Maximize your protection, eliminate business risks.
Optimize and modernize with cloud transformation.
Empower your people to work securely from anywhere.
What it takes to convince leadership that migrating to the cloud is the right move.
Let us handle IT so you can focus on growing your business.
Get multichannel 24/7/365 expert end-user support.
Stay ahead of attacks with 24/7 protection and monitoring.
Maximize uptime with with industry-leading DRaaS.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Accelerate PE client deals and secure data.
Leverage your technology as a strategic asset.
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Posts
By: Paul Reissner
Table of content
In the classic movie The Wizard of Oz, a group of friends goes on a journey along the yellow brick road on a quest to realize their deepest desires. The group must overcome many obstacles along the way, including many which are not quite what they first seem. Similarly, modern businesses must overcome a wide variety of cyber security exploits and threats in order to reach the desired destination of an exceptionally secure IT environment. Preventing common security exploits keeps you and your business safe, but understanding the threats is key as well. In this article we answer:
One of the first obstacles to overcoming cyber threats and preventing exploits in computer security is understanding the lingo. For example, Microsoft recently released details on a 17-year-old vulnerability known as SigRed that is “wormable” and potentially exploitable remotely. If you’re like most people, the first thing you will ask yourself is, “what in the world does ‘wormable’ mean?” And you would not be alone; the cybersecurity lexicon is already filled with niche terms such as worms, trojans, and ransomware (oh my!), and seems to grow every day. But have courage, dear reader, because we have built this quick primer to help you easily understand and protect yourself from these common exploits in computer security.
Virus, malware, and Trojan (or Trojan horse) are all terms used to describe various forms of software that allow a malicious third party to exploit security vulnerabilities in an operating system or software for a purpose that was not intended by the end-user of the computer.
A Worm (or network worm, or “wormable exploit”) is a horse of a different color – a unique type of malware that can infect (and re-infect) other devices on the network without the need for human intervention. Once one device is infected, the worm is often able to infect other connected devices and “tunnel” deeper into the network to resist attempts at removal. Worms are generally difficult and time-consuming to fully eradicate and require that all devices be disconnected from the network, cleaned, and only reconnected after the worm is eliminated from each device.
Even if fully eradicated, the effects of advanced worms may not be completely mitigated, as some cyber security exploits can tunnel without needing to replicate across the network. This is the case in the example of SigRed, which can move from one server to another but does not replicate.
Ransomware is yet another type of malware designed to prevent access to files or computer systems and hold this access for ransom, usually demanded in the form of bitcoin or another cryptocurrency. Ransomware relies on common security exploits, which often reaches its target through malicious attachments or phishing campaigns and can also include data exfiltration attacks which copy from your network. Once compromised, this data is sometimes sold or used in other malicious activities.
Due to the relative ease of success and growing value of cryptocurrencies, malware has become one of the most common forms of cyber-attack over the last decade. In fact, recent news is full of high profile ransomware incidents, including attacks on Baltimore City, Multiple Towns in Florida, and an Illinois Hospital System. These attacks are often successful because the ransom requested is often trivial compared to the lost productivity and data they could cause.
Related Content:
Each form of cyber threat outlined in this article is some form of software designed to “exploit” a “vulnerability” on a computer or network. A vulnerability is simply a way of using software or services in ways that either the manufacturer (e.g., Microsoft) or the person implementing it (e.g., your organization) did not intend. This could include a design flaw or bug in the software, improper configuration, or failure to adhere to best practices. These potential exploits in computer security can often be solved by applying patches and updates promptly, but changes to the configuration or even server/network architecture may be required.
Much like the flying monkeys in The Wizard of Oz, these cyber-attacks can appear unexpectedly and without warning, threatening to overwhelm organizations which are unprepared. The best defense is a multi-layered approach known as “Defense in Depth”. We’ve written about some of these concepts in previous blogs, but following the basic guidelines provided below will set your organization on the Yellow Brick Road to your ultimate destination – a reliable and secure IT environment.
Do not let the lions, tigers, and bears of the IT landscape slow down your journey to security and peace of mind. Now that you know how to define worms, Trojans, ransomware, malware, and other cyber threats, you can ensure your organization remains protected. It’s time to stop security exploits in their tracks. If your business needs managed cybersecurity and data protection, reach out to Dataprise for assistance to maintain a top-notch security posture. We’re here to help you prevent potential exploits in computer security.
INSIGHTS
Subscribe to our blog to learn about the latest IT trends and technology best practices.