• Partners
  • Contact Us
  • Client Support
Coretelligent
  • About
    • Why Choose Coretelligent As Your Managed Service Provider?
    • Core Values
    • Leadership
    • Testimonials
    • Careers
  • Digital Transformation
    • DTS Overview
    • Data Analytics, Data Management, and Business Intelligence Insights
    • Compliant Infrastructure for Life Sciences
    • Workflow Automation
  • Managed IT Services
    • Overview
    • Security & Compliance
    • IT Compliance for Financial Services
    • Comprehensive IT Support
    • IT Planning & Strategy
    • Unified Cloud Management
    • Backup & Disaster Recovery
    • Co-Managed Services
  • Industries
    • Overview
    • Financial Services
    • Life Sciences
    • Professional Services
  • IT Resources
    • Resource Library
    • Blog
    • On-Demand Webinars and Videos
    • Press Releases
    • Media Coverage
  • Contact
  • Search
  • Menu

Insights Articles

Our Information Technology Views and Articles

Most Common Types of Cyber Attacks & How to Prevent Them

Insights
March 27, 2019

It seems you can barely turn on the news or read headlines from your favorite news site without seeing yet another major corporation falling prey to cyber attacks. Whether they are caused by phishing, data infiltration or even brute force, the barrage of assaults seems never-ending. However, for every organization that is victimized, hundreds if not thousands of others are able to protect themselves and their sensitive data from penetration. Here are tips to prevent some of the most common types of cyber attacks by proactively managing your risk profile.

Spear Phishing and Whaling Attacks

As organizations become more global and attacks become more sophisticated, what used to be relatively simple to spot has now become a nightmare even for savvy internet users. As recently as the last five years, phishing attacks began morphing from poorly-spelled email pleas to send money to a prince overseas to become highly detailed and realistic-looking asks that appear to be from executives within your organization. Email address masking and other tools that are often utilized by marketers to create a more pleasing customer experience are being leveraged in nefarious ways by individuals who are attempting to defraud your organization. Information gathered from social media and public profiles are leveraged to define a picture of a specific executive or group, and then that information is used in “whaling” attacks — so named because they are truly going after the big fish in the sea.

How to prevent spear phishing and whaling attacks:

  • Encourage staff members to make their social media profiles private, and be wary of accepting friend requests from individuals they do not know
  • Create an educational series to show how these attacks differ from valid communication
  • Use up-to-date email filters, anti-phishing tools and utilize active protection at the system network level
  • Teach caution as employees click on links embedded in emails

Cross-Site Scripting

Cross-site scripting (XSS) attacks are some of the wiliest because a user is unlikely to realize that they have even been hacked. Instead of going after the host website, these snippets of code are built to run when the page loads via a comment or other auto-loading section of the site. The dangerous snippet then attacks the user’s login and password information and other personal details, exfiltrating them for later use.

How to prevent cross-site scripting:

  • Limit the amount of user-provided data on your websites and web apps to only what is absolutely necessary
  • Regularly scan your website using a vulnerability scanning tool to look for XSS

Poor Compliance Behavior

Perhaps one of the easiest ways to maintain cybersecurity within your organization is through continual compliance monitoring and behavioral review. Users tend to reuse the same password on multiple platforms, increasing the chance that there could be a major security breach within your organization. Passwords are often simplistic or easily guessed, especially when cyber attackers leverage social engineering to enhance their knowledge of their prey. According to the Harvard Business Review, vulnerabilities were caused by insiders in more than 60% of the attacks in 2016. This is especially true for industries such as healthcare, financial services, and manufacturing where there are large quantities of valuable intellectual property, personal information and financial assets available for the taking.

How to prevent poor compliance behavior:

  • Regularly audit access to key systems, ensuring that access is restricted to individuals who actively need it
  • Review compliance guidelines with supervisors and staff on a regular basis
  • Require strict password guidelines on a rigorous reset schedule
  • Implement log management and active system monitoring to detect intrusions as they’re happening

While no systems are infallible, there are ways to protect your organization from the dangers that are associated with doing business today. Protect your business and your staff with the dedicated support structure of CoreArmor from Coretelligent. Our behavioral monitoring, asset discovery and reporting provide 360 degrees of protection with our Defense-in-Depth (DiD) strategy. Contact us today at 855-841-5888 for the office nearest you, or fill out our online contact form for assistance.

by Jen Wallace
Cybersecurity Challenges Lurk Around Every Corner for Life Sciences Companies »

Latest Insights / Articles

January 9, 2023

What is SOX Compliance & What are the Requirements? (2023 Update)

January 8, 2023

Financial Services Compliance: What to Know in 2023

January 6, 2023

What Is Cyber Insurance Compliance? What You Need to Know

January 4, 2023

What is Cyber Hygiene & Why is it Important? (Best Practices)

Read our Latest Resources
Digital Transformation Case Study

Leveraging Digital Transformation: A Multiphase Case Study

Download Now
Compliant Infrastructure Case Study

Therapeutics Company Benefits from Compliant Infrastructure

Download Now
On-Demand Webinar: Solving Compliance & Cybersecurity for Financial Firms

On-Demand Webinar: Solving Compliance & Cybersecurity for Financial Firms

Download Now

About

  • Why Choose Coretelligent As Your Managed Service Provider?
  • Core Values
  • Leadership
  • Testimonials
  • Partners
  • Careers

Solutions

  • Overview
  • IT Planning & Strategy
  • Comprehensive IT Support
  • Security & Compliance
  • Unified Cloud Management
  • Backup & Disaster Recovery
  • Co-Managed Services
  • Digital Transformation Services

Industries

  • Overview
  • Financial Services
  • Life Sciences
  • Professional Services

Contact

Sales & Support: 1-855-841-5888

Email: info@coretelligent.com

Support Service Center

Let’s Talk

Schedule a no-obligation consultation.

Contact Us Today

Locations

Atlanta

Boston

Chicago

Dallas

Houston

Los Angeles

Maryland

New York

Philadelphia

Portland

San Francisco

Stamford

Tampa

Washington, D.C.

West Palm Beach

Virginia

Follow Us

  • Facebook
  • Twitter
  • LinkedIn

© 2022 Coretelligent. All rights reserved.

Privacy Policy

CCPA Privacy Notice

Scroll to top