Protect yourself and your business against a successful cybercriminal attack by predicting the way they may think. Take steps to safeguard against invasion and bear in mind there are certain factors that enable cybercriminals and allow them access into even protected networks. If your business has one or more of these weaknesses, then it may be vulnerable to cybercrime attacks.
Common characteristics of cybercriminals
Some common goals of cybercriminals involve:
- Financial gain or greed
- The desire to manipulate or harm others
- Having the goal to control others’ actions
In many ways, the war against cybercrime is a fight for privacy: many cybercriminals are after private or confidential information. They may seek to know or control this private information for blackmail reasons, to impersonate the true owner, to undermine a business, or manipulate a political outcome. Because of this, one of the best ways to examine your own networks’ cybersecurity is to ask how private your information is kept.
How can a cybercriminal gain access to my network?
A cybercriminal needs a few elements for their plans to be successful. Some elements that aid cybercriminals, and that you can easily adjust in your own network security plans, involve:
Weak or reused passwords
According to Science Daily, most internet users greatly underestimate the risk of password guessing. While it may seem impossible or unlikely a stranger could guess your nearly arbitrary password, in actuality security experts warn that many passwords are at risk for targeted online guessing.
One of the ways that targeted online guessing works is when personal information of yours is widely available online. For instance, a cybercriminal often does not simply guess random strings of numbers and letters. Instead, they may be able to apply their knowledge of private information about you in order to determine what likely password combinations may be. Some examples of private information that have become more widely available due to social media include mother’s maiden name, birthdays, childhood friends, or other details commonly incorporated into passwords.
Another example of targeted guessing is when passwords are reused. Once a password has been used more than once, especially for more vulnerable websites or to protect valuable financial information, a cybercriminal may be able to exploit the similarity in order to gain access to other protected fields.
Researchers from the Universities of Lancaster and Peking were able to build models that successfully guessed the passwords of accounts for “normal” internet users approximately 73% of the time, with a limitation of 100 guesses per account. This experiment reveals that the threat of password guessing, especially when done by malware or bots, is a very real risk to most average people online.
In order to protect yourself, always vary passwords between sites. In addition, network security that uses implicit user identification signals, such as requiring authentication of a user’s IP address, geolocation, or device fingerprint, is another method of circumventing a cybercriminal’s line of attack.
Out of date software
Updating operating systems or security software may seem like a needless hassle on a day to day basis, but one of the best ways for cybercriminals to be successful is to target weak systems. One of the top recommendations from the Department of Homeland Security is simply to update your existing software regularly.
Keeping networks up to date is equally important for businesses as it is for individuals. An important example of an avoidable data breach due to out of date software was the 2017 Equifax exposure. Credit giant Equifax failed to update their security system when a new version was released in March of 2017, leading to a hack in May of the same year. During the lag time of these few months, 143 million Americans’ credit information was leaked to cybercriminals. Security experts deem this to be an infamous example of an “easy” hack, one that could have been avoided by a simple systems update.
Unencrypted networks
Using public WiFi or any other less secure internet connection is a surefire way to allow cybercriminals the best chance for success. Weak networks allow cybercriminals unparalleled access to unencrypted data. Remote workers are especially liable to expose businesses to internet security risks due to using less secure networks. Recent polls show that two thirds of people who use public WiFi leave their devices set to automatically connect to local networks when they come within range. This means that employees may be allowing devices to be drawn into fake hotspots or other illegitimate connections.
Even if your business uses a VPN to encrypt data, an employee leaving a device set to WiFi enabled in transit can be a risk to your network security. WiFi enabled devices may share SSIDs, or network names, that they use to connect to trusted networks. Exposing this valuable information while on the go can allow hackers to build profiles of otherwise secure systems, giving them the information they need to create imposter connections.
Take steps to protect yourself and your business against cybercriminals
Don’t make cybercriminals’ jobs easier for them. Taking the necessary steps to predict and prevent the common sources of threat can help keep you and your business safe from cybercrime. Strengthen your network security, protect your business’s worth, and keep your information private and proprietary with the tools available from NetworkTigers.
Sources
- Who Are Cyber Criminals? | Norwich University Online
- Online password guessing threat underestimated — ScienceDaily
- (PDF) Multi Sensor-based Implicit User Identification
- How to Recognize and Prevent Cybercrime
- The Equifax Breach Was Entirely Preventable | WIRED
- Millions ‘gambling with personal data’ by accessing fake wifi hotspots, poll suggests | The Independent
Protecting Remote Workers Against the Perils of Public WI-FI – CPO Magazine
