Team discussing how to secure against cyberattacks in the cloud

Four common types of cyberattacks and how to protect against them.

Posted 02 December 2021 by Laura

Eyes often glaze over at the very mention of cybercrime. Seriously, try it next time you’re having a round of crazy golf. But it’s really important. And when the world’s most common password is 123456, it’s easy to see that knowledge-sharing is key to survival in this fast-paced digital world.

When we talk about exposure to cyberattacks, there are four primary types of attack to consider:

  1. Phishing and spear-phishing attacks
  2. Password based attacks
  3. Device based attacks
  4. Network based attacks

We will explore these – and the steps you can take to protect your business in the Microsoft cloud.

1. Phishing and spear-phishing attacks

Phishing is where an attacker takes on the role of a trusted identity and tricks employees into opening emails, texts or instant messages. With spear-phishing, as the name suggests, things are a bit more serious. An attacker will use unique information, specific to the user, to construct a more plausible phishing attack. These are notably harder to spot.

How to secure your business against phishing attacks:

2. Password spray

In a scenario like this, attackers will try a large list of possible passwords for a given account (or set of accounts). It’s doubtful that anyone reading this will find themselves in this camp but research by CyberNews, which looked at 15.2 billion passwords, has revealed the ten most common passwords of 2022…and the results are staggering:

1. 123456
2. 123456789
3. qwerty
4. password
5. 12345
6. qwerty123
7. 1q2w3e
8. 12345678
9. 111111
10. 1234567890

How to secure your business against password attacks:

3. Device-based attacks

Device-based attacks occur when malware is installed on your device in the form of viruses, spyware, ransomware or other unwanted software that’s installed without your knowledge or consent. Of course, if a device is lost or stolen, a whole new set of challenges arise. If you’re only responsible for one or two devices, nothing seems that tricky. But with an estate running in to the hundreds (or more), the impact of device-based attacks is huge.

How to secure your business against device based attacks:

  • Prevent, detect, investigate and respond to advanced threats with Microsoft 365 Defender for Endpoint, with full visibility, protection, and detection across a wide variety of platforms, including macOS, Android, and iOS.
  • Define trusted websites, cloud resources and internal networks with Microsoft Defender Application Guard, helping to protect devices from advanced attacks by opening untrusted websites in an isolated Microsoft Edge browsing window.
  • If a device is lost or stolen, Microsoft InTune mobile device management (MDM) enforces password and/or pin requirements – and wipes the device completely after a specific number of failed attempts.

4. Network-based attacks
Network based attacks are carried out using vulnerabilities within the network or application and include:

How to secure your business against network based attacks:

If you’d like to find out more about how we can help support your IT team to deliver secure cloud-based access and information protection solutions, book a quick call with us.
Interested but not quite ready to talk? Sign up for updates using our super-simple form.