15 ways hackers can enter and attack your business
Don’t assume all cyberattacks are the same. The truth is that there are a number of ways hackers can infiltrate a company. The vulnerabilities increase with the amount of entry points a business has, including the hardware, software, operating system and even phone equipment. Read on to learn 15 ways hackers can gain entry opportunities to steal company data or disrupt operations.
1. Denial of service
A hacker overwhelms the site with traffic, preventing real work from being accomplished.
2. Network devices
A hacker gains access to the router, switch or firewalls and can take control of the device, manipulate the configuration, allow unwanted traffic, or shut it off completely.
IT equipment exposures
- gaining access to the server and changing the password or configuration.
- changing the server’s internal settings, rendering the server useless or causing damage.
- gaining access to the storage device and changing the password or configuration. This can also impact stored data.
- changing the internal setting, encrypting and holding it ransom.
- changing the operational characteristics and possibly rendering the device useless or causing damage.
5. Printers and copiers
Though not normally the focus, printers/copiers can be hacked remotely if they’re connected to the internet and not protected.
6. Specialized equipment
In any given company, there is specialized equipment unique to the industry, segment or process. It’s not normally a target unless valuable or supports a very visible business process.
Operating environment exposures
7. Operating system
The Operating System (OS) supports the control of the servers. Operating systems, especially those supporting the low-end server market, have historically been targets for hackers because of their install base, access to the internet, and relatively relaxed security.
Once the hacker gains access to the OS, the objective is to:
- alter it, the subsystems, or the applications
- to perform unauthorized activities
- to change the operating environment configuration
Multiple subsystems operate under the operating system and are often referred to as shared services, including security, monitoring, measurement, performance, file management, and databases.
If a hacker gains access to the OS, they usually:
- try to alter or disable subsystems
- hold the company ransom by encrypting a given subsystem and/or the associated data
Applications perform business functions for human resources, payroll, customer relationship management, etc.
Stealing files that contain financial, personal or proprietary information are the most common type of data breaches.
Hackers have destroyed data by deleting entire files or databases.
While less common, hackers have been known to alter financial and personal records, and use them to their advantage. The most common alteration is encrypting a file or database and demanding a ransom.
Phone system exposures
PBX systems are usually installed on company premises, and maintained by a group separate from IT.
- Operational risk: the hacker gains access to the PBX and alters the configuration or copies/alters/destroys the directory data.
- Physical risk: the hacker gains access to the PBX and alters the operating characteristics, causing it to crash or physical damage.
VOIP (Voice over internet protocol) systems are often newer and more closely follow IT standards and procedures. This is not a large target for hackers unless the company is a VOIP service provider.
15. Process control systems
These can take the form of Supervisory Control and Data Acquisition (SCADA), Programmable Logic Controllers (PLC), and Distributed Control Systems (DCS). Their major function is to control both the support of the facility and manufacturing process, including electrical power, boilers, HVAC, ovens, motors, generators, refrigeration, etc.
A hacker can take control of the entire system then hold it for ransom or alter the controls to cause damage.
A global attack could result if a given vendor’s Process Control System is infected with a virus and modifies the operating specifications of a very common piece of equipment. Once triggered, this would impact multiple companies, similar to ransomware. A major concern is that dormant viruses have already been discovered in several vendor’s Process Control Systems.
What should you do?
Companies need to update their disaster preparedness documents and incorporate the potential attacks listed above. This should include all the steps necessary to address the cyberattack, as well as the processes and procedures to prevent it from happening again.
To learn more about HSB’s Cyber solutions check them out below.
Or speak to your HSB representative.