Security solutions: Describing security solutions. Expressing possibility. Types of security threats. Security systems
Yüklə 27,65 Kb.
|
- Bu səhifədəki naviqasiya:
- How to prevent phishing attacks
- How to prevent DDoS attacks
- 7. Ransomware
|
5. Phishing attacks
Phishing attacks are a type of information security threat that employs social engineering to trick users into breaking normal security practices and giving up confidential information, including names, addresses, login credentials, Social Security numbers, credit card information and other financial information. In most cases, hackers send out fake emails that look as if they're coming from legitimate sources, such as financial institutions, eBay, PayPal -- and even friends and colleagues. In phishing attacks, hackers attempt to get users to take some recommended action, such as clicking on links in emails that take them to fraudulent websites that ask for personal information or install malware on their devices. Opening attachments in emails can also install malware on users' devices that are designed to harvest sensitive information, send out emails to their contacts or provide remote access to their devices. How to prevent phishing attacks Enterprises should train users not to download attachments or click on links in emails from unknown senders and avoid downloading free software from untrusted websites. 6. Distributed denial-of-service (DDoS) attacks In a distributed denial-of-service (DDoS) attack, multiple compromised machines attack a target, such as a server, website or other network resource, making the target totally inoperable. The flood of connection requests, incoming messages or malformed packets forces the target system to slow down or to crash and shut down, denying service to legitimate users or systems. How to prevent DDoS attacks To help prevent DDoS attacks, companies should take these steps: Implement technology and tools to monitor networks visually and know how much bandwidth a site uses on average. DDoS attacks offer visual clues so administrators who understand the normal behaviors of their networks will be better able to catch these attacks. Ensure servers have the capacity to handle heavy traffic spikes and the necessary mitigation tools necessary to address security problems. Update and patch firewalls and network security programs. Set up protocols outlining the steps to take in the event of a DDoS attack occurring. 7. Ransomware In a ransomware attack, the victim's computer is locked, typically by encryption, which keeps the victim from using the device or data that's stored on it. To regain access to the device or data, the victim has to pay the hacker a ransom, typically in a virtual currency such as Bitcoin. Ransomware can be spread via malicious email attachments, infected software apps, infected external storage devices and compromised websites. Yüklə 27,65 Kb. Dostları ilə paylaş:
|