Cyber attacks are deliberate attempts by an individual or organization to breach the computer system of another individual or organization. The attacker’s ultimate goal is to gain some benefit from disrupting the victim’s network.
DoS and DDoS Attacks
- A denial-of-service (DoS) attack is designed to overload a system’s resources to the point where that system is unable to respond to legitimate service requests.
- A distributed denial-of-service (DDoS) attack is similar as it seeks to drain a system’s resources. A DDoS attack is initiated by a wide range of host machines infected with malware and controlled by the attacker.
These attacks are called “denial of service” because the victim site is unable to service the requests of those who access it legitimately.
Malware
Malware is the general term for software-damaging viruses including worms, spyware, ransomware, adware, and trojans, and is one of the most common types of cyber attacks.
It penetrates a network through a vulnerable point, infects the computer, and changes the way it operates.
Some cyber attacks may involve different forms of malware: phishing, ransomware, SQL injection, MITM attacks, drive-by attacks, and XSS attacks.
Phishing
In phishing attacks, an attacker poses as a trusted contact and sends fake e-mail or sms messages to the victim in an attempt to steal sensitive information from the target.
Phishing attacks combine social engineering and technology and are so called because the attacker is “fishing” for access by using the pretence of being a trustworthy sender as bait to gain access via a verified user.
To carry out the attack, the attacker may send a link that downloads the malware directly as soon as the user clicks the link. Alternatively, the link takes users to a credible-looking but fake website that tricks them into inserting their confidential information, such as access credentials, bank account information, and more.
The risk of successful phishing attacks via social engineering has been greatly increased recently thanks to AI tools such as Chat GPT from Microsoft-funded OpenAI.
ChatGPT, OpenAI’s generative AI tool, was first released in November 2022 and reached one million users in just a few days. It is capable of writing plausible-sounding essays and articles, and even computer code ー and also of creating highly credible phishing emails.
Ransomware
During a ransomware attack, the victim’s system is held hostage via some malware until the target company or individual agrees to pay a ransom to the attacker in return for the antidote code.
In this type of attack, the ransomware is directly downloaded into the victim’s system from a website or an e-mail attachment.
Sometimes, ransomware can be used to attack multiple parties by denying access to the company’s entire database, to several computers across different partner or collaborator companies, or to a central server essential to business operations.
The attack on multiple computers emerges only days or even weeks after the malware’s initial penetration.
SQL injections
Structured Query Language (SQL) is a common means of requesting information from a database. This method exploits websites that depend on databases to serve their users.
An SQL attack uses a SQL query sent from the client to a database on the server.
The command is inserted (injected) into a database in place of something else that is normally located there, such as a password or login.
The database then executes the command which allows the system to be penetrated.
Man-in-the-middle (MITM) attack
Man-in-the-middle (MITM) cyber attacks refer to computer security breaches that allow an attacker to eavesdrop on data sent back and forth between two people, networks, or computers.
It is called a man-in-the-middle attack because the attacker positions him- or herself between the two parties communicating and illicitly accesses the message before it reaches its destination.
Cross-site scripting (XSS) attacks
With XSS, or cross-site scripting, the attacker transmits malicious scripts (pieces of computer program that execute an operation on a computer or server) by means of clickable content that is sent to the target’s browser.
When the victim clicks on the content, the script is executed.
Since the user has already logged into his or her “secure” session on a web application, he or she perceives whatever they view there as legitimate.
However, the executed script crafted by the attacker results in the user either revealing confidential information or enabling the attacker to access and hijack the application.
Zero-day exploit
A Zero-Day Exploit occurs after a network vulnerability has been announced.
The vendor notifies the public about the vulnerability so its users are aware of it; however, this news also reaches potential attackers.
The attackers hurry to exploit the vulnerability before a solution (patch or bug-fix) is implemented.
What steps should you take regularly to avoid a cyber attack?
- Change your passwords regularly
- Update your operating system and applications frequently
- Always use a firewall and other network security tools
- Avoid opening emails from unknown senders
- If you receive an email from an apparently “known” and “safe” sender, always open the site directly and independently, without clicking the link in the message you received; once on the site, check directly there whether the same invitation or message is displayed.
- Use a VPN
- Back up your data regularly and in at least two independent locations
- Regularly remind your employees about cybersecurity principles
- Use two- or multi-factor authentication
- Always protect your Wi-Fi network
- Make sure you also always protect your cell phone, since they are also a frequent target for cyber attacks.
Comply cares about your security. Learn more here.
