Online Training

Cyber Attacks against small and medium - sized businesses are on the rise !

An Article compiled By
The Technology Coach
Scott Kendall
Small Business Technology Specialist

www.thetechnologycoach.ca

"Brute force" attacks are increasing and it is one more thing small business needs to be aware of!

The number of cyber security attacks on small and mid-sized companies has risen dramatically in the past few months.

Brute force attacks are those in which an attacker uses several different ways to break into a company's private network, trying various methods until a break-in occurs.

Persistence is the key to a brute force attack as opposed to a particular security loophole or shortcoming, simple dogged persistence targeted at a specific company or individual, with enough time a hacker will eventually find a way in to an unguarded network.

There has been more than a 1,000 percent increase over the past three months in brute force security attacks on small businesses.

These attacks are considerably more dangerous than random email-borne viruses, the increase indicates that criminals are specifically taking advantage of lesser security measures used by most small and medium-sized businesses.

Prior to this, what we noticed out there being directed at mid-sized companies was the more broad-based sweeps or scans, which means that there were certain well-known vulnerabilities that were being targeted, but they were being broadly targeted, That means that the bad guys were broadly sweeping a bunch of companies ... for these general vulnerabilities and when they found those vulnerabilities they would find a way in.

Now, however, hackers are targeting their attacks at specific services and are employing the brute force password cracking technique to get through security measures and into the company data files.

So they'll keep pounding on a particular target, trying to get through, It's more targeted, more concerted, more persistent. Part of the reason we think we're seeing this is that companies have gotten better about adopting patches and other technologies that keep these vulnerabilities that used to be targeted ... relatively covered.

Brute force attacks are amazingly successful and simple, They do not require any particular exploit, but just a script to automatically guess the right password.

Over the last couple years, we see less of the classic brute force attacks where an attacker is guessing many passwords for a particular account.

Instead, attackers try a small set of passwords -- even if they use a 100 or so -- against a large number of user names. This bypasses some of the lock-out policies companies put in place to prevent these types of attacks.

So keep your password out of the 100 most easy to guess, include numbers and letters and don't use regular names or places.

Keeping on top of security patches, testing your own network for vulnerabilities often and changing your windows password regularly are all great steps towards ensuring your own Small Business Security.

For assistance in defining good security practices, testing your current security vulnerabilities and "patching the holes" where needed to ensure your own small business success please don't hesitate to contact The Technology Coach for a free security checklist and system vulnerability analysis.

info@thetechnologycoach.ca

Office: 905-366-8234

_________________________________________

Small Business Technology Service, Training, Coaching and Support
http://www.thetechnologycoach.ca
info@thetechnologycoach.ca
Office     905-366-8234
Mobile    416-802-4424 
Your "Virtual IT Department" On Call!