What You Need to Know About Bot-driven Attacks This Holiday Season

Excited for the holidays to get underway? So are hackers. Online retail transactions are 10 times more likely to be fraudulent than even those of the financial services sector, according to the Threat Metrix Q1 2018 Cybercrime Report. With the busiest shopping season of the year less than a week away, cybercriminals are taking every advantage with bot-driven attacks, one of the most dangerous threats of today. Ecommerce companies are currently the prime target, but do not fool yourself into thinking your business is immune.
Theft of personal data, disruption of website traffic through distributed denial of service (DDoS) attacks, cryptocurrency mining and ransomware are only the beginning to the destruction they can cause. The city of West Haven, Connecticut’s recent ransomware attack is proof positive that no one is off limits. What’s worse, many botnets remain dormant within devices just waiting for their botmaster to call them to life. Perhaps even more alarming, the evolution of botnet design is making new versions harder to locate.
What exactly are botnets and how do they work? Essentially, they are a network of both wired and wireless devices infected over time, including everything from laptops, tablets and smart phones to smart kitchen appliances and DVRs. This network (botnet) acts as an army of robots under the control of cybercriminals called “botmasters,” who deploy them to compromise millions of other devices through a Trojan horse virus, creating a ripple effect. The bigger the botnet, the more impact it has.
We have put together 5 important steps you can take right now to protect yourself and your customers from bot-driven attacks that could literally wipe you out.

1. Operating System Updates and Backup
   Ensuring operating-system and application software are regularly updated is crucial to combating botnets and other cyberattacks. Multi-layered security, like our Premonition^™ Security Suite, delivers a comprehensive and fully-integrated solution that covers all your bases, and adds immeasurable value by allowing you to focus on generating revenue.

2. Vulnerability Testing and Patching
   Misconfigurations in Amazon Web Services (AWS) and other cloud systems, as well as third-party Application Programming Interfaces (API) are just the tip of the iceberg when it comes to vulnerabilities. You need regular penetration testing by seasoned experts to properly identify configuration flaws and other potential areas of attack for remediation. Without it, you’re setting up your business to be the next data breach statistic.

3. Continuous Monitoring
   Understanding what normal activity looks like is the key to identifying threats and anomalies such as botnets. You must first establish a baseline and then, centrally monitor your systems as a whole, correlating threats for every layer of your environment on a continuous basis. Managed security providers have the combination of in-depth knowledge and breadth of tools to help you quickly and effectively mitigate unavoidable risks.

4. Data Backup and Restoration
   As the city of West Haven, Connecticut discovered last month in a ransomware attack that required them to pay $2,000 in cryptocurrency ($4 million USD) to regain access to their systems and data, having proper backup and restoration in place are a critical part of any security strategy. Our Cloud Backup | CloudDR services provide both local backup, offsite replication and recovery, as well as restoration to our private cloud, minimizing downtime to keep your business running smoothly.

5. Employee Education
   Remember that cyber attacks are not limited to just outside forces. Routinely training your employees how to be safe online in today’s ever-changing threat landscape should be the rule, not the exception. Increasing organizational awareness through instructor-led courses that cover a range of security topics can help businesses like yours manage the human risk factor more effectively.

Get the tools, technology and expertise to proactively address botnets and other security risks on all sides with Premonition Security Suite. Call us at (855) PRO-TELL and gift your organization with peace of mind that will last well beyond the holiday season.