Chris Barr, Technical Director at Central Technology, discusses different types of cyber attacks and how we can protect your business through Cloud Backup.
Small firms in the UK suffer close to 10,000 cyber-attacks daily, according to research from the Federation of Small Businesses (FSB). This threat is evolving rapidly due to the current business climate with huge numbers now working from home and connecting to a remote system via the internet.
Cyber crime can sometimes be overlooked by businesses and it is vitally important organisations have the right protection measures and a bullet proof backup system should the unthinkable happen. Below we have taken a look at the four of the most frequent cyber-attacks and how we are working with leading global security and back-up specialists to provide our customers with the ultimate protection against cyber attacks with Backup for Microsoft 365.
1. Distributed Denial of Service (DDoS)
A DDoS attack involves bombarding a website or server with artificial traffic to the point where it can’t handle it, resulting in long delays for users or a server completely failing. Sometimes a denial-of-service attack can act as a diversion – hackers don’t actually get any benefit from the attack itself but carry it out to create chaos so they can break into the organisation’s network whilst it focuses on restoring its website.
One of the most important things you can do to protect yourself against a denial-of-service is to secure your network with advanced systems – firewalls, anti-spam and content filtering together – will enable consistent defence and allow little outside traffic.
2. Spear phishing
Phishing – a term meaning to ‘fish’ for passwords and financial data – involves scammers posing as a trustworthy business or service such as a bank in order to gain sensitive information from victims.
Spear Phishing is a little more complex and harder to spot. Just like Phishing, emails and messages will look completely convincing, but Spear Phishing is targeted. Attackers will take the time to create messages that are personal and relevant, often falsifying an email to make it appear as if it is coming from someone you know. They’ll even clone websites to fool you into entering personal information such as login credentials.
If you do receive a suspicious email, don’t respond, and take immediate action. Your IT team should run anti-virus software on the device, change all passwords for accounts that use the password captured by the hacker and contact the company or person that was impersonated. To prevent Spear Phishing, be suspicious of unexpected emails, keep spam filters turned on and check them regularly.
3. Man in the Middle (MITM)
You might not have heard of the name – but Man in the Middle or MITM attacks are very common and you may have even experienced it. It’s a type of attack that occurs when a cybercriminal disrupts communication between people or systems. An attacker could impersonate two users – using both to manipulate each other and gain access to their data. The users are unaware that they are communicating with a cyber criminal and not each other.
There are some simple things you can do to protect your business and its employees, such as HTTPS using browser plugs, to secure logins and online transactions, create separate Wi-Fi networks for guests, internal use and business data transfer, not allowing employees to use public networks for confidential work and asking your IT provider to install an Intrusion Detection System (IDS).
4. Drive-by attack
During a drive-by attack a cyber criminal will target you through your internet browser. They will directly attack your computer, installing some form of malware as soon as you land on an infected site. It can even occur if you visit a legitimate website that has been compromised by hackers – or they may redirect you to a malicious site.
To protect yourself from this kind of attack, keep browsers and operating systems up to date and don’t keep too many unnecessary apps and plug-ins – this leaves you more vulnerable, for attackers to exploit through different means. Stick to sites you would normally use but be aware that popular websites may fall victim to drive-by attacks.
It’s important to keep up to date on the latest and most common attack methods and learn how your business can remain protected. A disaster recovery plan is the next step in data protection and one every business should have. This could save you downtime, the threat of a data breach and a loss of revenue.
How we can help: Protecting your valuable business data with Microsoft 365 backup
The surge in remote working not only increases the amount of ransomware threats, but creates a massive spike in the volume of unstructured data that businesses have to process, including phone calls, emails, IM’s and collaborative files. As a result we needed to find a solution to provide a more robust ransomware protection and cost effective back up Microsoft 365 solution for our customers.
The technical team here at CT has joined forces with two global leaders, Veeam and Cloudian, to develop a unique backup solution for Microsoft 365 that offers bullet proof protection against cyber attacks.
Together we developed a unique solution built on Veeam software and Cloudian’s HyperStore object storage platform. This object lock solution works on the WORM’ principle – ‘Write Once, Read Many’ which simply means you can write data onto a disk just once. After that, the data is permanent, cannot be infected but can be read any number of times. It is the perfect solution if you have vast amounts of data that you want to store and access as and when needed.
This also allows us to take advantage of more cost-effective service models and pass savings on to our customers, using smart algorithms to intelligently move infrequently-accessed data to low-cost archive storage, saving our customers money and allowing them to focus on mission-critical data instead.
