Let’s be honest, at this point, you or someone you know has been hacked or suffered through a computer virus or malware.
From Facebook passwords to bank accounts, we’ve all felt the growing struggle of keeping our digital identities secure. Websites require passwords of different lengths, with and without certain characters, that need to be changed at varying intervals. Some apps use fingerprints, some send codes, others email you links. It’s a hassle to keep up with.
Meanwhile, businesses face growing friction with end-users as they enforce stricter security policies while trying to protect petabytes of data, intellectual property, and personally identifiable information for every employee and every customer. IT departments are racing to keep up with new threat trends and end-users are left feeling exhausted from excessive security measures that may or may not be successful. But without the right tools and processes in place, your network is vulnerable to potentially irreparable damage.
So let’s talk about the three most common ways hackers gain access to your network and how you and your end-users can help defend against them.
Social engineering is accomplished by manipulating people into providing privileged or private information. There are a few popular ways to achieve this, including baiting and scareware, but for a business, the most common possibility is phishing.
Phishing can be done through texts, social media, phone calls, websites, and email. Typically:
- The message looks like it’s coming from someone they know
- The message is sent with a high level of urgency
- The goal is theft or sabotage:
- If theft, they may ask for a payment or login details
- If sabotage, it would contain links or attachments that corrupt the device
While phishing attempts rely on the potential for human error, some hackers prefer to exploit your network through applications. This could mean hacking an IoT device or initiating a Distributed Denial of Service attack to overwhelm your servers.
IoT devices are internet-connected smart devices, like Nest thermostats and Alexa devices, that regularly collect large amounts of data from their environments and users. Hackers will either download malware to the device or uncover as much personal data as possible – email addresses, passwords, password reminder phrases – anything they can use to attack larger company data and/or steal whatever money they can find.
In 2013, Target exposed millions of customer credit card numbers, causing them to pay $18.5 million for the breach. The hackers accessed the network through their internet-enabled air conditioning supplier.
In 2015, two researchers proved that Jeep vehicles could be hacked, connecting to the vehicle through Uconnect and taking control of the brakes and accelerator while the vehicle was going 70 mph.