As a consultant, one the security biggest problems I see is perception: The threats companies think they face are often vastly different than the threats that pose the greatest risk. For example, they hire me to deploy state-of-the-art public key infrastructure (PKI) or an enterprise-wide intrusion detection system when really what they need is better patching.
The fact is most companies face the same threats — and should be doing their utmost to counteract those risks. Here are the five most common successful cyber attacks.
Cyber attack No. 1: Socially engineered malware
Socially engineered malware, lately often led by data-encrypting ransomware, provides the No. 1 method of attack (not a buffer overflow, misconfiguration or advanced exploit). An end-user is somehow tricked into running a Trojan horse program, often from a website they trust and visit often. The otherwise innocent website is temporarily compromised to deliver malware instead of the normal website coding.
Copyright 2017 NETWORKFIGHTS.COM