Cyber attack method to understand from the attacker's point of view ~ Security measures to be taken ~
Large companies are not the only targets of cyber attacks. Attacks on small and medium-sized enterprises that have important information or belong to the supply chain of large enterprises are real. In this blog, security consultant CISO Shinji Nasu will introduce cyber attack methods that can be targeted by small and medium-sized enterprises and security diagnosis as the first step of countermeasures.
Who is conducting the cyber attack
There are roughly six types of cyber attackers. Knowing the attacker's motives and objectives is also important for security measures.
A fun criminal who wants to show off his abilities
Terrorists who want to show their political will
Industrial espionage aimed at destroying confidential corporate information and data
Money robbers who force illegal remittances of online banking
An antisocial organization that raises money through blackmail and intimidation
Internal criminals who leak information to the outside
Means of cyber attack
The most commonly used means of cyber attacks are emails with viruses attached. Then the website. Websites published on the Internet are quickly targeted for attacks if they are vulnerable.
Attackers' techniques are becoming more sophisticated year by year. There have been cases of sending emails disguised as strangers to attack, or setting up a virus on the target website to hijack the viewer's PC and spread the damage. Learn about attackers' means and prepare for cyber attacks.
Websites targeted by attackers
Attackers are scrutinizing corporate websites. For example, the recruitment page is a treasure trove of personal information. In addition, there are companies that list their business partners on their website, but if the target company is listed in it, you may attack using that as a foothold, so be careful about the posted information. .. In addition, it has been reported that employees of SNS, whose use has been expanding in recent years, disclose company information without permission and cause problems.
Attackers accumulate information from websites in this way. It is necessary to take measures such as not disclosing the real names of the parties concerned on the company's website as much as possible, and making sure that employees do not post the company's e-mail address etc. on SNS.
Targeted attack
The general term for cyber attacks that are executed targeting confidential information such as companies is called targeted attacks, and it consists of a combination of social engineering, ransomware, and fileless attacks, for example. Here, we will introduce those attacks.
Social engineering
It is a method to obtain information behind the human psychology. This includes telephone calls, peeping, acquisition of paper waste, and intrusion into the premises. It is necessary to look not only at technology-based methods, but also at security measures that are different from PCs and networks.
Ransomware
Ransomware, also known as a ransom virus, encrypts data on your PC without permission. The attacker then threatens to pay the money if he wants it back. It's important to always back up, as you can lose all your data.
Fileless attack
It is an attack method that infiltrates standard Windows programs (Powershell, etc.) without using a virus. Since it is a standard function, antivirus software does not respond, and there are cases where it hides for a long time and continues to steal information.
To avoid being victimized by cyber attacks
In order to protect a company from the threat of cyber attacks, it is important to first "know". Investigate the tactics and the actual situation of damage, grasp the current situation of your company's security measures, and fill the gap with the goal you should aim for.
In addition, since it is difficult for us to fully diagnose the security level in-house due to know-how, we recommend that you ask a professional security company.
CISO diagnostic items
Endpoint (employee's PC, etc.)
smartphone
Server cloud
network
Website
Physical security (are you prepared for theft etc.)
Rule rules
Comments