Viruses may impair the operability of computers and applications, destroy files, or use traffic and communication links for their own purposes, e.g. sending spam.

Cyber threat is an illegal intrusion or a threat of such intrusion into the virtual space in order to achieve political, social or other purposes.

Cyber threats may also influence the informational space of the PC where the data and information are stored at physical or virtual devices.

The attack usually hits the information carrier device specially intended for storage, procession and transfer of the user personal data.

Nowadays all cyber threats are commonly classified into external and internal ones. The reasons and sources of external threats are located outside the company PCs, as a rule, in the global network. Internal threats depend exclusively on the personnel of the company, and its software and hardware.

External threats:

Spam

Spam is a mass mailing of commercial or other advertising information or similar commercial messages to people who didn’t agree to receive such information.

The greatest spam flow is sent via e-mail. Nowadays the share of viruses and spam in the total e-mail traffic makes up 70-95 per cent, according to different estimations.

Spam is as well one of the distribution channels for viruses and Trojan horse software.

Fishing

No less hazardous are the so called fishing attacks, when the user “takes the bait” of a fake website, which completely imitates, for example, a bank’s website, the one the user keeps his or her money with. After obtaining all the banking details and passwords, attackers can easily leave the victim destitute.

Remote hacking

Remote hacking is extremely dangerous, since attackers may get the possibility of reading and editing documents, which are stored on your PC or file servers, destroy them at their own wish, deploy their own programs to your networks to monitor your actions or collect some information, either sitting in the neighboring office or half away around the world.

DoS/DDoS-attacks

DoS/DDoS-attacks are made by mass specially organized network requests which totally or partially disrupt the operability of a website, web-store or an e-mail server. And sometimes it is enough to cut-off someone from the communication with the clients for a couple of days to remove a business competitor.

Theft of mobile devices

In our days the protection from external threats, such as a theft of mobile devices, becomes more and more pressing, as such devices may store without password protection most important corporate data – finance documentation, personal data of employees and clients, intellectual property, e-correspondence, various IDs and passwords.

Internal threats:

PC vulnerability

The most dangerous internal threat nowadays is software vulnerability. Applications are created by people, and, trivial though it may sound, people are to err. It is mistakes and defects which can be later detected by experienced hackers that become a basis for numerous viruses, worms and Trojan horse software that attack PC users through these loop holes. In such case, vulnerabilities are searched systematically, preferably in the software installed and operated almost constantly at most PCs. As a result, the more applications are used in your office, the more probable is that some of them will become gates for a virus to enter your system.

And if the software or OS does not update regularly, the possibility of the system ingress grows catastrophically. One shall do justice to the leading software developers, since they strive to find bugs in their programs and fix them as soon as possible. However, some action is also required on the part of IT Department of a company to install all the updates to the available stock of PCs. Each new day with a hole in the security system left open is an unjustified risk. Naturally, the use of free-ware (which, as a rule, is poorly supported by the developer), and even more so unlicensed software also plays against you in this issue.

Data leakage

A leakage of confidential information is very dangerous. Even so in our days, when there are so many channels for data leakage: Skype, social networks, and even a common e-mail. Do not forget about phones, laptops, tablet PCs, portable hard drives and flash cards which people constantly lose or get stolen.

A leakage of confidential information can be not a coincidence, but an intended action followed by special measures to keep the fact of the leakage itself in secret. For example, the easiest way to steal information is to make a shot of the monitor of an open-access computer with a phone camera.

In order to provide a comprehensive protection of the informational space of the enterprise and the data storage and procession systems, not only it is required to install a relevant software, but also to take a whole set of software and hardware, administration and management and legal measures. The following shall be envisaged here:

  • The protection of data, devices and carriers by hardware and software means shall be ensured;
  • Reference documents regulating the procedures for the personnel to use the information shall be created;
  • A set of measures aimed at prevention of data leakage and unauthorized access shall be developed.