main

Brute Force AttacksDDoS AttacksSecurity

A 5 Step Plan on How to Protect Yourself from Cybercrime

June 16, 2014 — by Adrian Crawley32

Recently, I wrote an article for Help Net Security to discuss the modus operandi of cybercriminals and how this can lead to different types of cyber attacks.  While we have previously encountered huge distributed denial of service (DDoS) attacks that appear to come from nowhere and flood the victim’s network security, we have begun to see much more stealth and more sophisticated attacks causing just as much, if not more, damage.

In the latest report from the Radware Emergency Response Team (ERT), we tracked the rise of these web stealth attacks.  One of the most common is a ‘Login-Brute-Force’ attack.  It may not sound like a stealth option, but the aim is to saturate login servers by creating bogus requests that will eventually lock out legitimate users.  This creates a massive overload on the login servers, and in most cases also on the organization’s call centers, which receive calls from frustrated, legitimate users.  Once the chaos is in place, attackers can use the same attack method to steal information.

With these new threats developing, and in some cases being deployed alongside more traditional attacks, here is a five step plan on how to protect yourself from cybercrime:

Know your enemy

Pay attention to law enforcement agencies like the FBI and government bodies, in order to get the latest cybercrime warnings.

Choose a single point of command

Use one Command and Control (C&C) that includes all aspects of the data center:  network, servers and applications.

Have an emergency response infrastructure and team ready to operate

Develop and implement an incident response infrastructure.

Separate critical networks

Make sure that your sensitive data is stored on a properly protected network with no simple access.

Don’t be a domino

Understand every point of weakness both inside your organization and externally to those who you rely on.

If you’re interested in learning even more about the current state of cyber attacks, I invite you to download the Global Application and Network Security Report written by the Radware Emergency Response Team.

You can also view my article in Help Net Security here.

Like this article? Receive similar articles by subscribing to our blog today!

Adrian Crawley

Adrian is an IT security expert and is currently Radware’s Regional Director for the UK and Ireland. Adrian has more than 15 years’ experience in the networking and security industry. Adrian writes and comments on the latest network security issues, trends and defense implementation.

32 comments

  • Pingback: A 5 Step Plan to Protect Yourself from Cybercrime – The Threat Vector

  • G. W. PAINTER

    August 20, 2014 at 2:34 pm

    This may be good for a company that has a cyber-security force / dept. for protection, but dose’nt help the individual .

    Reply

    • Kelly Cole

      August 21, 2014 at 6:50 am

      I utilize Norton 360 and their tech support representatives are absolutely the best. I had a hacker achieve a penetration of my system, but the Norton representative, (a division of Symantec) took over control of my computer (with my permission) and totally fixed the problem, at no charge to me. I rate them very best company on the market.

      Reply

      • Lynda Miness

        August 26, 2014 at 2:57 pm

        I use Norton 360, too, but they told me it would cost me $100.00(US dollars) to get the hackers out of my computer. Can you(Kelly Cole) explain that to me, that they didn’t charge you, but wanted to charge me!!!!! I told them to forget it, I would get someone else to fix it for me.

        Reply

        • Darryl

          October 9, 2014 at 7:44 pm

          Agreed, they wanted to charge me $200.00. I’m going to contact them if this is true and ask why I had to pay.

          Reply

    • Max Hardcore

      September 26, 2014 at 11:55 am

      Adrian has not posted a plan, or decision tree. What Adrian has done is rehash some well-known postures for adopting a security matrix for a large private company. The policies that are summarized are well known in many if not just about all private companies. The bullets above state the obvious without providing details. Its all about the details Adrian, the details!!

      Reply

  • Adam Wiemers

    August 29, 2014 at 12:03 pm

    My sister was bitten by a moose once. Mind you, moose bites can be nasty!

    Reply

    • Jim

      September 21, 2014 at 7:33 am

      Adam, The moose comment was very useful. Thanks

      Reply

      • Testicules

        October 30, 2014 at 2:12 pm

        I agree.

        Now I know that if I travel to a region where there are moose, I should be careful.

        Thanks Adam!

        Reply

  • Michael

    August 29, 2014 at 2:05 pm

    This information is useful to a point, but now I ask government or Adrian what is the best security program we as individuals can get for our protection of the internet .

    Reply

    • Charles Obryan

      September 6, 2014 at 11:56 am

      I’m secured. The precautions I use are as follows; To foil key-loggers and hackers I use a portable (installed on flash drive) password manager (keypass) to keep all my passwords in one spot and to access it all I need to remember is just one password ! Here is how it works, I plug in my flash drive (I keep it on my key ring) and then open up keypass. I then scroll through the list of places I put on there. Say I pick my bank, I highlight my bank, right click and choose to go there, it pulls up the web sight, I right click again and choose enter password. and wala im in. My password for my bank is so long and so random that it would take me 5 minutes to type it in but with keypass it is automated. In addition to a super powerfull password, it enters it at random order.

      Also if I’m really paranoid I’ll use a virtual keyboard that is on just about all computers.

      Now, from my computer to the bank. to prevent a man in the middle attack I use a vpn. There are tons of VPN providers out there. I like Private Tunnel because its meter based. I can turn it on and off as I will. A VPN will hide your true IP. So it may look like I’m in the UK, Canada or Netherlands when in reality I’m in the U.S. In addition to that everything is encrypted and runs through a tunnel. This foils the man in the middle.

      Never use your Debit Card. Use a Credit Card. Get a payPal for shopping.
      Only use your card at a shopping cart or web site that has HTTPS. The “S” means security. If you really want the product bad and it looks like it may be risky, go buy a disposable Visa or Master Card.

      Be on the lookout for social hacking. STOP giving out your private life on Facebook. Be leery of anyone asking you questions and never give them anything.

      Shred ALL documents. I even shred junk mail.

      AT home, have a shot gun but it is your duty and responsibility to keep it out of the hands of anyone else, especially children.

      The Internet can be fun and secure.

      Reply

      • Charles Obryan

        September 6, 2014 at 12:05 pm

        OOPS. And in addition. don’t read or open emails you don’t recognize. Throw them in the garbage.

        Reply

      • nevertheless

        September 12, 2014 at 1:32 pm

        wow, thanks charles, great advice

        Reply

      • marvin

        September 24, 2014 at 1:18 pm

        Well Written Charles and thanks for taking time to explain step by step info,I too use a setup similar to yours however Idont tell everyone the different steps I use the best is password generator you use,however really good users know how to bypass secure sites ,so the one most important is to keep your business on separate computer than one you use for social sites and email and I keep it offline until I am ready to use,then always check your bank account,only use credit cards online shopping,and never think you are safe always check and keep paper trail of bank statements,I know everyone wants paperless until you lose all your records one day!!! The harder you make it the more they will look for easier target!!!thanks

        Reply

      • Ted Casinski

        May 13, 2015 at 8:52 am

        Do not have a debit card as it has unlimited liability. Have a credit card as it has limited liability, and also have an ATM only card which has no debit card authority. Request your bank for an ATM only card.

        Reply

  • dan coakley

    August 30, 2014 at 4:31 pm

    I am trying to get rid of Norton “Insecurity” from my computer. I sent it to the garbage pail and it keeps popping up again and again. They just want money from me – that’s all. I am not interested
    in giving them money.

    Reply

    • Charles Obryan

      September 6, 2014 at 12:01 pm

      you need to uninstall it. It sounds like your throwing away the shortcut. (the icon on your desktop) But I have to agree, Norton SUCKS!

      Reply

    • Dubois

      September 6, 2014 at 1:41 pm

      You can reconfigure you PC. And yes Norton sucks!

      Reply

    • Max Hardcore

      September 26, 2014 at 11:50 am

      Kaspersky Labs is the most superior internet and web shield you can purchase. Norton is horrid, and McAffee – don’t even get me started, that piece of junk uses too many computer processes while it runs. As for PC or Mac security, the having the shot gun at home as ever, is a last resort. If you personal data is hacked, just pick up the mossberg and blast away at the mother board.

      Reply

  • YaValioCacaWates (@YaValioCacaWate)

    September 1, 2014 at 1:29 pm

    My version to protect yourself from cybercrime works all the time every time, and it’s free. Step #1 Don’t use the internet, Step #2. Remember step #1.

    Reply

    • nevertheless

      September 12, 2014 at 3:36 pm

      YaValio, you’re using it now, lol

      Reply

    • Max Hardcore

      September 26, 2014 at 11:52 am

      Yes, and live in a cave, assume posture of a fetal like position in one corner of the cave, and blow out all the candles.

      Reply

    • darnelliousjamalgonzalez

      April 14, 2016 at 11:11 pm

      yavalio is your typical wetback little latino spic with no balls, what a coward of a chknsht, moms been hammered by everyone in mexico and who knows who yayas daddy is

      Reply

  • Cindee Molnar

    September 16, 2014 at 10:34 am

    What I have found out is that Norton and McAfee products work ok but they do not completely protect your system from intruders. I have multiple computers and use multiple anti-virus programs. To date, I have found that AVG and Kapernsky are about the best at blocking intruders and malware BEFORE it corrupts your computer/network. The computers that get the most infections are the ones that I use McAfee on. I no longer use any Norton product due to the inability to block intruders before infection. One thing that I do to keep my computers secure is to only visit websites that I trust, use strong passwords, change passwords on a 60-90 day schedule. Do not use names of family members or birth dates, disconnect computers from wireless networks prior to shutting down. So far, it has been pretty successful.

    Reply

  • Carolyn Boyles

    October 12, 2014 at 12:31 pm

    I have found Comodo Internet software to be good as well. I had Panda software and the National Security Agency virus blew right through it. I did not choose any options on the screen the virus was giving me and unplugged the computer as fast as I could. Fortunately, my computer was not corrupted and I lost no data.

    Reply

  • noname man

    October 26, 2014 at 12:42 pm

    My plan is better- I keep all my money in a coffee can near where my 2 hungry dobies sleep. I have no friends I don’t work, collect any pensions or social security, I don’t even have a SS card, I have changed my name 12 times in my 80 years and don’t have a phone. I never get mail because the mailman is afraid of the dogs. I also live in a trailer home that I relocate 4x a year. I get it moved by a local tow company and I pay cash for everything. I often have it moved 2-3 times before I stay anywhere. I don’t have a drivers license and I rent someplace to put it from a farmer or just stash it in some piece of vacant land somewhere and never the same one, My money came to me from my father who gave it to me in cash 70 years ago. It was a large amount and I never needed to work. You may wonder how I am posting this-well I am not going to give away all my secrets to the hackers.

    Reply

    • David

      November 21, 2014 at 4:56 pm

      You should try writing a Hollywood script because I am not buying any of your comments.

      Reply

  • David

    November 20, 2014 at 4:23 pm

    Step 6. Never use Microsoft products. Instead, use open-source products such as Linux that have been publicly scrutinized by many more people than just those at Redmond, WA. There are too many back-doors in MS, Adobe and Apple products.

    Reply

  • David

    November 20, 2014 at 4:28 pm

    I had warned people for years that there were back-doors in Microsoft products and no one believed me. They all said “get out your tin foil hats.” They did not believe me until Edward Snowden came forward with his disclosures. Sadly (though, not surprisingly), those same people who did not believe me were IT “experts.” Also, get rid of Symantec products and use a real anti-virus product such as ClamAV.

    Reply

    • Ikksman

      December 3, 2014 at 4:17 am

      Talk about self-aggrandizement (and BS)!

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *