From the Blogosphere
Top Places to Check for Signs of a Targeted Attack in Your Network | @CloudExpo #Cloud #Security
Targeted attacks on the network of a business can be big trouble. A business should know where to look to stop the attacks
By: Peter Davidson
Dec. 6, 2017 01:00 PM
Targeted attacks on the network of a business can be big trouble. A business should know where to look and what to look for to stop the attacks.
Businesses are aware of the dangers of hackers. They know that a hacker can steal private information that hey store on their computer networks. They recognize that hackers can create problems for the business and the business's computer systems through a variety of different ways.
Being aware of the dangers and knowing what to do about them is not the same thing. Unless a business has a big IT department, their ideas about network security are not always correct. They may not realize that they are the target of hackers. They may assume that hackers either try to cast a wide net with the hope of catching someone or they target bigger companies. A smart business recognizes the threats of targeted attacks and knows where and how to look for them and what to do when they find them.
What Are the Threats?
Businesses have changed. They store more and more Information on computer systems and on the cloud. The information is the target of the hackers today. The hackers are not the same they were in the past. They have come up with tools to get past the security systems that businesses have in place. Businesses keep working to improve their security and the hackers keep working to get around it. That is why businesses need to know where the hackers are trying to attack.
7 Points of Attack
1. Domain Name Systems - These are known as the DNS Records. Hackers try to fool people searching for a business on the internet by creating domain names that are similar to the real business domain address. If people make a mistake typing the name of the business they could end up landing on the wrong website and may share information with the hacker instead of the business.
IT security intelligence can check for potential problems from these DNS records. They can search for a variety of things that are signs of hacker's attacks, including unknown domains with specific IPs, Domains that were recently registered that are unknown, domains with random characters or domains that imitate other legitimate domains.
2. Heed the Warnings of Security Systems - Computer systems will send out alerts of possible problems with the security systems and files. A business often assumes that the warnings are false alarms if they recognize the file or information that the threat intelligence services are giving them. It is not always a smart idea to ignore these warnings.
Network security intelligence will help prevent the attacks on a network. It can spot the hackers when they are trying to get into the computer system of a business. The only flaw they have is they require the user of the intelligence services to act on the threats they find.
3. Unknown and Large Files - Hackers plan their attacks in advance. They work to place large unknown files on the computer systems of a business. Regular searches for these types of files with cyber security intelligence software can prevent hackers from ever using them.
4. Watch the Network Log - Audits of the network log for strange or abnormal connections is another way to stop attacks from hackers. This requires someone to understand what the normal activity of the business network looks like. The only way to see activity that is out of the ordinary is by being aware of what is supposed to happen on the network.
5. Check the Logins - Hackers do not always have a password to login to computer systems and business accounts. The login record can show the business failed attempts at a login to the network or the computer systems of the business. Unusual amounts of this type of activity is a sign of a hacker. To maintain the security of a network, the business should do regular audits of these records.
6. Unusual Protocols - Like the unusual connections, spotting abnormal protocols is not easy. Hackers are smart and will try to use protocols based on the way the businesses network operates. Spotting something that is out of the ordinary requires looking past the first layer of the protocol connection and studying the content of the connection.
7. Look at Email Activity - Emails have been around for a long time and are a favorite tool for hackers. Hackers use phishing attacks to get into the networks of a business. Increased email activity is a sign of a possible phishing attack. A business may hope that they have taught their employees how to avoid this type of attack, but they also need to take steps to prevent these attacks from reaching the employees. Auditing email records is one way to do this type of cyber security.
Stopping the Threats
Cyber security is similar to insurance. People spend money on insurance with the hope that they never have a need for it. Businesses invest in security for their computer systems and networks with the hopes that a hacker never attempts to get into them. The good news is that hackers are looking for the easiest targets to attack. The businesses that take the time and energy to protect their networks through the use of different threat intelligence services and by learning where to look for threats are the ones that are a target hackers avoid.
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week