8 Potent Network Security Threats That All SMEs Should Know About

As we all rely more and more on technology in our professional and personal lives, cyber security has become more and more of a hot topic.

What Network Security Threats Exist?

Over the past few years, we’ve seen all kinds of high profile, nefarious cyber antics in the news.

Recent cyber attacks and data breaches have impacted the likes of the NHS, Equifax, Capital One, and Marriott Hotels, showing us that larger, well-established IT infrastructures can still fall foul of digital crime.

Yet, in terms of network security, smaller companies are generally even less prepared, making the SME market an especially soft target for cybercriminals.

Here, we’ll discuss 8 incredibly dangerous cyber security threats that all SMEs should know about, as well as how firewalls (and complementing products) can keep them at bay.

1. Malware

We start with one of the particularly common network security threats – malware. The term basically refers to any kind of malicious software, such as computer viruses and ransomware that attempt to gain access to your network.

A network’s front line of defence against malware is antivirus security software, though making sure all devices on larger networks have up to date protection and virus definitions can be easier said than done. But firewalls do have a part to play too.

Firewalls act as a gatekeeper between your network and the open internet, filtering out potentially malicious traffic. Modern firewalls are often able to carry out packet inspection – checking data packets for known threats as they enter the network.

Enterprise firewalls are also sometimes bundled with some level of sandboxing functionality which opens unknown files on an isolated virtual PC so it can observe what happens and rescind access to any dangerous files, preventing malware attacks.

2. Phishing Attacks

Phishing is one of the most simple network security threats to carry out.

Fraudsters attempt to gather sensitive information like login details and/or financial access credentials by sending out an email pretending to be from a popular provider like G-Suite, Office 365, Xero, etc.

These emails can look very convincing, using the exact same branding and tone of voice as the brand being copied.

A phishing email will generally state that some kind of urgent action is needed, encouraging the recipient to click a link to log into the service in question or to directly make a payment.

But these links aren’t designed to grant legitimate access – they’re designed to harvest personal information such as login credentials, credit card details, or other sensitive info. According to data from the DCMS, 80% of businesses who suffered a cyberattack in 2019 identified phishing attacks as a likely culprit.

Firewalls approach the issue of phishing very simply – by blocking user access to known fraudulent links. However, this method is far from infallible. New, as-yet-unknown threats are always popping up across the web and it can be some time before security providers and databases catch up, which is why security patches should always be up to date.

In the case of direct payment requests, there may not be any links there to block! This is where regular network security awareness training is absolutely invaluable.

3. Fileless Malware

Traditional malware infections generally rely on an infected file being accessed or downloaded in order for it to release its deleterious effects or “payload”.

Fileless malware is a type of malware that doesn’t store its payload in a particular file – it operates the payload directly from the computer’s RAM memory, or sometimes the CPU. By sidestepping the hard drive, fileless malware can easily evade traditional antivirus measures.

So how does fileless malware reach a machine?

Much like phishing, an attacker might send out a fraudulent email encouraging the user to click a link. However, in this instance, the page’s core purpose is to run a piece of code on your machine that loads the malware exploit into memory.

One of the particular network security threats associated with fileless malware is data breach and theft. The malicious code running in the background can potentially connect to a criminal’s server and skim sensitive data for their own nefarious ends. This could include identifying client information, payment details, access credentials, or valuable intellectual property.

Not only can modern, enterprise firewalls block access to known malicious links, but many modern solutions include some level of sandboxing functionality – effectively testing out malicious links and code before granting user access.

4. Wireless Intrusion and Eavesdropping

Though Wi-Fi is awfully convenient, it can also present huge cyber security dangers without the right security tools in place.

A hacker can potentially sit within range of an organisation’s wireless network, and with little more than a laptop and a penetration testing tool, they can see the company’s access point names and network addresses, and can even physically locate the network’s Wi-Fi access hardware.

Using this information, the hacker can set up a genuine-looking duplicate of the company’s Wi-Fi access point. As devices unknowingly connect to this duplicate by mistake, the hacker will be able to see the traffic flowing to and from those machines. This dodgy duplicate is called an “evil twin”, but it’s not the only way by far that hackers can cause Wi-Fi chaos.

The most comprehensive solution to wireless intrusion is to invest in a WIPS or Wireless Intrusion Prevention System. WatchGuard’s Secure Wi-Fi system operates through specially configured Wi-Fi access points which consistently scan your wireless network’s range for imitations or other questionable activity.

5. Human Error

Unfortunately, even the most well-meaning members of staff will occasionally slip up, which is why human error is one of the perennial cybersecurity threats.

When work’s busy and everything’s moving a mile a minute, it’s easy to fall for scam emails or to download something you shouldn’t.

When sending out phishing emails and the like, cybercriminals often use psychological cues (known as “social engineering”) to encourage a quick, accurate response – usually requiring personal information to be shared.

Your firewall won’t be able to directly combat data breaches caused by human error anywhere near as much as cyber security awareness training can. But a recent, robust firewall solution should help to block known malicious links and files before they reach your end users.

6. Insider Threats

There’s always the possibility that your security threats include a member of staff could be up to something far more insidious, so security measures have to extend beyond outsiders getting into your network.

An employee with a grudge could potentially install an unauthorised access point to provide sneaky backdoor access to parts of your network. Alternatively, they may download a sensitive database or piece of intellectual property and send it to a competitor, sell it on the dark web, or simply leak it to the open internet.

Because insider threats can be so widely varied, firewall functions often can’t handle them alone. However, WatchGuard has two complementing products that can help.

  • Network Discovery provides insight into a network’s security weak points, including unauthorised shadow IT
  • AuthPoint is a straightforward multi-factor authentication product which ensures that sensitive systems are only being accessed by authorised personnel. It also maintains auditable logs of all login requests, enabling monitoring and investigation

7. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks

A DoS attack is a malicious attempt by a hacker to interrupt a network or server’s normal function by flooding it with traffic – called “requests” – from a single originating device. The target server or system may eventually become overloaded and grind to a halt.

DDoS attacks however are a little more complex. Instead of bombarding the target with requests from a single device, the target receives scores of requests from a distributed network of hijacked devices – called a botnet. Understandably, this makes DDoS attacks much more impactful – not to mention harder to deal with.

Older firewalls can’t always deal with DoS and DDoS attacks, but most modern firewall solutions offer ways to mitigate and minimise their effects. WatchGuard’s products chiefly focus on limiting activity to a set request quota per client or per server, whereas SonicWall’s solutions use in-depth “flood protection” settings alongside activity quotas.

8. Internet-of-Things (IoT) Hacks

An increasing number of companies are using internet- or network-enabled devices which don’t fall into the more typical IT bracket of PCs, laptops, and smartphones.

IoT devices cover a wide range of functionality from precise production line sensors, to physical access control systems and all the way down to smart speakers and fridges.

These devices often run on very simple software that is unable to run antivirus software or typical network usage controls. Therefore, IoT systems can become a network’s weakest point, potentially putting the welcome mat out for hackers looking to penetrate your network’s defences.

With this access, a criminal could block, steal or tamper with potentially sensitive contact information or generally cause mass network disruption. They could even collect information that’ll help them target you further!

Having a firewall protects IoT devices in a very fundamental way. Provided the device is connected to the network “behind” the firewall rather than directly to the open internet, the device’s web traffic will be inspected along with the rest of the network.

Industry leading firewall providers like WatchGuard incorporate simple to use intrusion prevention systems (IPS) into their firewalls to help detect and eradicate questionable traffic network-wide.

If your firewall is overdue for an upgrade or you’d like to discuss any of the services we’ve mentioned here, get in touch with our friendly team today on 0808 1644414 to chat about your options. We also offer a free network security health check, just drop us a line to learn more!