Cybersecurity improvements should always start with education and some of the most recent common attack methods are through the use of malware. Malware is malicious software intentionally designed to harm or exploit a computer network or device. Most malware is executed through the method of sending fake content to a user and the user opening the malicious software triggering the exploit to function. These different forms of malware are important to understand and how they can function in a targeted attack.
A keylogger is a malicious program that secretly monitors and logs keystrokes. Attackers use keyloggers to steal passwords and other sensitive information that the user types in when using any infected device.
Random-access memory (RAM) is the computer system’s short-term data storage, storing information that your computer is actively using for quick access. RAM scrapers work by stealing sensitive information straight from the RAM. Attackers often use this malware on point-of-sale devices to steal debit and credit card information.
Remote Access Trojans
Remote Access Trojans or RAT allows attackers to access and control a computer without the user’s knowledge. They are a common exploit that is sent and downloaded through email attachments or visiting compromised websites. Remote access trojans are incredibly challenging to detect, with attackers being cautious to not give themselves away.
Chances are you aware of ransomware – it is the most infamous type of malware that has surged and been throughout the news for 2020. Ransomware locks and encrypts business files, user profiles and other stored content on devices across the network. The attacker has written commands in the form of demands that the company pay a ransom to restore access to their data. Ransomware has evolved, with attackers typically accessing the network first, locking down all devices and wiping backups before the attack to ensure maximum impact.
Banking trojans use a variety of techniques to steal credentials, money and private information. They typically work by compromising the operating system and creating a backdoor, allowing the attacker to steal data and collect your keystrokes to gain details which will provide them access to bank accounts or conduct identity theft. There is an increasing use of web-form-injection and cross site scripting (XSS) where the malware adds extra fields to forms in the web browser. Some disguise and display a list of security questions which you can set and provide your answer, this provides them with additional data to compromise access to your accounts.
Our goal at Extension Technology is not to provide you with a security service that is set and forget but to create a cyber-security strategy that will ensure your business will stop any potential threats received through any tech medium.
See our Security Page for how we implement our cyber security strategies or visit our Plans page to review our packaged security solutions.