How to Recognize and Prevent Top Cyber Security Threats

October 25, 2016

by UNH IT Staff

As the world becomes more reliant on technology and the internet with each passing day, the risks associated with online activities grow in volume and complexity. Although the losses from cyber threats and attacks are mostly measured in dollars or the theft of an individual’s identity, cybercriminals are also motivated by politics, social causes, and warfare. Most of these attacks are launched by spreading malware  (software that is intended to damage or disable computers and computer systems) through fake emails and clicking on links leading to nefarious websites, but the landscape is ever-changing. Staying ahead of these threats is tantamount to keeping important information safe, both your own and the University.

While there are many tools available to prevent and remove malicious software, awareness and education remain the biggest measures of prevention. No single piece of software will keep you safe. Here at the University of New Hampshire, National Cyber Security Awareness Month is honored by hosting educational events for the campus community, which draw attention to these issues and start much-needed dialogs. This month, UNH Information Security Services and the CIO’s office hosted three sessions, two aimed at protecting files both in the cloud and on computers by use of encryption, and a third which featured members of the Federal Bureau of Investigations Cyber Crime Division and the NH State Police, who discussed cyber threats and prevention.

In all cases below, if you suspect or know you have been attacked, contact the FBI’s Internet Crime Complaint Center immediately at https://ic3.gov. “Time is of the essence, as evidence is fleeting,” Supervisory Special Agent (SSA) Timothy Russell from the FBI said. “It’s important that you report any suspicious activity immediately.”

What are the Biggest Threats Facing University Employees? And how can they be prevented?

Phishing

By now, we’re all aware of email phishing, whether it’s a Nigerian Prince promising to send us money in exchange for his liberation, or an offer on a discounted product, with a link leading to an infection source, such as a website. Phishing is essentially a practice designed to deceive users into believing the source to be a legitimate entity, often succeeding with its solicitation for users to provide confidential information such as passwords, bank account, and credit card numbers, etc. While cyber threats are growing in complexity, this complexity comes with a cost to the criminals on the other end. Phishing, on the other hand, remains the simplest and cheapest form of financial and identity theft. “Phishing is low tech but highly effective,” according to

FBI SSA Russell.  “Initial computer intrusions are still facilitated using well-crafted emails.”

How can it be prevented?

  • Learn to identify phishing attempts. They’ll often contain images, contact phone numbers, and other information from legitimate companies in hopes you’ll get duped.
  • Don’t click on unfamiliar links contained in emails. If you mouse over the link, the web address will be revealed. If the website doesn’t look legitimate or is unfamiliar, do not click on it.
  • Never provide financial information or personal information via email. All trusted companies will never ask for this information via email.

Spear Phishing
Spear-phishing is a form of phishing but is even more insidious. It’s an email seemingly sent from a trusted, familiar individual or business, such as a friend, colleague, or a company with whom you conduct business with regularly. But these emails are from criminals trying to steal your credit card or bank account numbers and/or personal information. Spear-phishing attacks result in the loss of billions annually from both individuals and businesses. According to the FBI, 91% of all targeted attacks are spear-phishing emails.

How can it be prevented?

The same rules as phishing prevention apply to spear-phishing. Be hyper-vigilant when it comes to your email. Learn how to recognize a scam when you see it. Do not trust emails that ask for personal information via email, especially passwords, financial information, or personally-identifiable information.  

Ransomware

Ransomware is a type of malicious software aimed to block access to computer files until a sum of money is paid. Essentially, criminals on the other end will encrypt all of your files and will not release them until you pay the ransom. The Washington Times reported that losses from Ransomware in the United States alone exceed $1.6B in 2015. The main source of infection are links and attachments in email.

Along with the preventative measures listed below, the FBI recommends that, if you are attacked that you do not pay the ransom.  “Victims who pay are 3x more likely to be victimized again,” FBI SSA Russell said. Instead, ensure that you have offline access to critical data to prevent losing it entirely.

How can it be prevented?

According to FBI SSA Russell, there is no one way to prevent ransomware, but rather, it requires a tiered approach. The following information is from http://fbi.gov:

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • Patch operating systems, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need to read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail. Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).

Business e-mail compromise (BEC)

This scam involves “the compromise of legitimate business e-mail accounts—often belonging to either the chief executive officer or the chief financial officer—for the purpose of conducting unauthorized wire transfers.” (Source: https://fbi.gov) BECs start with criminals compromising of a legitimate company email account and leads to them subsequently sending wire transfer requests through the hacked account to banks associated with the business. According to the FBI, this scam results in losses of over $3B annually worldwide.

How can it be prevented?

FBI SSA Russell said the biggest way to prevent this scam from being successful is to, again, pick up the phone and call the person who is requesting the transfer. The following information on BEC prevention came from https://fbi.gov:

  • Verify changes in vendor payment location and confirm requests for transfer of funds.
  • Be wary of free, web-based e-mail accounts, which are more susceptible to being hacked.
  • Be careful when posting financial and personal information to social media and company websites.
  • Regarding wire transfer payments, be suspicious of requests for secrecy or pressure to take action quickly.
  • Consider financial security procedures that include a two-step verification process for wire transfer payments.
  • Create intrusion detection system rules that flag e-mails with extensions that are similar to company e-mail but not exactly the same. For example, .co instead of .com.
  • If possible, register all Internet domains that are slightly different than the actual company domain.
  • Know the habits of your customers, including the reason, detail, and amount of payments. Beware of any significant changes.

For more information on Cyber Security, go to http://unh.edu/it/information-security-services

Bookmark and Share

Archive