Beware, the most common external cyber attacks

In 2024, the question of whether cyber attacks are a real risk is no longer a debate. With cybercrime on the rise worldwide, no organization can afford to ignore digital security in 2024. 

Even major names like  ICBC, MG, 23andMe, and Boeing have fallen victim to cybercrime recently, despite their sizable budgets and robust defenses. This leaves many organizations wondering how to tackle the thorny challenge of cybersecurity. 

According to Nenad Zaric, co-founder and CEO of Trickest, the rise of complex cyber threats means businesses often overlook critical vulnerabilities that leave them exposed. The five most common external attacks from bad actors capitalize on these blind spots. Strengthening these areas can significantly reduce the risk of being breached to save critical business operations, and avoid loss of data, disrupted operations, theft of intellectual property or damaged relationships with customers and suppliers. 

Robust cybersecurity policies will also help to protect company finances. IBM found that on average, companies had to pay around $4.45 million due to data breaches in the U.S. in 2023. 

Further, the industries that were mostly impacted by cyber attacks in 2023 were manufacturing, finance and insurance, professional, business and consumer services, energy, retail, wholesale, healthcare, government, transportation, education, and media and telecoms. 

Given this broad scope, here are five of the most common weak spots that businesses often overlook to help organizations secure cyber defenses in 2024. 

1 – Social Engineering

Have you ever received a call from someone stating they are from ‘your bank’ and need to confirm some information? Or perhaps an email or SMS asking you to click on a link to win a car or a million dollars? 

We have all faced these kinds of situations – one of the most common cyber attacks: Social Engineering. The principle here is to take advantage of others and trick them into providing personal information by hiding their identity and presenting themselves as someone else. This allows bad actors to access personal data or the company’s data. It relies heavily on social interaction and manipulating people to break their usual security processes and best practices, getting unauthorized access to the system and networks.

This type of tactic is one of the most common among attackers, as it is much easier to get information from people than it is to find an open vulnerability in a company’s surface attack and exploit it. To illustrate further, in a corporate scenario, the hacker would conduct research on the company to find information that will provide credibility. Next, they learn the behavior and patterns of low-level employees who have initial access to then finally create an attack that will allow them to gain access to confidential information.

There are several types of Social Engineering attacks, but some of the most common include Phishing, Pretexting, Quid Pro Quo, Impersonation, Vishing, Baiting, and Money scams, among others.

2 – Ransomware

Imagine this. You log to work as usual but today you’re unable to access any local or network files or the entire system is encrypted. This is precisely what a Ransomware attack looks like.

In this attack, the hacker infects your computer to encrypt or steal your data before finally demanding a ransom to be paid in order to give you back control of your or the company’s data. In other words, once the cybercriminals have the power over the company’s data, they ask the owners to transfer money to a specific account to then receive a key that will unlock all the encrypted data, however, keep in mind that this does not give you any guarantee that you will have the control back.

There are different ways in which hackers can get power over your computer, among the most common ransomware ways they infect it we can find phishing emails, trojan horses, vulnerability exploitation, lockers, and scareware, among many others.

3 – Credential stuffing

Do you get overwhelmed with the amount of different passwords you have to remember? Most average professionals are juggling more than 10 passwords on a daily basis. If we’re all honest, it’s common that we probably end up reusing some of these passwords on different sites to make our lives easier.  

If you do this, let me tell you that you are more prone to suffer an attack of Credential Stuffing. 

As Eric Clay, an expert from Flare, points out, “The biggest external threat for businesses today is valid account abuse through leaked usernames and passwords. Many malware variants now specifically target credentials stored in the browser, making it easy for threat actors to log directly into financial services, social media, and even corporate accounts.”

With this type of external threat, hackers use malicious bots to stuff known usernames and passwords in different login pages until they succeed with one. You might be wondering, where does he get those usernames and passwords? Usually, it is from data breaches and the dark web. And of course, the reason why this actually works is because there are thousands of people who reuse their passwords and usernames in different sites, providing them the perfect tool to gain unauthorized access to their accounts.

4 – Denial-of-Service attacks

Imagine it’s Black Friday and you’re in a shopping mall trying to buy the same item as everyone else. However, out of nowhere, a group of people start to block the doors intentionally and create a massive bottleneck – what a headache, right? I definitely wouldn’t want to be stuck here.

This scenario is just like a Denial-of-Service (aka DoS) attack in the digital world. The attackers will drown a website or a server with a huge amount of traffic, which usually originates from a network of compromised devices or botnets. All of this traffic can come in many different forms, it could be as a bogus login attempt constant data request or even sending large amounts of junk data.

With all of this, the hacker is looking to overload the website or server, which will end up crashing and appearing as unavailable to legitimate users. It is just like a digital traffic jam, preventing the customers from accessing the store and making their purchases.

This type of attack can represent a significant financial loss for businesses that rely heavily on their online presence.

5 – Misconfigurations and unpatched systems

Would you live in a house that has a weak lock and broken windows? Would you be able to sleep without being afraid someone is going to break in?

Well, just like a house in those conditions is easier to break into, a system with Misconfigurations and Unpatched Systems is like an open invitation for bad actors to try and breach your security systems. 

Misconfigurations can happen during system setups or configuration changes. In addition human errors like leaving a database with the default login credentials or allowing unnecessary access permissions create vulnerabilities.

Unpatched Systems are those that lack the latest security updates that will help fix known software flaws and vulnerabilities. These are precisely the ones that attackers are constantly scanning to identify and exploit. Further, out-of-date systems provide much easier targets than those updated.

Attackers can exploit these weaknesses to gain unauthorized access to sensitive data or systems.

Top tips on how to prevent external cyber threats

1. Be skeptical! – If something seems too good to be true, it probably is. Do not click on any suspicious links or attachments and be aware and careful with any unsolicited emails and phone calls, even when they seem to be from a legitimate source.

2. Educate and train your employees – Make sure all your employees are aware of cybersecurity best practices, for example, how to identify phishing attempts and how to create strong passwords.

3. Strong password policies are a must – Implement a strong password policy in your company, make sure all your employees have a complex and unique password for their accounts and you can even request a password update regularly.

4. Keep your software up to date – All your operating systems, applications, and firmware should be updated.

5. Back up your data regularly – In case you face a ransomware attack, it’s a good practice to have a recent backup of your data. This will help you recover more quickly and you’ll avoid having to pay a ransom.

6. Firewall and security software are a must – Having a firewall can help you block unauthorized traffic from entering your network and security software will help you detect and remove any malware.

7. Have a plan of action – In case you face a cyber attack, have prepared a plan of what to do next. 

Any business, of any size, can suffer a cyber attack. However, if you are familiar with the different types that are out there and know how to combat them plus your business is protected, there is a lower chance you get attacked. 

Cybersecurity is an ongoing process, not something you can fix one time, you need to be vigilant and take the steps necessary to mitigate and minimize your risks.

Disclosure: This article mentions a client of an Espacio portfolio company.