Don’t assume all cyberattacks are the same. The truth is that there are a number of ways hackers can infiltrate a company. The vulnerabilities increase with the amount of entry points that business has, including the hardware, software, operating system and even phone equipment. Read on to understand 15 ways that hackers can use as entry opportunities to steal company data or disrupt operations.
1. Denial of Service
A hacker overwhelms the site with traffic, preventing real work from being accomplished.
2. Network Devices
A hacker gains access to the router, switch or firewalls and can take control of the device, manipulate the configuration, allow unwanted traffic, or shut it off completely.
IT Equipment Exposures
- Operational exposures: gaining access to the server and changing the password or configuration.
- Physical exposures: changing the server’s internal settings, rendering the server useless or causing damage
- Operational exposures: gaining access to the storage device and changing the password or configuration. This can also impact stored data.
- Physical exposures:
- changing the internal setting, encrypting and holding it ransom
- changing the operational characteristics and possibly rendering the device useless or causing damage
Though not normally the focus, printers/copiers can be hacked remotely if they’re connected to the internet and not protected.
6. Specialized equipment
In any given company, there is specialized equipment unique to the industry, segment or process. It’s not normally a target unless valuable or supports a very visible business process.
Operating Environment Exposures
7. Operating System
The Operating System (OS) supports the control of the servers. Operating systems, especially those supporting the low-end server market, have historically been targets for hackers because of their install base, access to the internet, and relatively relaxed security.
Once the hacker gains access to the OS, the objective is to:
- alter it, the subsystems, or the applications
- to perform unauthorized activities
- to change the operating environment configuration
Multiple subsystems operate under the operating system and are often referred to as shared services, including security, monitoring, measurement, performance, security, file management, and databases.
If a hacker gains access to the OS, they usually:
- try to alter or disable subsystems
- hold the company ransom by encrypting a given subsystem and/or the associated data
Applications perform business functions for human resources, payroll, customer relationship management, etc.
Hackers have destroyed data by deleting entire files or databases.
While less common, hackers have been known to alter financial and personal records, and use them to their advantage. The most common alteration is encrypting a file or database and demanding a ransom.
Phone System Exposures
PBX systems are usually installed on company premises, and maintained by a group separate from IT.
- Operational risk: the hacker gains access to the PBX and alters the configuration or copies/alters/destroys the directory data.
- Physical risk: the hacker gains access to the PBX and alters the operating characteristics, causing it to crash or physical damage.
VOIP systems are often newer and more closely follow IT standards and procedures. This is not a large target for hackers unless the company is a VOIP service provider.
15. Process Control Systems
These can take the form of Supervisory Control and Data Acquisition (SCADA), Programmable Logic Controllers (PLC), and Distributed Control Systems (DCS). Their major function is to control both the support of the facility and manufacturing process, including electrical power, boilers, HVAC, ovens, motors, generators, refrigeration, etc.
A hacker can take control of the entire system then hold it for ransom or alter the controls to cause damage.
A global attack could result if a given vendor’s Process Control System is infected with a virus and modifies the operating specifications of a very common piece of equipment. Once triggered, this would impact multiple companies, similar to ransomware. A major concern is that dormant viruses have already been discovered in several vendor’s Process Control Systems.
Add to The Plan
Companies need to update their disaster preparedness documents and incorporate the potential attacks listed above. This should include all the steps necessary to address the cyberattack, as well as the processes and procedures to prevent it from happening again.
Want more information like this delivered straight to your inbox? Click the “Follow” button on the bottom of the screen and enter your email address.
© 2021 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This article is for informational purposes only and is not intended to convey or constitute legal advice. HSB makes no warranties or representations as to the accuracy or completeness of the content herein. Under no circumstances shall HSB or any party involved in creating or delivering this article be liable to you for any loss or damage that results from the use of the information contained herein. Except as otherwise expressly permitted by HSB in writing, no portion of this article may be reproduced, copied, or distributed in any way. This article does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable endorsement form.