Most Common Threats to Businesses

Author: Mohan Kumar

It is no secret that hackers use a variety of tools to penetrate a network or device, but with so many different names and methods reported, it can become unclear exactly what we need to know.

As an IT Security business, we are made aware, on a daily basis, to threats that both our Security Vendors are discovering, and sadly, our customers.

To create a little more clarity, we have listed the most common threats a business faces today.

The most common and latest threads is:-
  • Denial of service/blocked access/paralysis/unavailability;

  • Loss or theft of strategic data/unfair competition;

  • Misinformation/defamation/damaged image

  • Intrusions/economic fraud/embezzlement;

  • Cyber-extortion/demand for ransom;

  • Theft of personal data managed by a business

  • Threats to vital infrastructures

  • Propagation of malware through social networks/web navigation;

  • Misuse; and

  • Falsification of documents.

Denial of service/blocked access/paralysis/unavailability:-

Denial-of-service (DoS) attacks typically flood servers, systems or networks with traffic in order to overwhelm the victim resources and make it difficult or impossible for legitimate users to use them. While associate attack that crashes a server will usually be dealt with with success by simply rebooting the system, flooding attacks is more difficult to recover from.

General methods of DoS attacks:-

  • Buffer overflow attacks

  • ICMP flood

  • SYN flood

Loss or theft of strategic data/unfair competition:-

Data Theft in simple term means accessing and stealing computer based confidential information with intention to cause wrongful loss to the owner of the confidential information and wrongful gain to the perpetrator.

Data theft is an increasing problem for individual computer users as well as big corporate firms.

What are the common modes of data theft?

  • USB (Pen) Drives & Memory Cards

  • Portable hard drives

  • CD/DVD

  • Email

  • Web-Mail

  • Printing

  • Remote Access

Read More: Most Common Cyber Threats and its Solutions!!! Misinformation/defamation/damaged image:-

The Internet is a cheap, fast means of international communication of text, sound or image. In other words, an information resource without political or content boundaries; limited only by the extent to which the information providers are willing to disclose their materials and the fruits of their own writing and research.

In the present day, websites displaying information of all kinds are proliferating. These sites are established and controlled by Internet Service Providers (ISPs) or, sometimes, by the company's information technology department. These sites can be accessed through suitable search engines, which will trace and display information to suit the requirements of the searcher.

However, not many of the companies are aware of the risks attached with the hosting of a Web site. Who would be held liable, for instance, if an employee clandestinely posts racist, sexist, or defamatory allegations about a competitor on the company's official website?

Intrusions/economic fraud/embezzlement

Economic fraud may be broadly outlined as an intentional act of deception involving financial transactions for purpose of private gain. Fraud could be a crime, and is also a civil law violation

The global financial crisis is partly caused by economic crime. Last week, at the eighteenth session of the Commission on Crime Prevention and Criminal Justice, UNODC Executive Director Antonio Maria Costa said that "bankers have allowed the world's criminal economy to become part of the global economy." He added that "the financial crisis is providing an extraordinary opportunity for even greater mafia penetration of cash-strapped financial houses with the banking crisis choking lending, these cash-rich criminal groups have emerged mutually of the few sources of credit."

Cyber-extortion/demand for ransom:-

Cyber extortion is a crime involving an attack or threat of an attack against an enterprise. It is also coupled with a demand or request for money to avert or stop the attack. In cyber security it is very important to protect oneself against cyber extortion.

In my paper I will be discussing Cyber Extortion. Cyber extortion is a crime involving an attack or threat of an attack against an enterprise. It is also coupled with a demand or request for money to avert or stop the attack. In cyber security it is very important to protect oneself against cyber extortion. It is using cyber safety rules and basic firewalls and malware protection to keep others out of one’s computer system. I will discuss basic extortion and give some examples on the threats one is used to hearing about. I will then give examples on cyber extortion.

When many people think of extortion, they think of kidnapping, blackmail with pictures or even plain bullying. A kidnapper would give a phone call stating, "We have your child, we want a $250,000 (or any specific amount of money) to guarantee her safe return. If you go to the police, you will never see her again." Another way of doing so is writing a letter worded with magazine or newspaper clippings, so that the letter is untraceable, stating the same basic thing a phone call would state. Blackmailing can be done under many circumstances.

Read More: Top malware threat of 2017 | Ransomware

Theft of personal data managed by a business:-

How important is it to keep your personal details private? To be more specific, how dangerous is it to leave your personal information—your name, your social security number, your credit card and financial details, even your email address and phone number—where other people can access them? While it should appear harmless to leave bits and items of your personal info online or a physical document that you simply tossed in your garbage bin, it could be wont to steal your identity.

This is the unfortunate reality of identity theft. Despite all the reports on how people lose money and even reputation from fraud and hacked accounts, many people still don’t fully understand the real security implications of having their identity, as represented by their account credentials and information, stolen.

How does identity theft happen?

Identity theft happens when your personal information is stolen and used by cybercriminals or scammers to impersonate you. Your credentials can essentially be used to gain access to different areas of your digital life, including your bank accounts, social media, and credit card details. Along the way, they may harvest other sensitive data from your accounts as well as those belonging to your family, friends, and colleagues. In some cases, cybercriminals can use your credentials to harm your reputation or cause online public humiliation. Altogether, they can cause irreparable damage. In addition, a stolen identity can also be used as an effective cover for cybercriminals.

Read More: 7 Cyber Security Tips By Indian Cyber Army.

Propagation of malware through social networks/web navigation:-

Online Social Networks are communities of people who share common interests. These types of networks are used by millions of people around the world. The massive adoption of this service among users has made it a popular mean for malicious activities. The aim of this paper is to identify the parameters which are related to malware propagation in online social networks. To do this, we first construct a sample network based on the features of online social networks and then we examine the effect of parameters that could affect the speed of malware propagation.

Falsification of documents.

"Falsifying documents" could be a variety of white collar crime. It involves sterilisation, changing, or modifying a document for the purpose of deceiving another person. It can also involve the passing along of copies of documents that are known to be false. In many states, falsifying a document is a crime punishable as a felony

"Falsifying documents" could be a form of white collar crime. It involves sterilization, changing, or modifying a document for the purpose of deceiving another person. It can also involve the passing along of copies of documents that are known to be false. In many states, falsifying a document is a crime punishable as a felony.

Some types of documents that are commonly falsified may include:

  • Tax returns and income statements

  • Personal checks

  • Bank account records

  • Business record keeping books

  • Immigration documents (such as visas, passports, etc.)

  • Identification cards and birth certificates

Basically, any sort of official kind or document are often illegally changed. falsifying documents is typically done in connection with broader criminal aims, such as tax evasion.

In order to be convicted of falsifying documents, the accused person must have acted with criminal intent. Some businesses forms such as corporations can also be charged with falsifying documents.

At this time it is needed for the companies to be prepare themselves against such Cyber Threats that has discussed above. Companies need to focus on their vulnerabilities so that they can find out their weakness in the systems and networks in order to resolve these issues and keeping their confidencial data secure from Cyber Criminals. For this they need Cyber Experts and professionals who always watch the weakest links in their networks.

We, the Indian Cyber Army have the army of such Cyber Experts who can provide best services to Companies. We assure you that your data and confidential information will be kept secure. We also Provide training to the professionals so that you can train your employees as well. If require any detail or have any query, you can contact at our cyber crime helpline number +91 99686 00000 or can also email us at cyberarmy@ica.in