With a new cyber attack or malware infection in the news almost every day, it can seem like a daunting task to protect your business. As the world becomes more connected by technology, cyber security has become a necessity, not a choice. Fortunately, we’re here to help.
At Superfast IT, we’ve been helping businesses with their cyber security for over 15 years. We’ve seen cyber defences change over those years as threats have become more sophisticated and complex.
Consider this page your one-stop shop for everything cyber security. We’ll cover a broad range of topics including;
- What are the Risks?
- Who will Attack you?
- How will they Attack you?
- 12 Cyber Security Controls
- Cyber Security Grader
The first thing we want you to do is to think about your business. How big is your business? Does it have anything of value to a cyber criminal? Are you cyber secure? What do you want to know about cyber security?
What are the risks?
By understanding the risks, cyber attacks can pose to your business it should encourage you to make sure your cyber security is in the best condition possible. Even the most basic cyber security measures are now a necessity, or you will leave yourself open to these risks.
Who Might Be Attacking You?
When you think of hackers, you may imagine somebody sat in their bedroom having not seen sunlight for the last three days trying to breach a system. This couldn’t be further from reality. Cyber criminals are now part of organised groups with a vast amount of resources. They’re not the only people who could be attacking you; it may even be somebody in your office right now.
How will they Attack You?
Commodity vs Bespoke Capabilities
Commodity capabilities are tools and techniques for hacking that are openly available online. They can also be used for security testing (Kali Linux, Metasploit) to see how cyber secure you are. Easily accessible commodity capabilities only work because basic cyber security principles do not get correctly followed.
Bespoke capabilities are for the most intelligent and advanced hackers. The tools get developed for specific purposes with high detail code that can be effective immediately due to them being specific to the targeted system. Once the hidden bespoke capabilities get discovered, they become known as the previously mentioned commodity capabilities.
Untargeted vs Targeted Attacks
Like there are two types of capabilities there are two kinds of attacks. We’ll look at both untargeted and targeted attacks with different examples of each type of attack.
Untargeted attacks get massed produced without a real end goal in mind other than trying to hack into an unprotected system. Hackers will not target a set system/user they just want to find unprotected accounts. They could do it for several reasons;
- Finacial gain
- As a hobby
- Data collection
They will try to get into as many accounts at a time and keep repeating this process. Entry-level cyber security measures will block most these attacks.
Targeted attacks target a particular thing such as a specific network or user. The attack could get aimed at an individual user or an entire business. The hacker may have numerous reasons for carrying out the attack;
- Personal Grudges
- Rival company
- Been paid to target you
These take much longer to execute than untargeted attacks and can even take months or years to set up depending on the scale of the attack. The majority of these attacks use bespoke capabilities and often go undiscovered even after the attack.
12 Cyber Security Controls