According to the National Institute of Standards and Technology, in 2017 60% of all targeted attacks struck small and medium sized organizations. Because they often have less resources and less advanced technologies, small and mid-size businesses have outsized risks for cybersecurity events.

Many people might believe that higher technology spending is the only answer to preventing cybersecurity breaches. However, the most important and cost effective tool available is actually user training and awareness. By educating users on the ways attacks happen, you up vigilance and awareness, imperative to preventing breaches.

Here are the 8 types of attack that most often affect small to mid-size businesses:

Passive attack
A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. They result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.

Active attack
In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojans. Active attacks include attempts to break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files or modification of data.

Close-in Attack
A close-in attack involves someone attempting to get physically close to network components, data, and systems to learn more about a network. These attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for modifying, gathering, or denying access to information. Close physical proximity is achieved through secret entry into the network, open access, or both. One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises the network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be used by the individual to reveal information about the security of the company. The information that the victim reveals to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.

Phishing Attack
In a phishing attack, the hacker creates a fake website that looks exactly like a popular site such as the US Bank or PayPal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.

Password attack
An attacker tries to crack the passwords stored in a network account database or a password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters.

Hijack attack
In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker by accident.

Exploit attack
In this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability.

Buffer overflow
A buffer overflow attack is when the attacker sends more data to an application that is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a command prompt or shell.

At Upward, our Cybersecurity division can evaluate the risks in your environment and implement necessary controls to protect and improve your business. If you are concerned about these types of hazards in your company, please contact Upward to learn more about our Cybersecurity division.