Fri Jun 22 2018
Different Kind of Attacks in Cyberspace
Nowadays cyber attack becomes a very common news and a trending topic, but many of us don’t know what actually cyber attack is and how hackers can attack you via the Internet. Today, we are going to discuss cyber attacks and its types that can help you to aware more about that risks, and that will give you insight into how best to confront them.
So, let's start it -
Cyber Attacks, in a way, can be broadly considered to be a part of Cyber Crime. Cyber attacks are malicious Internet operations launched mostly by criminal organizations. Countries also get involved in so-called state-sponsored cyber attacks, where they seek to learn classified information on a geopolitical rival.
Criminals launch cyber attacks for numerous reasons - to steal money, gain access to financial and sensitive data, weaken integrity or disrupt the operations of a certain company or individual. Attacks often result in crimes such as financial fraud, information or identity theft.
There are a number of different ways a criminal hacker can implement a cyber attack, and they all depend on what the criminal hacker is trying to gain. Attackers can use multiple routes, including web, email, and malicious files, to exploit different vulnerabilities in your business' systems, networks or processes.
The types of Cyber Attacks -
Malware
Malware is simply defined as code with malicious intent that typically steals data or destroys something on the computer. It's an all-encompassing term for a variety of cyber threats including Trojans, spyware, viruses, rootkits, and worms.
It's most often introduced to a system through email attachments, software downloads or operating system vulnerabilities.
As for spyware, hackers introduce a software into your system that looks for the simplest form to track keystrokes to get passwords or electronically spy on your network, whether to gain access to confidential information or spying in order to gain access to identifiable information.
A “worm” is similar to a virus but it spreads differently. In order to affect your files, a worm eats into your system and runs on its own. If a worm is introduced into your system, it could replicate by resending itself from your system to everyone in your contacts list; so one person lets it in and then it just compounds itself; depending on how it’s written, it could get back to every contact on your list.
Rootkits are malware that infects your PC on a deeper level, in order for them to be undetectable. Computers are structured in layers. A program can only modify other software from the same layer or above, but not from a deeper one since it doesn’t have access. For instance, a program like Excel, Photoshop or Word isn’t able to modify underlying software such as the software drivers for graphics cards or sound cards. The deepest layer is the BIOS, which controls a PC’s boot-up procedure and other software aspects. Rootkits usually target this access layer since an antivirus program has a very difficult time finding and removing the rootkit. Rootkits can enslave computers into a botnet, listen in on a user’s internet traffic, or make other types of malware undetectable. It’s safe to say they are the worst type of malware infection out there.
Trojan malware infects your PC by making you think they are a completely different sort of program. For instance, the program might claim to be an antivirus software but is actually a keylogger or spyware in disguise.
Most people think that virus and malware both are same. But that’s not actually true. A virus is a type of malware. In other words, all viruses are malware, but not all malware are viruses. A virus is a type of malware that can spread and infect other computers, hence the name virus. A single computer can spread a virus in a whole network, usually by infecting other files that are then shared with the rest of the network.
Phishing attacks
During a standard phishing attack, a malicious hacker tries to trick the victim into believing he is trustworthy, in order for the user to do a certain action.
The most famous of these is the “Nigerian prince” scam. In this case, the malicious hacker claims to be a wealthy Nigerian who requires your help in transferring tens of millions of dollars out of his home country. As a reward for your service, the “prince” will send you a prize of money. All you have to do is to provide him with some personal information and a small fee to process the money transfer, and you’re rich for life! It’s all a scam. There is no Nigerian prince or tens of millions of dollars. The only real money in the scheme is the “processing fee” you provide. Malicious hackers send out thousands, or even hundreds of thousands of phishing emails in order to maximize the number of infected users.
Spear phishing attacks
Spear phishing, on the other hand, is much more targeted. It involves personalizing the phishing email around the receiver. Here are some examples -
The phishing email is designed to look like it came from a bank (or another type of trusted entity). Due to some technical issues or any other reason, they ask you to re-enter your login information for your bank account. But the form you type in the login info belongs to the malicious hacker, who can now clean your bank account.
You get a fake email disguised as a Gmail/Yahoo/Outlook email, which requires you re-enter your login information to confirm “it’s really you”. Some cheeky cyber criminals might even say someone else tried to log in to your account. This is the method used for one of the most high-profile hackings of recent years.
A fake email from a manager/CEO about important company files. In such cases, the spear phishing email will contain a malware infected Excel/Word file that once opened will unleash a malware attack on your PC. In these cases, the hacker is more interested in the company’s data, not your own; that’s why it’s called the CEO fraud.
Unauthorized disclosure
This happens whenever a company or organization discloses personal information about you, without asking for your authorization. This happens for instance when a medical provider leaks your personal health information.
Adware
This is malicious software used to feed you ads and track your online behavior in order to improve how advertisers can target you. Often times, adware comes attached to free programs such as music players or other comparable software.
DNS attacks
Normally, Internet pages are stored using numbers, not words. These numbers are called IP addresses. In order to make them easier to remember for humans, these IP addresses are translated into letters and names. The translation from IP addresses to names takes place on Domain Name Servers, shorted as DNS. The information is also stored there. During DNS hijacking, an online attacker will override your computer’s TCP/IP settings so that the DNS translation gets altered.
URL Injection
During a URL injection, a malicious hacker infects a website by creating new pages in it. These pages, in turn, contain malicious links, spammy words or even malicious code that forces visitors on the page to be part of a DDoS attack or redirects them to a different website. A malicious hacker can do a URL injection thanks to weaknesses in IT infrastructure, such as WordPress plugins or within any other type of HTML code.
WEB APPLICATIONS (XSS)
Many Web applications contain vulnerabilities that allow attackers to use Cross Site Scripting (XSS) to misrepresent a website. As a result, attackers are often able to get victims who interact with these illegitimate web pages to unwittingly click on a malicious script or capture login credentials.
BOTNETS
Most people are never aware of their participation in a botnet Army since the impact to an individual system is minimal. However, when hundreds of these unobtrusive Bots are instructed to forward transmissions to a single Web application, they can represent a serious security threat.
Password Attacks
A password attack is exactly what it sounds like: a third party trying to gain access to your systems by cracking a user’s password. This type of attack does not usually require any type of malicious code or software to run on the system. There is software that attackers use to try and crack your password, but this software is typically run on their own system. Programs use many methods to access accounts, including brute force attacks made to guess passwords, as well as comparing various word combinations against a dictionary file.
Denial-of-Service (DoS) Attacks
A DoS attack focuses on disrupting the service to a network. Attackers send high volumes of data or traffic through the network i.e. making lots of connection requests until the network becomes overloaded and can no longer function. There are a few different ways attackers can achieve DoS attacks, but the most common is the distributed-denial-of-service (DDoS) attack. This involves the attacker using multiple computers to send the traffic or data that will overload the system. In many instances, a person may not even realize that his or her computer has been hijacked and is contributing to the DDoS attack.
MITM (Man in the Middle)
MITM can obtain information from the end user by impersonating the endpoints in an online information exchange that is the connection from your smartphone to a website and the entity he or she is communicating with. For example, if you are banking online, the man in the middle would communicate with you by impersonating your bank, and communicate with the bank by impersonating you. The man in the middle would then receive all of the information transferred between both parties, which could include sensitive data, such as bank accounts and personal information. MITM gains access through a non-encrypted wireless access point that is one that doesn’t use WAP, WPA, WPA2 or other security measures. They would then have access to all of the information being transferred between both parties.
Rogue Software
Malware that masquerades as legitimate and necessary security software that will keep your system safe. Rogue security software designers make pop-up windows and alerts that look legitimate. These alerts advise the user to download security software, agree to terms or update their current system in an effort to stay protected. By clicking “yes” to any of these scenarios, the rogue software is downloaded to the user’s computer.
Social engineering/cyber fraud
Social engineering is used to deceive and manipulate individuals in order to gain computer access. This is done by making individuals click malicious links or by physically gaining access to a computer through deception.
Drive-By downloads
A drive-by download attack targets a user through their Internet browser, installing malware on their computer as soon as they visit an infected website. It can also happen when a user visits a legitimate website that has been compromised by hackers. They are then infected directly from that site or redirected to a malicious site.
Anyone of these cyber attacks can be easily implemented if your organisation does not have the proper cybersecurity in place. It is vital to assess your organisation’s level of cyber security in order to see where your weaknesses are, and how you can ensure that you are fully protected.
If you want to start preventing your business through cybersecurity improvement programme, then check out our another article about cyber-security.
If you find anything else that you believe very important to discuss, then, don’t hesitate to share with us in the comments section. Thank you!