The man in the middle has a lot of power and influence over the end result, and this is true even in the technological world. In fact, there are attacks dedicated to this vector, twisting and turning something that your organization needs into what amounts to a threat. We’ll discuss what a Man-in-the-Middle (MitM) attack is, as well as what you can do to combat these threats.
Ferrum Technology Services blog
In today’s modern business environment, your organization faces untold danger. There are several threats out there that your organization’s users could fall prey to. We’ve put together a list of some of the most dangerous ones out there, as well as how your business can respond to them.
Let’s face it; the office isn’t the most engaging place at all times. Repetitive tasks can make attention to detail difficult to maintain. While this might throw a wrench into operational plans, it’s not the end of the world. A major threat like ransomware, on the other hand, could be a business-ender. When a lack of engagement meets security issues, you create a whole other monster that could strike your business when you least expect it.
It’s nice to get away every now and then, but if you have stayed at any property under the Marriott umbrella, including St. Regis, Westin, Sheraton, or W hotel since 2014, there is a good chance that your personal information has been leaked, a spokesperson from parent company Marriott has said. They said the multinational hotel corporation will begin emailing users impacted by the leak in the coming days.
For twenty years, hackers have tried to breach organization’s networks by finding or breaking holes in the network’s perimeter, or in exposed servers. This led to the cybersecurity industry creating software designed specifically to stop these threat actors in the act. This, in essence, created a situation where the perimeter of an organization’s network was extremely hard to breach. The problem was that as soon as something was able to get through the outer defenses, there was no end to the devastation a hacker could cause inside a network.
When discussing the practice of monitoring solutions to prevent threats, it isn’t uncommon for many businesses to put these concerns on the back burner. However, every so often, an example comes around to help inspire businesses to take their monitoring seriously. This time, the example was the arrest of 24 spammers in October for scamming American citizens by impersonating Microsoft support staff members.
Ransomware has been far from low-profile since its inception several years ago. Everyone knows what the file-encrypting malware does, and they all know that paying the ransom can make the nightmare go away by decrypting the files located on their computer. As if the threat of losing data forever wasn’t enough, you’re staring down a ticking clock while this is going on. Nowadays, ransomware is becoming more difficult to manage through various tactics.
Printers, along with every other piece of equipment that is on your network, require careful configuration and regular upkeep to ensure that they aren’t putting your data and users at risk. Security researchers recently discovered two massive vulnerabilities in HP Officejet All-in-One printers that make it incredibly easy for hackers to spread malware and gain access to a company’s network.
It’s fair to say that today's organizations are faced with more online threats than ever before. To properly manage the information systems that they depend on for productivity, redundancy, and operational management, they need to ensure that they are doing what they need to do to mitigate problems stemming from the continuous flow of threats.
Sports are a very popular thing around the world, which means that these athletic contests gather many fans to them. In turn, this means that these events are chock full of potential targets for a hacking attack. Today, we’ll examine the assortment of hacks that have taken place around sporting events.
On March 22, 2018, a remote-triggered ransomware called “SamSam” demanded a one-time payment of $51,000 be made to restore the city of Atlanta, Georgia’s, data. Despite an operating budget somewhere in the neighborhood of $625 million, Atlanta’s municipal leaders refused to pay the fine. The “hostage situation” has cost the city over $2 million already with an expected $9.5 million more likely to be spent restoring and re-enforcing the municipality’s network and infrastructure. This doesn’t take into account downtime and the significant amount of data lost in the hack. Whether or not you think it’s a good idea to not pay the ransom, if a whole city - especially one as large as Atlanta - can effectively be crippled by a single hack, you better believe that your business has to get serious about its cybersecurity efforts.
The Internal Revenue Service has declared to tax professionals that they must take extra steps toward protecting the information of taxpayers. Certified Public Accountant (CPA) firms, whether they are large organizations or small businesses, hold much information that could be used by hackers and identity thieves, which makes them major targets during tax season.
If you were a cybercriminal, what would be your preferred method of launching a ransomware attack? Would you rather create a catch-all threat that could capture as many potential victims as possible, or a calculated approach to land a big one? Despite the proven results of larger ransomware initiatives, most cybercriminals have made the shift to smaller, more targeted attacks against specific companies, and in some cases, individuals.
How quickly could your business recover if it were suddenly hit by a Distributed Denial of Service, or DDoS, attack? Are you protected against the effects they could have on your operations? If asked these questions, most businesses should want to say yes, but in reality, over half lack the means to defend against DDoS.
Social engineering is one of the trickiest parts of protecting your organization. It might sound like something out of a science fiction flick, but it’s one of the most dangerous attacks that a hacker can use against your business. Social engineering attempts to manipulate the target into giving away sensitive credentials or personal information for the purpose of stealing identities and other malicious intentions.
There are times that hackers can’t interfere with data, and then there are times that hackers really can’t interfere with data. CERN, the Conseil Européen pour la Recherche Nucléaire (European Council for Nuclear Research) maintains far too powerful of a computer grid to risk it falling into the control of hackers. To protect it, CERN leverages the cutting edge of security to protect its European Laboratory for Particle Physics: artificial intelligence.
As much as we personify the items in our life, we should remember that they are just that: items. However, technology has made it so that these items seem to be getting smarter through artificial intelligence. The first computer to play chess against a human opponent was introduced in 1956, and ever since, humanity has strived to make progress in the field of AI. In fact, AI is so valuable that even hackers are trying to take advantage of it.
In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.
While not always the case, hackers will generally act with a purpose. They might be looking to snatch some personally identifiable information from a database, or account credentials form unwary users. Regardless, hackers will go to any length to collect this information from unsuspecting users, and you need to do what you can to protect it.
On June 12th, the U.S. Department of Homeland Security issued a warning to power grid operators and electric utilities concerning a newly surfaced malware called CrashOverride (aka Industroyer). Only, it’s not entirely new. The world has seen this before and the fallout from it is concerning.
Newsletter Sign Up
Mobile? Grab this Article!