In all networks, whether it be a personal or organizations network, ensuring it is secure is one of the most important things you can do. Whether it entails the installation of anti-viral software, having separate storage methods such as a removable hard drive or completely separate hard drive, these can be preventative measures you can take with very little expense. With all of the ways that hackers have to get into systems, knowing how to mitigate or prevent these attacks is something that everyone that works with computers should have a basic knowledge of. I have included only two ways both people and systems can be vulnerable and some possible ways to prevent becoming a victim.
Email
Spam
Email spam and phishing can go hand in hand. One of the
most common ways threat actors can access a network or system is by using spam
email. To gain access, hackers will try to fool the email recipient into
thinking the email is legitimate. These emails can come in the form of a
notification, such as something is wrong with your bank account, your computer,
or even an email from a coworker or family member. Once the email is opened, it
can allow a hacker to install a virus or another type of malware into the
system, gain access to personal data or even steal money from the recipient. The
best way to prevent these types of attacks is to be aware of who the email is
from, do not open any attachments in an email unless you are familiar with the
sender, and only open emails from a verified source. Some ways to tell if an
email is spam are grammatical errors in the subject line or the sender’s
address, attachments that look unfamiliar and unsolicited emails.
Social
Engineering
Social engineering is another common
tactic hackers use to gain information about network topography. However, they
use human nature and deceit to do this. There are multiple ways that they can
gain information simply by just being in the right place at the right time. When
a hacker applies social engineering, they can attempt to convey a sense of
urgency to get information, such as claiming they are someone else, such as a
superior or another figure of authority, they are from another organization
familiar with the target organization, or some other entity. With more and more
organizations using remote devices to conduct business, it is even easier for
someone to obtain information by such acts as shoulder surfing which can reveal
passwords or other account information, social networking, or becoming friendly
with someone within the target organization, piggy backing to bypass security
measures and using websites and social media accounts to learn about employees
and companies. There are several ways to avoid being a victim of social
engineering, such as being aware of your surroundings when using your cell
phone in public, at ATMs, and using public Wi-Fi.
No comments:
Post a Comment