Safer Internet Day: cyber attacks on the rise during the Covid 19 emergency. Assoprovider explains how a cyber attack works and how to act to protect your data.
Safer Internet Day it is the International Day for Internet Risk Awareness, established by theEuropean Union. Assoprovider participates in this day with this article on our blog that addresses three topics: how a cyber attack works, which mistakes to avoid to prevent being a victim of malware which have increased exponentially during the Covid 19 emergency. And finally, how to create a good backup, a security tool that limits damage in the event of a cyber attack on your personal PC, as well as on your company's.
This article is written in collaboration with Antonio Aprea, board member of Assoprovider and CEO of Nowtech, a company specialized in data protection.
4 phases of a cyber attack
But how does a hacker operate, what are their moves to access and steal your data? Generally, there are four phases of a cyber attack.
The first is target identification. Here the hacker identifies the target and uses some techniques like the social engineering, gathers information about the target and security. It then follows the stages of theintrusionphase in which the hacker uses the information they have gathered to take control of the device remotely. One of the most commonly used techniques in this phase is phishing which occurs through sending emails.
There are then two additional phases: the network studya map of your network to understand the vulnerability of the systems and identify access points. His criminal activity then concludes with access and control of your IT systems. To maintain access, the hacker in this final phase installs trojan backdoors and rootkits.
Defending Against Cyber Attacks: More Training and Awareness
According to a Clusit report, Italian Association for Information Security, 119 out of approximately 850 serious cyberattacks analyzed on a global scale are related to the topic Covid -19. The most frequent attacks were related to phishing campaigns (61%).
Therefore, having more awareness of how to manage your incoming emails can help you solve many problems. Nowtech recommends paying particular attention to:
- Email attachments with compressed files of the type ZIP, RAR, TAR, GZ. Avoid downloading them and especially never click on them;
- Email link which seem harmless, but actually hide great pitfalls;
- Suspicious documents attached with extensions such as DOC, DOCM, XLS, or XSLM.
Backup, a lifeline
Backup is the process used to store company data or your private files in different copies to recover them later, especially following the damage that a hacker can cause. However, there are still few companies that do it, 15% according to a survey reported by Corriere Comunicazione. For organize a good backup plan you need to have a storage space (hard disk, NAS on site or offline cloud space), choose an agent to schedule backup processes (i.e., a software that manages your backup processes), select the type of backup you want to perform, and protect the copies you have obtained with a password.
In simple terms, there are three types of backup:
Incremental: here a copy of a folder with the files is created, while in subsequent executions the backup occurs only for the changes made in the following days;
Complete: here the backup copies all files, overwriting the existing ones, utilizing more disk space and bandwidth;
Differential: similar to the incremental, with the difference that the backup always contains all new or modified data compared to the full backup. While in the incremental, the backup includes only the data from the previous backup.
Nowtech, in conclusion, reveals the mistakes to avoid during a backup: do not perform the backup during working hours and protect the storage space from possible voltage fluctuations or power interruptions with the support of uninterruptible power supplies.
Read also: 30 things to do to reduce risks on the web
