Blog

30th September 2014 News

Cryptolocker, Spear Phishing, Heartbleed, Internet Explorer Vulnerability, Denial of Service Attacks, Timthumb Plug-in

 

Cryptolocker spear phishing heartbleed denial of service attachs timthum plug in

Research shows that as large enterprises do more to lockdown their infrastructure, less secure smaller businesses are the low-hanging fruit for cybercriminals to cash in on. Here are six of the more dangerous cyber threats hitting businesses today.

 

1. CRYPTOLOCKER

CryptoLocker – and a number of copy-cat variants which have emerged subsequently – are a particularly nasty form of ‘ransomware’. After seizing control of your computer files they will demand a ransom before you can access them again.

An email attachment is sent under the guise of a genuine business email. Any employee opening the attachment will activate malware which is installed on your computers and servers and lets hackers access your files. These are then encrypted, disabling your access to them. Sophisticated encryption is used to lock you out of your files and the perpetrators will demand a ransom which, if you don’t pay up, the decryption key is destroyed and your files will be lost forever.

Because the ransom is typically just £200 – £400 most businesses willingly pay up, with payment made via a hard-to-trace virtual method such as BitCoin or online voucher system.

The perpetrators of these scams have elicited hundreds of millions of pounds from their victims.

 

2. SPEAR PHISHING

Spear phishing uses emails that look like they’re from someone in your company or a trusted person.  Clicking the link in the email takes you to a fake page from where either spyware is downloaded, enabling the hacker to gather information about the individual or organisation, or a bogus log-in page is presented to capture security details.

The success of spear phishing depends upon three things: the apparent source must appear to be a known and trusted individual; there is information within the message that supports its validity; and the request the individual makes seems to have a logical basis.

 

3. HEARTBLEED

In April 2014, the Heartbleed bug made headlines around the world. A flaw in a highly popular software programme called OpenSSL used by many web servers meant hackers could steal the cryptographic keys used to secure online commerce and web connections. The bug could also leak personal information to hackers when people carry out searches or log into email.

Security experts say that over 300,000 web servers remain vulnerable even though it is easy to protect against the bug.

 

4. INTERNET EXPOLORER VULNERABILITY

Just weeks after the Heartbleed alert, Microsoft announced a major security warning affecting all versions of their popular web browser from Internet Explorer 6 to 11.

The vulnerability enables hackers to access user’s computer through a phishing email and trick them into clicking a link or opening an attachment which installs malicious software without the user knowing.

The issue is of particular concern to businesses still using Windows XP as Microsoft ended official support for the operating system earlier this year, meaning there are no longer any security updates and bug fixes provided.

 

5. DENIAL OF SERVICE ATTACKS

Denial-of-Service (DoS) is a type of attack designed to bring a network to its knees by flooding it with random traffic. Many DoS attacks such as the ‘Ping of Death’ and ‘Teardrop’ exploit limitations in network communication protocols.  The hacker does this by instructing thousands of remotely-controlled computers to flood traffic to a server.

The server is so busy dealing with the attacker’s requests that it doesn’t have time to respond to legitimate user requests, causing the target system to stop responding, resulting in long delays and

service outages.  Software fixes for known DoS attacks are available which system administrators can install to mitigate the damage caused. However, like viruses, new DoS attacks are constantly being developed by hackers and are becoming increasingly sophisticated.

 

6. TIMTHUMB PLUG-IN

In this attack, hackers exploit a security flaw in a photo re-sizing plug-in (called Timthumb.php) for the popular blogging and website publishing tool WordPress.

Through this flaw, hackers install malicious code or files into a website or server. They can then launch spear phishing campaigns as well as ‘Denial-of-Service’ attacks (see above).

Timthumb attacks have hit millions of websites over the last few years, most of which have been small businesses unaware that they have been hacked.

 

Don’t become another statistic of cyber-crime – ensure your systems and working practices are secure.



Back to blog list



Join Discussion