A cyber attack is an assault launched by cybercriminals using one or more computers against a single or multiple computers or networks. A cyber attack can maliciously disable computers, steal data, or use a breached computer as a launch point for other attacks. Cybercriminals use a variety of methods to launch a cyber attack, including malware, phishing, ransomware, denial of service, among other methods.
A cyberattack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.
A cyberattack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.
How often do cyber attacks occur?
Cyber attacks hit businesses every day. Former Cisco CEO John Chambers once said, “There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.” According to the Cisco Annual Cybersecurity Report, the total volume of events has increased almost fourfold between January 2016 and October 2017.Why do people launch cyber attacks?
Cybercrime has increased every year as people try to benefit from vulnerable business systems. Often, attackers are looking for ransom: 53 percent of cyber attacks resulted in damages of $500,000 or more.Cyberthreats can also be launched with ulterior motives. Some attackers look to obliterate systems and data as a form of “hacktivism.”
What is a botnet?
A botnet is a network of devices that has been infected with malicious software, such as a virus. Attackers can control a botnet as a group without the owner’s knowledge with the goal of increasing the magnitude of their attacks. Often, a botnet is used to overwhelm systems in a distributed-denial-of-service attack (DDoS) attack.Common types of cyber attacks
Malware
Malware is a term used to describe malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software. Once inside the system, malware can do the following:
- Blocks access to key components of the network (ransomware)
- Installs malware or additional harmful software
- Covertly obtains information by transmitting data from the hard drive (spyware)
- Disrupts certain components and renders the system inoperable
Phishing
Phishing is the practice of sending fraudulent communications that appear to come from a reputable source, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyberthreat.
What Is Phishing?
What Is Phishing?
Man-in-the-middle attack
Man-in-the-middle (MitM) attacks, also known as eavesdropping attacks, occur when attackers insert themselves into a two-party transaction. Once the attackers interrupt the traffic, they can filter and steal data.
Two common points of entry for MitM attacks:
1. On unsecure public Wi-Fi, attackers can insert themselves between a visitor’s device and the network. Without knowing, the visitor passes all information through the attacker.
2. Once malware has breached a device, an attacker can install software to process all of the victim’s information.
Two common points of entry for MitM attacks:
1. On unsecure public Wi-Fi, attackers can insert themselves between a visitor’s device and the network. Without knowing, the visitor passes all information through the attacker.
2. Once malware has breached a device, an attacker can install software to process all of the victim’s information.
Denial-of-service attack
A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of-service (DDoS) attack.
These are used to make an online service unavailableand take the network down by overwhelming the site with traffic from a variety of sources. Large networks of infected devices known as Botnets are created by depositing malware on users’ computers. The hacker then hacks into the system once the network is down.
These are used to make an online service unavailableand take the network down by overwhelming the site with traffic from a variety of sources. Large networks of infected devices known as Botnets are created by depositing malware on users’ computers. The hacker then hacks into the system once the network is down.
SQL injection
A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box.
Zero-day exploit
A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
DNS Tunneling
DNS tunneling utilizes the DNS protocol to communicate non-DNS traffic over port 53. It sends HTTP and other protocol traffic over DNS. There are various, legitimate reasons to utilize DNS tunneling. However, there are also malicious reasons to use DNS Tunneling VPN services. They can be used to disguise outbound traffic as DNS, concealing data that is typically shared through an internet connection. For malicious use, DNS requests are manipulated to exfiltrate data from a compromised system to the attacker’s infrastructure. It can also be used for command and control callbacks from the attacker’s infrastructure to a compromised system.
___________________________________________
___________________________________________
Negative impacts of cyber attacks:
Cyber-security researchers have identified a total of at least 57 different ways in which cyber-attacks can have a negative impact on individuals, businesses and even nations, ranging from threats to life, causing depression, regulatory fines or disrupting daily activities.
Overall the researchers identified five key themes under which the impact – referred to in the article as a cyber-harm – from a cyber-attack can be classified:- Physical/Digital
- Economic
- Psychological
- Reputational
- Social/societal
- Do not share any sensitive information like your email ID, password, credit cards details, etc., on forums or websites.
- Make sure your password is complex and not something that is easy to guess. For example, avoid using your name, birth date, or common numeric passwords like 12345 for important accounts. Use a combination of different characters and numbers instead.
- Before clicking a link, make sure the website is legitimate. Check for any spelling mistakes in the message received or in the URL itself.
- Update your system with the latest software update. These updates are aimed at fixing existing bugs and also improve the security of the system.
- Scan your system very often using trustworthy anti-virus software.
- Do not open or reply to spam messages and emails.
- Avoid using open Wi-Fi. These networks are not secure and hackers can easily inject a malicious code to gain access to your data.
- Use a Virtual Private Network (VPN) that creates a secure tunnel between you and the website.
0 Comments