The BBC recently completed a research experiment to discover the true risk to online servers of the type used by many UK businesses. They found that cyber criminals commenced an attack just one hour after they were switched on. Is it time you boosted your IT security?
Is your business at risk from cyber criminals?
The servers were set up in an experiment by a security company, designed to ascertain the scale of cyber-attacks on UK business every single day. After about 71 minutes online, the servers were visited by automated tools that scanned them for weaknesses. As soon as the machines had been discovered by the bots, a constant assault took place on them.
Honeypots show weakness in cyber-security
The “honeypot” servers, designed to attract hackers, were only accessible for about 170 hours, according to Cybereason, the company who performed the test. The servers were set up with real IP addresses, and they were configured to resemble a legitimate server. For example one accepted requests for webpages, files and networking connections.
Hackers using advanced automated tools
Online attack bots are set up t constantly look for known weaknesses in widely used applications. A whole range of attack bots probed the servers and most of the vulnerabilities they were looking for have been known for months – but still remain unpatched on many servers.
Of the attack bots:
- 17% were “scrapers” that sucked up web content
- 37% looked for known vulnerabilities or tried default admin passwords
- 10% were looking for loopholes in web applications on the servers
- 29% used “brute force attacks” to try to access user accounts with common passwords
- 7% looked for vulnerabilities in the servers’ operating systems
The Risk From Phishing
The researchers also performed research to discover how phishing gangs target new employees at businesses. They added false email addresses under their control to a hundred legitimate email marketing lists. Within 21 hours, phishing gangs had started to send booby-trapped messages to the fake employees.
15% of the emails they received included links to compromised webpages that would launch an attack if they were visited. The rest had malicious file attachments including Microsoft Office documents, PDFs and executable files – all containing malware.
Stay Safe from Cyber Crime
These tests show that however small your business, it is still at risk from cybercrime. The techniques that the bots used are a good guide to what your organisation should be doing to avoid becoming a victim of cybercrime. You should “target-harden” your servers by updating software, controlling admin access, and enforce a policy for strong passwords. All of this can be done by a Hull IT Support Company like Digitalquill.
Digitalquill – Experts in IT Security
If you are not sure how to upgrade your software or hardware, or your computer needs replacement, call our Hull business IT Support Team today to find out more about our affordable Hull IT Support solutions. If you need help formulating an IT security policy, or would like a team of experts to give your systems a once-over then call us today on 01482 424402.