In the not too distant past, when somebody got online, they did so pretty much by logging onto a computer. Nowadays, however, computers are not the only way to get online; there is a whole host of gadgets and gizmos that are designed to make modern living easier and communication faster. Organisations of all shapes, sizes, and industry, besides using desktops and laptops, are using an ever-increasing number of mobile devices; smartphones, iPads, tablets and the like. Wikipedia defines this ‘Internet of things’ as, “devices, vehicles, buildings embedded with electronics, software, sensors and a network of connectivity that enables them to collect/exchange data”. We can do our weekly shop online from home and have it delivered. There are apps available now by which means we can control our heating or unlock our garage door, even our front door. However, whilst the internet succeeds in this attempt to make our lives easier, by means of what is referred to as social engineering, as I will explain shortly, it simultaneously increases the opportunities for online criminals to make our lives very difficult.
I first started looking into online security, otherwise known as cybersecurity, earlier this year. My very first post, albeit brief, highlighted the shortage of skills in this area and the effect this deficiency could have on the overall security of the organization. I used the TalkTalk attack of 2015 as an example. The post went live on the day the NHS (to name but one victim) was attacked by ransomware; a common and serious threat. Whilst it was a very brief post that sought to advertise the skills shortage to those who might consider training for a career in online security solutions and software, it opened the realization of the importance of online security to the individual user…After all, the more users there are, the greater the threat.
I have not gone into too much technical detail but have written this post in a general perspective so that it is easily understood by online beginners as well as the more experienced user. Threats are made possible because attackers use social engineering to their advantage, so I will cover this subject first. I will then explain the motivation for these threats followed by a description of the 7 most common ones and how to avoid them. Finally, if you are unlucky enough to already have unknowingly fallen victim to an attack, then I include a brief description of symptoms towards the end.
Social Engineering and Attacker Motivation:
Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. The attacker, according to Lifewire, seeks to gather information or system access by attempting to change an “individual’s behavior when responding to emails” because the internet allows us to communicate and be influenced by what drops into our inboxes. Attacker motivation varies from those who do it because they can, to those who seek to gain financially, or those who seek to disrupt or destroy an organization.
The threats attackers create are usually motivated by the number of users and the kind of data the network handles. For example, an individual home user might suddenly be attacked by Ransomware and be confronted with a demand for payment of say, £300 if the user wishes to be able to access their online device again. Imagine then, what a similar threat could demand if it wormed its way onto a device attached to a global network. The potential disruption could be devastating as the NHS and TalkTalk attacks prove. The casual online shopper, therefore, whilst potentially at risk, does not face the same threat as a larger network because the motivation to attack is lower. However, a recent post on Twitter warned that Christmas shoppers should exercise caution as online criminals “are getting ready to pounce”.
Malware is an abbreviation of two words; malicious software. It is an umbrella term used to describe hostile software that attackers design specifically to cause disruption to a computer or network by acting against what the user/users require. There are various forms of malware such as the previously mentioned ransomware, viruses, Trojan horses, all of which are detailed below, but whilst there are ways of removing them should your device become infected, the aim of this post is how to avoid these issues, rather than how to resolve them. Added to that, this post is already a considerably longer one, so I did not have room left to include malware removal details. There are, however, several trusted sites such as Microsoft, AVG, and McAfee, to name but a few, that will instruct you on how to do just that. Be aware, though, that some malware is not easily removed and may cause you to lose some, if not all of your files (Heimdal Security). It is therefore imperative to state that prevention is much better than cure.
The 7 Most Common Online Security Threats:
- Spyware is malware designed to spy on your device daily so that the attacker can spy on regular searches you make and then try to create a scam to encourage you to part with your hard-earned cash. For example, you may regularly look at pet accessories, so the scammer will come up with offers of cheaper products. Just don’t be fooled. Firstly, you may not receive the product and secondly, it will probably fall apart in a very short time. Thirdly, the attacker may be able to steal your card details and you may find yourself paying for more than a tacky dog collar!
- Keylogger is similar to spyware but logs keyboard actions looking for confidential details and passwords. These programmes are often responsible for the theft of identity and intellectual property, so they are ones to be aware of.
- Phishing and Pharming are similar types of threats in that phishing emails are messages that look official and seem to come from a reputable service provider. They try to get you to supply personal details. Below is one that I received only recently.
- See how professional it looks? Until you look closer, that is and notice that it is addressed to ‘Dear Client’, rather than to me personally and bad grammar has been used; “This is receipt your payment” and “Didn’t authorize this transaction?”. Pharming, on the other hand, is an attack whereby your site’s domain name system (DNS) server is hijacked, resulting in you being directed to an imposter site. The aim of the attacker here is to encourage you to enter your login details which they are then able to capture and use to their advantage. As with phishing emails, pharming web pages look legitimate but there are tell-tale signs visible such as typos and incorrect grammar.
- Ransomware blocks access to the user’s device or data by encrypting it and then demanding money from the user to release it. It is the fastest growing form of computer virus that downloads software onto a device usually through a bogus email that prompts the victim to click on a download link. The virus that attacked the NHS, known as WannaCry, rapidly spread across more than 150 countries, took control of 1,000s of computers and demanded £230 per device. It found a weakness in the age of the software and the National Audit Office stated that the NHS could have avoided this attack if only they had taken “basic IT security measures” (Evening Standard 27/10/17)
- Trojan one of the most complicated threats, especially for banking. It is capable of evading antivirus protection and can steal your bank details to compromise your account. The most powerful Trojan can take over your whole security system by bringing with it what is called a backdoor. The Oncea backdoor is on your device it allows the attacker to bypass all your authentication details.
- The Virus replicates itself to destroy the device onto which it is downloaded. Viruses are not as popular today as malware is now designed to earn money rather than to destroy, but an activist who cares little for profiteering and seeks to convey a message might use this form of attack according to Cybereason. Viruses attach themselves to a programme or file and then spread from one device to another as that programme or file is passed on. In its wake, the virus leaves an infection on each device and can only be spread by human activities such as sending emails or attachments already infected.
- Worms are like viruses in that they self-replicate, but they don’t have to attach themselves to a programme like a virus does and therefore do not need human interaction to be able to spread. Instead, they travel from device to device through the network those devices are attached to. The larger the network, the greater the disruption caused.By replicating itself, a worm reduces hard drive and bandwidth and dramatically reduces the speed and performance of the device.
As well as these 7 most common and potentially serious threats, it is also worth mentioning the following:
Adware is very common and will cause you to keep experiencing a lot of adverts and pop-ups. Whilst not really harmful they can be very annoying.
Scareware is another very common form of malware. When planted, it immediately informs you that there have been multiple threats detected on your device and that it can remove them all for a small fee. The idea is to scare you into buying.
Ablended threat is thankfully, not a common attack; at least not yet. It is a sophisticated and deadly bundle of Trojan, virus, and worm that can launch a formidable attack on several areas of a device at one time (Webopedia). Blended threats are more likely to be targeted at global or very large organizations rather than the individual user.
Who can online threats affect and how do we avoid them?
These online threats are weapons used to disrupt or destroy critical industries such as government defense, medical institutions, utilities, transportation, communications, and energy, as well as the individual online user. The minute you get online, you are at risk, no matter how large or small your organization. Because online activity consists of many participants who can affect and influence each other, attackers use this social engineering advantage to its fullest potential, worming their way into vulnerabilities in the online world of devices. So, to avoid a threat is much easier than to try to repair the damage it could cause because, as I’ve already stated and will state again, prevention is ‘better than cure’… and in some cases, a cure is not always to be found. So… how do we avoid these online threats? The first step, I believe, is to be aware.
- Awareness: If you are ignorant or unaware of the danger, how can you possibly protect yourself from it? “To be forewarned is to be forearmed” because being forewarned of online threats means that you can take steps to forearm yourself and avoid them. Awareness will also help you to spot the fakes and remember that if something seems too good to be true, then it probably isn’t true.
- Firewall: The internet is a public network, meaning that any device connected to that network can connect with another. A Firewall protects the device by acting as a barrier between that device and the internet, preventing security threats such as worms from accessing it. Whilst a firewall cannot totally guarantee full security, it is a very must-have form of first defense (Get Safe Online).
- Antivirus: Get yourself a good antivirus software and run a regular weekly full system scan. This will help prevent malicious activity and help recover from one, should an attack occur. There are some very good free ones out there in cyberspace.
- Update: Always install and update software and security applications when prompted. If not prompted, then check for updates before starting a scan.
- Change Passwords regularly
- Back up: Back up files regularly on a separate storage device that is disconnected from the internet. This way, in the unfortunate event of a serious attack that causes total loss of files, they can easily be reinstalled from the backup.
- Website Browsing: When visiting websites, if there is no padlock or https:// at the beginning of the web address in your browser, it is not a secure site and you should not enter any personal details. If http:// appears before the address, again, it is not safe. Just think the ‘s’ in https:// stands for safety.
- Downloading: Before ever downloading anything, whether it be PDF file or similar, run an antivirus check first.
- Emails: When opening emails that you suspect aren’t genuine, check for misspellings and typing errors. A genuine email from a reputable company should not have any. If they do not address you as ‘Dear … (your name), or Mr, Mrs, Miss, then be on your immediate guard, especially if it is asking for details. A way of checking authenticity is to hover your pointer over the link in the email and look at the address in the bottom left-hand corner of your browser. If that address does not match the text in the link, then don’t click on it. If unsure and you want to check the authenticity of the email, then log on to the official website and check from there.
- Log Out: When shopping or banking online, always log out. Never just close the browser or shut down, as doing so may not necessarily mean you are logged out and your personal details could be at risk.
Symptoms of Malware:
If your device keeps slowing down, or pop-ups and crashes keep happening, chances are there’s malware involved. Equally, suspicious hard drive activity, running out of hard drive space or unusually high network activity is another sign. If you have a new browser homepage that you didn’t set, or new toolbars and websites being accessed without you have tried, then again, it is a sign that your device has been compromised. If your security is disabled or worse still, your contacts inform you that they have received a strange email from you then, again, it is a sign of infection. As well as this, you could find new and unfamiliar icons on the desktop or the battery starts to drain very quickly, or maybe an unusual error message appears, or you are unable to access the control panel, task manager or command prompt; all are signs that you have an unwanted visitor.
Scammers and con artists threaten our security, identity and finance the minute we get online and it follows that as this online environment increases in sophistication and number of users, so too does the threat. If each individual, then, is aware of online security and what steps to take to avoid the threats, then both individual user and global organization alike, should be able to effectively avoid most, if not all of those threats. Do your housekeeping by keeping your system security and software up to date, running regular system checks, and exercising extreme caution when opening emails, web browsing or downloading anything. Just remember what I have said twice during this post, prevention is much, much better than cure.
Author Bio –
Kandy Shaw is a content writer for NILC Training and enjoys researching and writing about many topics from IT and Cyber Security to Project Management. For more information on this post, please contact her at firstname.lastname@example.org.