The omnipresent danger for your IT
With the increasing digitization of infrastructure and companies, the danger of cyber attacks is rising at the same time. Hackers gain access to critical data via security gaps in the IT. In this way, criminals gain access to highly confidential information, and in the worst case they can disable technical systems. For the affected institutions, this sometimes has considerable negative consequences. They often have to deal with high additional costs. If you want to avoid this scenario, you should contact us. Our customized products identify security gaps and suggest measures to remedy them. This makes it possible to effectively prevent cyber attacks.
We look back on twelve years of product experience. During this time, we have built up a satisfied customer base – 9 out of 10 test customers also rate our performance positively. Our services are used in over 195 countries. It is therefore possible to maximize IT security from any location. Through targeted vulnerability management, the attack surface can be reduced by 99.9 percent. We work with 100 sales partners worldwide.
Worldwide, we have already carried out installations and vulnerability tests in the double-digit range. On our homepage you can get an overview of our company and how we work. You are also welcome to take a look at our references.
- JBS (REvil)
The Brazilian company JBS is the world’s most important meat producer. Due to a ransomware attack by the REvil group, the company had to temporarily shut down its beef plants and packaging centers.
- Kaseya (REvil)
The same group also fell victim to the US IT service provider Kaseya. The ransomware attack compromised 56 of the victim’s customers.
- Colonial Pipeline (DarkSide)
The largest cyber attack on a pipeline to date led to fuel shortages in the US. The attack was perpetrated by the group DarkSide.
- Microsoft Exchange Server (Hafnium)
Hackers were able to penetrate the Microsoft Exchange Server through an unknown security hole. They gained unhindered access to the data of authorities and large companies.
- CNA Financial (Phoenix Locker)
The large insurance company in the USA became the victim of a ransomware attack – with the help of the Phoenix Locker malware, hackers stole important data and encrypted it. As a result, the company had to shut down its operations for three days.
Definition: What is a cyber attack?
A cyber attack represents a deliberate and malicious attempt to compromise an institution’s IT system. Attackers hope to gain an advantage by doing so. It often involves data theft and the associated blackmail. It is also possible for criminals to disrupt business processes and permanently damage the reputation of the victim. In the age of digitization, it is therefore essential to invest in cyber security. With the right approach and technology, a multitude of virtual attacks can be warded off.
- Advanced Persistent Threats (APT)
In this case, an unauthorized user gains access to a network. The aim is to remain undetected for as long as possible in order to steal data. Often, the affected institution does not notice such a cyber attack – this is because criminals deliberately act discreetly and do not cause any further damage.
This is probably the most well-known type of cyber attack. The attack takes place with the help of malicious software – i.e. a Trojan, virus or worm. There are now many types of such malware that pose a serious threat to internal company networks.
- Exploiting vulnerabilities in software and hardware
Unfortunately, not all computer networks are secure. Sometimes programmers unknowingly leave security holes in the code open – through them, hackers can easily get into a network. Cyber criminals specifically look for such vulnerabilities. They usually also have the experience to exploit the vulnerabilities.
- Social Engineering
In most cyber attacks, hackers gain access via a user account by expanding the authorizations there. So-called social engineering techniques are used. The target person voluntarily leaves the user name and password with the criminal. Of course, the victim does not know that the other person is a virtual attacker.
Another type of cyber attack aims to slow down and overload the network. This happens when a server is loaded with a large number of requests. As a result, the performance of the network slows down considerably, which makes network-dependent operations impossible or only possible in a limited form. If the victim of the cyber attack is a company, its image will suffer considerable damage.
- Spam- and Phishing-Mails
A phishing e-mail is sent specifically to the recipient in order to obtain sensitive data from him. The digital messages often appear legitimate and give the impression of coming from an official source. They often inform the potential victim that their account has been compromised. The user is provided with a link through which he should enter his access data to supposedly rescue his account.
Hackers use ransomware to gain access to a computer network, where they then encrypt important data. If the victim wants to access these files, he or she needs a decryption key. The affected institution only receives the latter after paying a high ransom.
A botnet is the connection of Internet-of-Things devices or several networked computers. Criminals install a bot on the devices using malware. This enables hackers to make use of the computing power, data and network connection of the computers controlled in this way – they use the technology to carry out cyber attacks.
What to do in the event of a cyber attack?
In order to initiate measures in the event of a cyber attack, a cyber attack contingency plan should be drawn up for such a case. Because here, too, prevention is better than cure. The content of the plan depends on the type of attack and the IT environment of the institution. Here, it is a good idea to consult a security expert – they can offer you help with the cyber attack, assisting you with the question: “Cyber attack, what to do?”.
In the event of a network intrusion, the first thing to do is damage limitation. The next steps depend on the scope of the attack. In the case of a local attack, it is sometimes sufficient to change the admin password. However, if you suspect a widespread attack, you may have to take some systems offline. In this case, it is a matter of damage limitation until you have traced the source of the cyber attack.
Remember that every cyber attack is a criminal act. You need to gather evidence both for your cyber attack insurance and for law enforcement. Especially if an attack has already been stopped, quick action is necessary – because hackers often cover their tracks.
When it comes to cyber security, leave nothing to chance. Invest in the protection of your IT environment in good time. Rely on our professional vulnerability management. You have the choice:
Greenbone Enterprise Appliances
The Greenbone Enterprise Appliances are available appliances for the vulnerability management of IT infrastructures. Either as hardware or as virtual appliance.
Greenbone Cloud Service
The Greenbone Cloud Service offers a technically high-quality, easy-to-use vulnerability management service.
Find your IT vulnerabilities
With Greenbone Cloud Service TRIAL you can identify the first vulnerability’s in your IT free of charge, without installation and today! You can find information about our cloud service here.
Our solutions are open source and developer-friendly and are also available virtually, as source code and as hardware. We work hand in hand with the Greenbone community to improve our products every day and deliver customized solutions for your needs.