Wednesday, 25 October 2017

Cyber Security Threats to Businesses



For a business, it is quite critical mitigating the cyber security threats that may affect organisation’s goodwill or businesses financially. An enterprise and its top management should be well aware of taking necessary actions.

Misuse of Company Assets:

It is very common that employees maliciously misuse the company assets, which remains an on-going threat to the organisation. Such misuses occur during the normal course of duties being performed by the employees, which is difficult to prevent. Monetary personal gains inspire guilty employees performing such acts irrespective of any cadre i.e. from top executives to the lowest level. Another high risk pertains to theft of the physical devices, which may store, or process or transfer business information. Such devices may include laptops, smartphones, pen drives, etc. stolen from office premises, personal vehicles or employee residences, mostly owing to employee’s carelessness.

In order to mitigate such risks, the organisation should regularly arrange back-ups for their data and should encrypt all the mobile devices. Employee awareness programs should be conducted. IT policies should be formed to discourage employee perpetrating from such acts and monitoring should be strengthened to timely identify such insider employees.

At PSI, we use various techniques in-line with ISO 27001 standards, like disaster recovery plan that has extensive details covering the security aspects not limited to only data and application back-ups, laptop encryption using bit locker, etc.

Infringements at Point-of-Sale (PoS) Terminals:

Due to infringements at point-of-sale systems or smart cash registers, large volumes of thefts pertaining to payment card information have been reported. These kinds of attacks pose threats for MSME businesses like grocery stores, restaurants, etc. These attacks involve compromising the PoS device, installation of malware on PoS node for collecting the magnetic strip information, retrieving the stolen data for using it for the financial gain.

Mitigating this attack can be performed by avoiding the use of remote access products and services like PCAnywhere, Microsoft RDP, etc. used to manage PoS nodes. Using anti-virus products for effective identification of popular keystroke logging tools, like Perfect Key-logger, etc. The operator employees of PoS should not be allowed to access the internet for other activities like e-mail access from these PoS terminals. Finally, the operating systems of the PoS terminal should be hardened.

At PSI, we do not allow remote access to the network without a virtual private network. All the systems are protected by corporate licensed antivirus software whose virus definitions are updated regularly, with close monitoring of all the user system on the regular basis.

Denial of Service (DoS) Attacks:

This attack shuts down all customer interacting websites. In such an attack, the internet protocol is exploited to reject other users from the genuine access to the information or systems. The individual or some group of individuals introduces these attacks.

Such attacks are done for various malicious reasons, like rescind the ability of the device to function by deleting or changing configuration information or power interruptions, etc. To vitiate the ability of the device to function, like opening many simultaneous connections to the single device, etc. To engulf the bandwidth capacity of the network device. The attack can be in the form of Distributed Denial of Services (DDoS), where a blend of DoS attacks are performed in concert from various hosts to punish the target host from further serving its function. Normally, these attacks include SMURF attack, SYN Flood Attack, Ping of Death, Teardrop Attack, etc.

In order to mitigate such attacks, network design should be such that it provides high availability and redundancy, the network should be protected by the firewall, network devices, and hosts should be hardened and several layers of security should be applied to the data and the network.

PSI uses Dell Soni firewall to protect its network and devices. The network is designed with state of art, ultra-modern robust devices that minimize the risk of DoS.

Web Application Attacks:

This is the most common type of data breach, in which weakness of the web application is abused. The unfixed application vulnerabilities provide the way to the attacker for taking control of the machine’s and have access to the system resources. System resources are not limited to intellectual properties, personally identifiable information of the organization, but also may have unencrypted and unguarded financial information like credit card, banking details, etc. These attacks typically include SQL injections, Zero-day Vulnerability, URL Interpretation, Cross-Site Scripting (XSS), Buffer Overflow, etc.

The paramount protection for these attacks is to have the secured applications developed, keeping up-to-date patches, having secured application configuration over the applications and hosted servers.

The developers at PSI use industry best practices while designing and coding the applications for its customers. The quality analysts pre-checks all such attacks on the applications to avoid any sort of security related bug leakages.


No comments:

Post a Comment

what is Juice Jacking SCAM

  Juice Jacking is a cybersecurity threat that occurs when cybercriminals manipulate public charging stations, such as USB charging ports in...