external-analysisWhen you think of external attacks, most people take the approach of someone smashing into something. The countless movies where a criminal starts jackhammering into a bank’s wall or attempting to muscle their way into the vault falls completely into this external approach.

They aren’t looking for banks with low security (not sure they’d be able to find one that isn’t fortified enough to keep someone out from the outside of the building or locked vault without insider information.

But in cybersecurity, an attack surface isn’t as simple as that bank vault or thick wall. Our approach to fortification has completely been turned on its head.

Thousands of times a second, hackers are finding ways to gain access. Whether it’s a brute force password attack, or external vulnerability scan to find exploitable weak points on the outside of a network, or even a sneaky phishing attack, attempts to break into business networks are real.

They aren’t looking to jackhammer their way in. They are looking for premade cracks. Designs that might not have been as thought out for the sheer number of attacks in today’s security climate. If they work smart enough, they probably will be able to find some way to get in from the outside that will give them enough access to cause some serious damage.

The top three attack methods that we’re seeing across the MSP community today are not new attack methods. They are just being used smarter—by focused criminals targeting very specific attack vectors.

Distributed denial-of-service attacks—a DDoS attack occurs when a system becomes overwhelmed with requests from infected machines. These machines trying to communicate are controlled by an attacker. The problem with this type of attack is it can completely cripple a business, depending on how workflows are designed.

Zero-Day attacks—this year has been a windfall of announcements of vulnerabilities. While many were fixed and patchable, the problem with external-facing infrastructure is it is the most susceptible to attack. Whether within a virtualized network or not, zero-day exploits have been on the rise in 2021.

Open ports—the way most recent attacks have been successful have been through ports left open. Many of these were from default settings, but whatever the case, if ports are not needed, unused ports should be kept closed. A lot of the zero-day attacks we’ve had to help remediate were specifically related to an attacker able to access vulnerabilities through open ports.

What can you do?

One of the things I tell MSPs quite often is to inspect your environments. Scan for open ports and see what hackers could get to.

GalacticScan has the ability to scan IP addresses and domains for externally facing vulnerabilities. Things that might be hard to keep track of but are critical to your and your clients’ security.

Interested in seeing what types of vulnerabilities might be lying in plain sight? Consider a cyber stack evaluation.