Our relationship at work has changed. First, the “workplace” is no longer limited to the office, which means that employees use the Internet to do their work instead of relying on the corporate network. While this is a game-changer for productivity, this reliance on the internet also opens you up to a number of internet-based threats.
Internet-based threats such as phishing are some of the most common methods used by attackers to compromise your organization’s security, and relying on the Internet gives them more attack vectors and opportunities to compromise your enterprise.
While embracing the productivity gains that come with using the Internet as your default corporate network, you must be vigilant against these Internet-based threats.
Common internet-based threats you should be aware of
Because everything is so interconnected these days, Internet-based threats don’t live in isolation either. As you will see below, they are closely related to each other, as is the broader spectrum of risks from the Internet.
Social engineering
Social engineering is a classic approach to phishing where the attacker has a personal approach. They use details about you or your position to make them look like a real person to trick you into giving up important information. This primarily occurred in the context of business email compromises (BECs), but has since evolved to include modern devices such as smartphones and tablets.
Bullies usually do some sort of research on their intended victims and create a false story to gain their trust. The downside of social engineering attacks is that attackers can intercept interactions without arousing suspicion and victims have no idea that their security has been compromised.
When the Pegasus spyware was first discovered, a journalist was sent a link from an anonymous “source” who said he had tips about a specific story the journalist was working on. Another common social engineering scheme often emerges during tax season, when attackers pose as accountants or IRS employees and trick people into sharing financial information.
Impersonation and DNS spoofing
Impersonation and DNS spoofing are like a classy version of social engineering, and even savvy users can fall for these tricks. Attackers using these tactics create realistic-looking websites that users then enter their real login information. Once attackers have these credentials, they can access sensitive information and the site can even install malware.
One version of this is impersonation, where attackers create a fake URL that is very close to the original site’s URL. The subtle difference in the URL is easy to miss unless users have a very keen eye, and even harder on a mobile device.
In DNS spoofing, attackers modify DNS records to redirect traffic to a fake, impersonated website. Because the user is trying to go to a real URL, there is often no reason to suspect that their destination is not legitimate.
Account discount
If users fall victim to phishing methods, one of the main consequences can be account deactivation. This is when attackers gain access to online accounts with the intention of stealing sensitive information.
This happens in a number of different ways. Maybe your data was previously leaked as part of a data breach, or your password was simply weak. Or it could happen because you fell for a phishing scam.
Even if a single employee is the victim of an account compromise, it can have a far-reaching impact on your organization. Earlier this year, cloud communications company Twilio disclosed that attackers breached the system using employee credentials obtained through a phishing attack. Following this breach, attackers were able to target users of Signal, an encrypted messaging app that is a Twilio client.
Malware
Another dangerous threat that lurks when users are browsing the web is malware. Malware is often delivered through phishing tactics, and once a device is infected, it can steal sensitive data, track users, and even infect other devices. Ransomware, a type of malware that encrypts files that can be decrypted if you pay the attackers a ransom, is also on the rise.
The rise of malware as a service has made it even easier for attackers to deliver malware. These kits are inexpensive to purchase and easy to install. This is an ever-evolving threat, as attackers often reuse parts of old malware to create new malware.
How to stay vigilant against Internet-based threats
There are many ways to use the Internet because your corporate network can leave you vulnerable, but it is possible to stay safe.
Look for a DNS layer security solution that continuously monitors the web for potentially malicious sites and blocks users before they encounter malicious content. Inbound and outbound traffic inspection is also very important, as it allows you to see when malware is being downloaded and prevent data leakage to the public internet.
In the past, you may have turned to a local secure web gateway (SWG) to solve these problems, but with employees working from anywhere, this is no longer the best solution. Instead of crunching traffic with an on-premises tool, look for a cloud-enabled solution as part of a broader security service edge (SSE) platform to help optimize performance and security wherever your users are. One that has a unified policy on data leakage, unauthorized web applications, and acceptable use.
Cloud-native Lookout SWG offers advanced data protection capabilities that prevent unauthorized data extraction, compare traffic to comprehensive threat lists to identify potential threats, and integrate with zero-day malware detection. In addition to all this, it allows your employees to do their best work from anywhere
*** This is a Security Bloggers Network syndicated blog from Lookout Blogs, authored by Lookout Blogs. Read the original post here: https://resources2.lookout.com/blog/internet-based-threats