3 types of cyber-attacks and how your business can be prepared for them

An attack vector is the way or the method a cybercriminal penetrates a network or computer system. For a business, an attack vector is mostly used to steal data and money from an organisation by exploiting system vulnerabilities, but there have also been attacks where destruction of data is the goal.

There are many types of attack vectors cybercriminals use to take advantage of system weaknesses to cause a data breach or steal login credentials including malicious email attachments and weblinks, using malware and viruses, or using social engineering.

Some of the most common attack vectors are listed below.

1.      COMPROMISED OR WEAK CREDENTIALS

Compromised credentials typically happen through a data breach or a phishing attempt. This is particularly dangerous when a person uses the same credentials across multiple sites, as the cybercriminal can then use the information to access other accounts a person holds, including business systems.

Weak passwords or the reuse of passwords being sent across your network creates an exposure gateway for initial access. Once a cybercriminal is connected to your network, they can then increase their access level using other types of attack vectors within the system.

To avoid the risk of compromised or weak credentials, businesses should implement policies to enforce the use of complex passwords; not allow employees to use the same password across multiple systems; and not to share passwords. Businesses should deploy multifactor authentication on every system that supports it.

2.      PHISHING

Phishing is a type of social engineering where cybercriminals mask themselves as a legitimate company. They will email, text, or call a person to trick them into performing an action such as clicking a link to a site prompting them to enter their username and password, or open an attachment that will deploy malware on to a system or network.

Businesses can protect themselves from phishing attacks by raising employee awareness in identifying phishing attempts; implement spam filters and secure email gateways to identify suspicious email and block them; implement web content filtering and antivirus software that inspects web traffic for fraudulent sites, malicious downloads and block them; and enable multifactor authentication to prevent a cybercriminal with an employee’s login credentials from gaining access to your network.

3.      MALWARE AND RANSOMEWARE

Malware (‘malicious software’) is software that cybercriminals use to harm your computer system or network without you knowing. It is used to steal confidential information, hold your computer or network to ransom, or install other programs. Malware is often installed via phishing when a user opens an attachment or clicks a link to a website that downloads and installs the malware without the person being aware.

Ransomware is on the rise and is a particularly destructive form of malware. It is used to lock or encrypt files or devices until you pay a ransom. Difficult to trace digital currencies such as Bitcoin are often used for the ransom making tracing the cybercriminals difficult.

Protective measures against malware and ransomware for your business include implementing system access controls for employees and restricting administrator privileges; install anti-virus software and turn on ransomware protection where available; keep operating systems and software up to date; restrict the downloading of files from the internet; and block suspicious attachments in email.

A cyber-attack can have a devastating impact on business whether they be small or large. If you would like to understand any vulnerabilities your business has, please contact us for an obligation-free cyber security IT assessment.

Meet our Team

Black and white photo of Ian Ward

Ian Ward

CyberPro Founder & CEO

With 40+ years of experience in IT, there isn’t much Ian can’t advise you on. Since the advent of the internet, he’s been keeping businesses like yours ahead of the technology curve and cybercriminals. His #1 passion is and has always been providing outstanding customer service.

Trevor O’Shea

Senior Network Engineer | 8 Years

Adding another 40+ years’ IT experience to our team, Trevor has designed and worked in large Enterprise networks. He’s our Server and Infrastructure guy, helping us build robust cyber secure servers and networks. He’s responsible for designing and maintaining servers, networks, firewalls, and security devices.  Trevor has been with CyberPro 8 Years

Karena Powis

Accounts & Administration | 11 Years

Karena has an accounting degree and 10 years experience working with CyberPro. The team relies on her for the smooth running of all aspects of administration and accounts. Karena is a whizz in internal accounting systems and the person you’ll chat to about your account.  Karena has been with CyberPro 11 Years.

Matt Jones

Senior Engineer | 6 Years

Matt brings 15+ years of IT experience in Internet service providers, web hosting, and data warehousing. He’s our go-to for web security and Microsoft Office 365 advanced management. Beyond his expertise in web and email cyber security, he also assists clients with cyber security accreditation.  Matt has been with CyberPro 6 Years

Jenny Sinkinson

Co-ordinator & Administration | 6 Years

After 3 years with CyberPro, there’s not much Jenny doesn’t do. Her responsibilities cover coordinating the help desk, client liaison, logistics, ordering, license renewals, quotations, contract administration. Jenny is our ISO9001 quality champion, and been with CyberPro for 6 Years

Michael Visser

Senior Engineer | 6 Years

With over 30 years of experience in IT, including huge rollouts of technology in the armed forces and large Enterprises, Michael’s our automation and templated system builds whizz. He supports the remote management systems that let us upgrade hundreds of systems at the press of a button.  Michael has been with CyberPro for 6 Years.

Our Trusted Partners

Contact Us

A senior team member will reply within 1 business day.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Call Us 1300 292 377

  • Office Hours: 8am - 5pm (AEST) Monday - Friday

Visit Us

  • 6/265-271 Pennant Hills Road
    Thornleigh NSW 2120
  • View Map