Cyber Attacks
Last updated
Last updated
Malware . It is of cyber attack where malicious software is installed on the victim’s systems through executable files usually without the user’s knowledge. Malware includes malicious software, including spyware, ransomware, viruses, and worms. After installation, a malware can keep track of the user’s activity or can trigger codes resulting into access to sensitive information, login details, credit cards or intellectual properties by the hacker.
--- Malware Attack Types.
Ransomware — Ransomware is a type of malware that blocks access to the victim’s data and threatens to publish or delete it unless a ransom is paid.
Phishing. Phishing refers to spoofing or deceptive communications activities performed by the attackers that appear to originate from a credible source such as emails, messages, legitimate websites that are disguised. Through phishing, attackers try to fetch sensitive information, user details, credit card numbers or make fraudulent attempts. --- Phishing Attacks
Man-in-the-middle attack. An attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client.
DoS/DDoS. A DoS/DDoS attack aims at flooding the target website with overwhelming traffic to exhaust resources and bandwidth of the system. These are not to bring down a website but to breach a security perimeter and smoke out the online systems. This can reduce a user base or may bring down the entire network. ---- DDoS Attack Types
SQL Injection. It occurs when a malefactor executes a SQL query to the database via the input data from the client to server. A successful SQL injection exploit can read sensitive data from the database, modify (insert, update or delete) database data, execute administration operations (such as shutdown) on the database, recover the content of a given file, and, in some cases, issue commands to the operating system.
Zero-day exploit. Zero-day is a software security flaw which is known to the software developers. Attackers try to exploit a vulnerability before a patch or solution is implemented to capture the system with known weaknesses.
Cross Site Scripting. XSS attacks occur when a web app sends malicious code in the form of a side script to another user thus bypassing access controls of the site to same as the origin.
Business Email compromise. This is an attack to spoof business emails and gain illegal access to company accounts and ids to defraud the company or its employees.
Complete Reference Link
Though the purpose of a cyberattack is always malicious, the hacker may use several tools and techniques to perpetrate the attack. Depending on their intent and the end objective, cyber attackers can be roughly grouped into:
They are individuals or groups of individuals who target company information, customer data, or other critical data and try to monetize it on the dark web. They make use of sophisticated tools and techniques, use computer/mobile devices as a medium to perpetrate intelligent, hard-to-discover malicious cyberattacks.
A Phishing Attack entails the cybercriminal sending emails that appear to be from trusted sources. The aim of this type of attack is to acquire a person’s sensitive information or to influence them into doing something.
It might, for example, feature an attachment that downloads malware onto the device when opened. Alternatively, it might provide a link to a fake website to persuade someone to hand over their information or trick them into downloading malicious software.
"Malware" is short for MALicious softWARE which may include spyware, ransomware, viruses, trojans, and worms. It breaches a network through a vulnerability, typically when a user either downloads an email attachment or clicks on a dangerous link that installs risky software.
Malware comes in various forms depending on their end objective. In some cases, cyber-criminals use sophisticated malware to infect all the systems in the network to carry out a distributed denial of service (DDoS) attack.
A virus is the most common type of malware attack. In order for a virus to infect a system it requires a user to click or copy it to media or a host.
Most viruses self-replicate without the knowledge of the user. These viruses can be spread from one system to another via email, instant messaging, website downloads, removable media (USB), and network connections.
Some file types are more susceptible to virus infections – .doc/docx, .exe, .html, .xls/.xlsx, .zip. Viruses typically remain dormant until it has spread on to a network or a number of devices before delivering the payload.
Everyone is familiar with this term. This particular malware copies itself and is capable of spreading across the computers. They attach themselves to different programs and get executed if a user manually launches infected program. Viruses can spread via documents, script files, and cross-site scripting vulnerabilities in web apps.
The SQL injection attack has become a common problem for database-driven websites. These attacks occur when a SQL query is executed by a cyber criminals and issued to a database, delivered from the client to the server via the input data.
When a SQL injection attack is successful, sensitive information can be read, stolen, modified, inserted, updated, or deleted. Cyberattackers can also execute administration processes, like shutdown, on the database; recover content from any given file; and even issue commands to the operating system.
Ref: Click Here
DoS: This attack is used by hackers to overload a system’s resources, Servers or Networks, which causes the system to become unresponsive to service requests.
DDoS: Overwhelming the target with a flood of activity from hundreds or even thousands of devices in a botnet. It meaans targets the system’s resources, but the source of the launch comes from a large number of host machines, each of which is infected and under the control of the cyberattacker.
Work in partnership with botnets
Types of DoS/DDoS Attacks
They are a group of attacks where the attacker injects code or malicious scripts directly into a benign website without attacking the website itself. The attacker writes the script in JavaScript, Flash, Ajax, etc.
This attack is also known as eavesdropping attack. Attackers insert themselves secretly between the user and a web service they’re trying to access. They then can filter and steal data. For instance, an attacker might set up a Wi-Fi network with a login screen designed to mimic a hotel network and as soon as a user logs in, the attacker may steal the information, such as a banking password, that user sends on that network.
This attack is also known as eavesdropping attack. Attackers insert themselves secretly between the user and a web service they’re trying to access. They then can filter and steal data. For instance, an attacker might set up a Wi-Fi network with a login screen designed to mimic a hotel network and as soon as a user logs in, the attacker may steal the information, such as a banking password, that user sends on that network.
This attack comes in many flavors, like IP and DNS spoofing, replay attack, and session hijacking.
The rogue access point is an unauthorized node in the network but is still somehow operating. Using such open wireless access points, attackers may try to gain access to nearby devices. They usually come with no encryption or authentication, so that maximum devices in proximity can connect. The attacker, thus, compromises the network data.
This attack occurs when a network’s vulnerability is announced but a patch or solution is yet to be implemented. Attackers sneak-in during this window of time.
In the face of complex security threats and newly emerging attack techniques, howsoever robust a system/web application may be, it is never totally secure. This overarching reality, however, should not deter us from ingraining cybersecurity best practices, which act as the first line of defense in the event of a potent cyberattack.
Based on the observations made in the sections on different cyberattacks, let us have a look at the practices, techniques, and policies to prevent cyberattacks:
Use a comprehensive anti-virus solution that tracks your employees’ online activities, websites they visit, and attachments they open, etc. to keep malware attacks at bay.
Install a robust firewall and configure it appropriately to facilitate a secure online experience for your employees. A third-party firewall (in addition to the default internal firewall) gives the extra security cushion needed for your business. An email quarantine engine would help identify spam/phishing sources before delivering it to employees. You may also apply advanced security features such as runtime application self-protection to prevent attacks in real-time.
Monitor your network regularly and investigate any suspicious activity immediately to prevent any untoward incident. Investing in comprehensive security suites, like AppSealing, can make all the difference between preventing a cyberattack and regretting the losses from a preventable cyberattack.
Prepare a detailed cybersecurity policy document and adhere to it as far as possible.
Train and educate your stakeholders, including employees and vendors, on how to conduct themselves safely while being online and make them aware of safe browsing practices and security policies.
Schedule regular data backup (including cloud data) as an organizational practice and store the backup in a separate server. This habit prevents critical data loss in the event of a cyberattack, including ransomware attacks.
Enforce strong and safe password practices to prevent security breaches, especially with multiple devices accessing data from company networks. Strong passwords are still one of the most elementary ways to enforce cybersecurity across the organization.
Engage with security specialists and conduct a vulnerability assessment and penetration testing to identify loopholes in your application and undertake remedial measures to prevent your application from becoming a source of perpetrating malware/XSS attack.
In short, adopting a proactive approach is the only sustainable way to handle contemporary security threat scenarios. This approach should build a robust security architecture that addresses both network and application security needs of an organization.
Malware Types --- Click Here