Analysing and protecting against existing cyber attacks
Lamberti, Lorenzo (2019)
Lamberti, Lorenzo
2019
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2019052913332
https://urn.fi/URN:NBN:fi:amk-2019052913332
Tiivistelmä
Too often, companies tend to underestimate the importance of cyber security. Either too expensive or too complicated, cyber security measures are sometimes overlooked and some systems reveal to be openly vulnerable to any hacker that would like to take advantage of them. The damage and the costs of an attack can be really high depending on the business activity.
This thesis aims at helping companies to understand how hackers think and act, and giving them some basic guidelines on how to approach cyber security and defend against the most common cyber attacks that occur today. This research is conducted around the typical activity and installation of companies, meaning information related to internal networks, web application or websites is included in this document. Interviews were conducted with security experts, that were asked about their experience and the general approach that companies have on cyber security. From these conversations were extracted various issues and pieces of advice. The common mistakes will be explained, and tools and techniques will be presented according to the answers that were given as well as documentation from specialized companies.
Laws and the methodology of a hacker will be explained first. Using elements from this part, a list of common attacks will follow, with their specific solutions to avoid facing them. Lastly, solutions including business processes, best practices, technological measures and tools will be discussed.
The results show that even with low budget, companies can defend themselves against attacks that occur today. There are a lot of elements that can be implemented that will boost the level of security and also prepare the enterprise to react to modern threats. Even if total security cannot be achieved, this document provides a good overview on what to focus on as a business.
This thesis aims at helping companies to understand how hackers think and act, and giving them some basic guidelines on how to approach cyber security and defend against the most common cyber attacks that occur today. This research is conducted around the typical activity and installation of companies, meaning information related to internal networks, web application or websites is included in this document. Interviews were conducted with security experts, that were asked about their experience and the general approach that companies have on cyber security. From these conversations were extracted various issues and pieces of advice. The common mistakes will be explained, and tools and techniques will be presented according to the answers that were given as well as documentation from specialized companies.
Laws and the methodology of a hacker will be explained first. Using elements from this part, a list of common attacks will follow, with their specific solutions to avoid facing them. Lastly, solutions including business processes, best practices, technological measures and tools will be discussed.
The results show that even with low budget, companies can defend themselves against attacks that occur today. There are a lot of elements that can be implemented that will boost the level of security and also prepare the enterprise to react to modern threats. Even if total security cannot be achieved, this document provides a good overview on what to focus on as a business.