In The Explosive Increase in Ransomware Attacks Chalkline said Ransomware was by no means new, but with a national lockdown keeping workers away from their usual office environment, Cyber Criminals saw a new wave of unprotected and unaware victims to prey upon, all connecting from the comparatively less secure home and public Wi-Fi.
Passwords are easy to crack, Kaspersky defines the different types of brute force attacks:
- Simple brute force attacks, trying to manually guess your employees’ passwords.
- Dictionary attacks trying to match possible passwords to your employees’ accounts.
- Hybrid brute force attacks, simultaneous simple brute force and dictionary attacks, by combining words and random characters trying to crack your employees’ passwords.
- Reverse brute force attacks, Cyber Criminals beginning with known passwords from data breaches, attempting to match them to your employees’ usernames.
- Credential stuffing, Cyber Criminals having already discovered your employees’ username and password combinations, trying to use them on multiple websites.
- Cyber Criminals using brute force hacking software, creating millions of passwords, trying to break into your employees’ accounts.
If any of these brute force attacks succeed, your network will become compromised. How do you help prevent these attacks from taking place?
A great place to start is multi-factor authentication (MFA).
In Remote working: The importance of cybersecurity Chalkline said multi-factor authentication requires remote users to verify their identity more than once when they attempt to login to a system using their mobile device, like entering their password and either approving a push notification sent to a mobile device or entering a PIN sent via SMS.
In What is data security? What your finance firm needs to know Chalkline said investing in encryption solutions from strong passwords to multi-factor authentication helps stop Cyber Criminals from cracking into your systems.
Phonexia defines MFA techniques as:
- Something you know (knowledge): PINs, passwords and answers to security questions.
- Something you have: one-time passwords (OTPs), tokens, trusted devices, smart cards, badges.
- Something you are (possession): biometric verification using voiceprints, fingerprints, handwriting or iris patterns.
In 3 cyber threats to watch out for in the finance industry Chalkline said deploying multi-factor authentication or biometric authentication across your employees’ accounts will deter Cyber Criminals, with user permissions allowing you to restrict access to sensitive information.
Cyber Criminals will try to guess your employees’ passwords. They may even succeed and try to log in. However, when asked for your employees’ passcodes, since they do not have access to their mobiles, they cannot move forward. Your employees’ accounts are completely safe and secure.
Call Chalkline today on 020 3819 3300 or review our IT Security Packages for SMBs page and book a meeting with us, we can help with all elements of cyber hygiene and answer any questions you might have.