Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

How to spot a cyberattack if you are not a security pro

April 2024 Editor's Choice

Business owners and executives dread receiving the call that criminals have breached their computer systems. It may happen in a flash, but this moment is often the culmination of days to months of moves by cybercriminals, finding ways into systems, gaining control, and eventually executing an attack. It is the proverbial iceberg; the breach is just the visible tip of the operation.

"Vigilance and knowledge are our most potent weapons in the battle against cyberattacks," asserts Gerhard Swart, Chief Technology Officer at Performanta. It is in the criminals' best interest if ONLY security teams can detect the signs of an impending attack. The good news is that anyone can grasp the basics of a cyberattack and spot suspicious activities."

How to spot a cyberattack

Popular culture's depiction of a cyberattack is often very misleading. The cybercriminal figure is someone sitting in a dark room, typing a few commands into a laptop, then sitting back and sipping a drink while their code causes havoc. The reality is very different.

Cyberattacks have multiple stages that can happen sequentially or concurrently. Security experts often refer to a standard blueprint called the Cyber Kill Chain, developed by Lockheed Martin. This blueprint describes seven stages: reconnaissance, weaponisation, delivery, exploitation, installation, command and control, and actions.

Briefly, the stages involve:

1. Reconnaissance: The criminals find targets and research their weak areas, such as weak passwords.

2. Weaponisation: The criminals prepare tools for the attack, such as malware or deepfakes.

3. Delivery: The criminals initiate an attack to try and enter the systems, often using phishing emails.

4. Exploitation: The criminals worm into the systems and prepare for a larger attack.

5. Installation: The criminals use their extended knowledge of the breached computer systems to install more tools and backdoors.

6. Command and control: The criminals expand their control to run the breached systems effectively.

7. Actions: The criminals launch their main assault, at which point the breach often becomes visible.

Detection is better than cure

Knowing these details, how can you spot an attempted cyberattack? There are often telltale signs to look out for, namely:

• There has been a surge in phishing emails targeting your or your employees. Emails that are not from where they claim to be, stress great urgency, or contain unsolicited attachments or links should be treated with suspicion.

• Unusual network traffic or file access attempts: reports of unexpected traffic or files being accessed, especially by accounts that normally do not do so (such as a sales accountant trying to access financial records).

• Account logins at strange times or unusual locations: when someone logs in at 2am or from an undisclosed location, that can be a massive red flag.

• Stolen or lost devices: Though stolen devices can be a case of petty theft; if someone loses a phone that can authenticate account logins, there is cause to take that seriously.

• Passwords no longer work: If you cannot access an account yet have not changed the password, there is reason to be concerned.

The above signs might also result from other causes, but as the maxim goes, just because you are paranoid does not mean they are not out to get you.

Three steps to strengthen security

Firstly, they should support and encourage security training for their staff, including regular tests, and do so supportively. Businesses should make their employees feel like part of the solution, not the problem. Secondly, businesses should encourage general vigilance - if someone notices something strange, they should speak up. Employees should be given accessible channels to notify security concerns, even frivolous ones. Thirdly, businesses should look to invest in technology services that improve detection, visibility, and reporting. Security tasks can quickly overwhelm security and IT teams, while the right security services alleviate such pressure.

"When you stop that phishing mail or inform your security admin about suspicious activity, you deal a big blow to the attackers' plans," says Swart. "When companies combine good security habits and technologies with security-savvy employees, they become a very hard target, and the bad guys usually go looking for something easier."

It might seem worth taking the risk. After all, what are the odds you will be attacked? Unfortunately, they are considerable as South Africa is a major cybercrime target, and fixing the damages of a cyberattack is very costly. Prevention is better and cheaper than cure! Even if you are not a security pro, you can help spot cyberattacks and avoid such risks.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...
IQ and AI
Leaderware Editor's Choice Surveillance AI & Data Analytics
Following his presentation at the Estate Security Conference in October, Craig Donald delves into the challenge of balancing human operator ‘IQ’ and AI system detection within CCTV control rooms.

Read more...
Onsite AI avoids cloud challenges
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure AI & Data Analytics
Most AI programs today depend on constant cloud connections, which can be a liability for companies operating in secure or high-risk environments. That reliance exposes sensitive data to external networks, but also creates a single point of failure if connectivity drops.

Read more...
Toxic combinations
Editor's Choice
According to Panaseer’s latest research, 70% of major breaches are caused by toxic combinations: overlapping risks that compound and amplify each other, forming a critical vulnerability to be exploited.

Read more...
Continuum launches centralised access and identity management
Editor's Choice Access Control & Identity Management Integrated Solutions Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...
Private fire services becoming the norm?
Technews Publishing SMART Security Solutions Editor's Choice
As the infrastructure and service delivery in many of South Africa’s major cities decline, with a few, limited exceptions, more of the work that should be done by the state has fallen to private companies.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...
SMART Estate Security Conference KZN 2025
Arteco Global Africa OneSpace Technologies SMART Security Solutions Technews Publishing Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
May 2025 saw the SMART Security Solutions team heading off to Durban for our annual Estate Security Conference, once again hosted at the Mount Edgecombe Country Club.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.