker’s programme, so any data sent over the network passes through the hacker’s systems.

SQL injection

This type of cyber threat specifically targets an SQL server (used by businesses around the world) and forces it to reveal data that it wouldn’t normally. Again, this could be via a malicious file or even a compromised search box on an infected website. 

Cyber attack examples

Phishing

A client’s accounts department received an email apparently from a director requesting payment of an invoice. The accounts team raised the payment and then later realised the email had come from a spoofed domain with one letter added to the domain name. At this point, the payment had already left the client’s account and could not be retrieved by the client’s bank. 

Total costs were £27,800 and settlement was made within 14 days of the claim being reported to insurers.

Spear Phishing

A fraudster set up a similar email account to our client’s landlord and advised them their bank details had changed. Fraudsters had been monitoring the client’s emails so knew when the rent was due and the best time to advise of the “change” of account details. 

In the end, the cost of the claim was in the region of £40-50k. The client’s Cyber Insurance policy would have acted but the client was able to recover most of the funds from their bank.

Ransomware

A local company suffered a ransomware attack whereby a piece of software was put on the company’s server at an unknown time. A hacker demanded a ransom payment in Bitcoin and promised to release 18 months’ worth of documents to the company upon receipt of the funds. The amount steadily increased as the days passed. The company’s IT provider has been trying to rectify the problem but has not been able to recover the files, which they are now manually uploading to a new server using the information they had in physical documents. 

The company first became aware of the situation in early January and has still not resolved the issue and they have no insurance support.

EMOTET - Botnet

Taken down by Europol in January 2021, EMOTET was one of the ‘most resilient botnets’ in the world. It created an ‘open door’ to users’ machines, allowing other malware to be installed while recruiting other servers and computers to further spread the network. It was executed via a phishing scam, whereby compromised Word documents were sent out by victim computers. The file asked users to enable macros, which then allowed the bot network to take control of the machine.

Read more: Top 5 Cyber Security Tips for Business 

Protect Your Business

Cyber Insurance won’t stop an attack taking place, but it’s an essential resource when it does, providing vital support, from legal and technical advice to financial protection for ransomware and more. Get in touch to find out how it can help your business today. 

Related Articles