Cybercriminals have many weapons in their arsenal to violate the security of the company, and knowing how to identify how they have done it can be a key factor when you are the victim of a security incident. The following list shows the main security incidents that can affect companies
Malicious code infections of systems, work computers, or mobile devices. These types of incidents, mostly initiated via email, compromised or malicious web pages, SMS, or social media, can also cause infected resources to become part of a botnet. To determine if this incident has occurred in your company, you can use our service.
Intrusions or intrusion attempts caused by the exploitation of known vulnerabilities, such as those published regularly in the Security Notices section, exploit attacks and credential breaches, which entails the compromise of accounts with or without administrator privileges and the compromise of applications or services. If the compromised service is the web page, it can lead to incidents such as spoofing or malware distribution, among others. This can also include incidents of theft due to unauthorized access to physical facilities.
Availability failures through DoS attacks (denial of service) can affect different resources of the organization (networks, servers, work teams, etc.) and make their normal operation impossible. These types of incidents also include those caused by sabotage or physical attacks on resources or infrastructures, as well as other types of unintended external interruptions.
Compromise of information as a result of unauthorized access to it or its modification (for example, through encryption by ransomware). To determine if this type of incident has occurred in your company, you can use our Ransomware Help service. These incidents also include those in which the result is the deletion, loss, or leakage of data, and maybe caused intentionally (through the theft or compromise of credentials) or by a failure of the devices that store them.
Fraud caused mainly through the impersonation of legitimate entities, with the aim of deceiving users to obtain an economic benefit, or by phishing attacks, to obtain private credentials for access to means of payment. Here you can also find incidents related to the unauthorized use of resources, in order to carry out fraudulent campaigns against other users, such as, for example, hosting phishing campaigns on the corporate website.
Sending spam, such as unsolicited emails where the recipient of the content has not granted authorization to receive such messages. These types of messages do not usually violate the security of the company, since their purpose is usually to promote products or services, but in cases where there is a large volume of spam, it can be annoying for users.
Network scanning ( scanning ), whose objective is to discover technologies and systems used by the company. Generally, scans are part of the stage where cybercriminals obtain as much information as possible about a victim before carrying out the attack.
Packet analysis ( sniffing ), to observe network traffic and analyze it in order to discover confidential information and tools used by the company.
Also Read: How To Protect Ourselves From phishing