This is one of the worst attacks a business can suffer. And the worst thing is that they are attacks that are hardly talked about. In large part, because the company rarely realizes that it is infected or that it has been attacked. We talk about silent attacks.
They are attacks that don’t encrypt your files like ransomware or that bring down a server like DDoS. Its function is to go unnoticed to guarantee its continuity over time. If there is no noise, the virus can be hidden and remain “active” longer, spying on affected systems.
They may be observing and capturing passwords, financial operations, formulas, confidential communications, privileged information, ways to proceed, etc …
This type of attack is related to obtaining information.
Federal offices such as the NSA routinely use these types of techniques to spy on their targets and obtain valuable information that gives them an advantage.
A silent attack is difficult to identify, because it is designed to go unnoticed. On many occasions they are zero-day techniques (0-day), unknown and undetectable with the current methods that we have.
The best we can do in all cases is to update the antivirus constantly, have a good backup and carry out a cybersecurity audit on your infrastructure, which shows your vulnerabilities.
Cybersecurity audits will give you visibility that you currently don’t have. Not only will you see where your security holes are, but it will also show you which current practices are not the most suitable and how to improve security. By knowing which vectors attackers can exploit, you can prevent or make it harder for attacks to succeed.
#silentattacks #cybersecurity #cybersec #whitehacking #computer security
Photography: Unsplash / Taras Chernus @chernus_tr