Anyone who does anything online should be aware of the risk of a cyber attack. This is particularly important for businesses as more is at stake, including the safety of their customers. Learning more about cyber attacks, including what they are and how to prevent them, can dramatically improve your online safety.
What is a cyber attack?
A cyber attack is any action taken by cybercriminals with malicious goals in mind. Cybercriminals launch their attacks using one or more computers to strike other computers, networks or information systems.
A variety of methods can be used to launch a cyber attack, but the goals is commonly to:
- Steal data
- Destroy information or data
- Change data
- Disable computers
- Achieve financial gain
Why do cyber attacks happen?
Cyber attacks are usually either criminally or politically motivated. Adversaries can be either a private person, state actor or a criminal organization. But the main answer to why these attacks even happen, is to look at the goals behind each of them. The criminals don’t always want the same thing, which is why there is not one simple answer to the question why cyber attacks happen.
Some cybercriminals want money or information, while others might just want to cause problems. Then there are those who attack systems to destroy them for personal reasons, such as disgruntled ex-employees.
Common types of cyber attacks
There are many types of cyber attacks, but some threat actions are more common than others. The most common threat actions include various types of malware, ransomware, denial of service, and phishing.
Active vs. Passive attacks
Before exploring the specific types of cyber security attacks, consider the two main categories, passive and active. Passive attacks will not affect the resources in the system and instead aim to discover information. By contrast, active attacks aim to impact either the Confidentiality, Integrity or Availability of a system.
Distributed Denial of Service
Distributed Denial of Service (DDoS) attacks occur when hackers try to prevent access to a website or server. To achieve that goal, the cybercriminals use many systems and overload the targeted system – making it unavailable to legitimate users.
Man in the middle
In this type of cyber attack, the cybercriminal gets between the web service and the user. An example would be an attacker creating a Wi-Fi login page on a public network to mimic the real one. Once the victim logs in, the cybercriminal can see the information they enter, including important passwords.
Phishing is a common type of cyber security attack. This typically involves sending emails that appear official but are in fact from cybercriminals, typically asking for personal information. Unfortunately, even as spam filters advance, cybercriminals continue developing ways to evade them.
Ransomware is a type of malware or syntactic attack that encrypts files on the targeted device. Then, the cybercriminals demand money in exchange for unencrypting the files.
Supply chain attacks
Software supply chain attacks are a type of cyber attack that compromises the code in common software, with the goal of providing access for attackers to those users who use the application. It is a result of another attack being used on the software vendor fx a syntactic attack.
Some of these cyberattacks have the goal of affecting the maximum number of victims. An example was the PrismWeb attack, which affected more than 200 online stores for university campuses.
This type of cyber attack can also have specific targets. In this situation, the cybercriminals have a target and choose a program or software that can give them access. The criminals might take advantage of others affected by the attack, depending on their goals.
The name of this attack comes from its use of SQL commands. SQL is an abbreviation for Structured Query Language, and when using a SQL injection as a cyber attack you are trying to take control of and possibly steal from a database. By inserting malicious code into a database the cybercriminals exploit vulnerabilities in data-driven applications from where they gain access to sensitive information.
Syntactic attacks or malware
Syntactic attacks refer to malicious software like Trojans, worms, and viruses that infect a computer. Viruses are self-replicating and attach themselves to other files. Worms are similar but do not rely on another file, as they are self-running. Trojans bring malicious software onto devices under the guise of legitimate software, such as a keyboard logger.
These refer to when attackers exploit the vulnerabilities in software that the developers have not fixed yet.
Examples of cyber attacks
To showcase the seriousness of cyber security attacks, consider some of these attacks from recent years.
Mafiaboy denial of service attack in 2000
Going all the way back to Feb. 7, 2000, one of the first Denial of Service attacks to make headlines occurred. The attack was executed by the then 15 year old hacker going by the name “Mafiaboy”, who successfully reduced the traffic on eBay, CNN, Amazon, Buy.com, and other major sites. The FBI estimated that the affected sites had suffered $1.7 billion in damages.
WannaCry in 2017
This ransomware attack encrypted computers, demanding Bitcoin to unlock the files. It affected critical organizations such as the NHS in the UK. The particularly critical part of this breach was that it spread via a vulnerability in Windows discovered by the US National Security Agency. The cybercriminals utilized this vulnerability to orchestrate the devastating attack.
NotPetya in 2017
Petya was ransomware similar to other attacks in 2016, but in June 2017 saw greater utilization with a new version, called NotPetya. It used the same exploit as WannaCry.
Citrix Breach in 2019
In March 2019, Citrix was the victim of a password spraying attack. This type of attack involves hackers trying to gain access by exploiting weak passwords.
Capital One Breach in 2019
In July 2019, Capital One discovered hundreds of thousands of credit cards had been compromised, including leak of social security numbers and birthdays. Oddly enough, there is no evidence the information and data was used for fraud or even shared by the attacker who gained access.
Ways to prevent a cyber attack
The good news is that while cyber attacks are a significant risk, there are also numerous strategies to protect against them. By learning what a cyber attack is and the most common methods and tactics used, you can take appropriate precautions. Here is our best cyber safety tips and how to protect yourself against cyber attacks.
- Backup data: Backups can help in several situations. They will minimize the damage if a cybercriminal removes or changes data in your system and reduces the effect of a ransomware attack.
- Control system access: You can also reduce the risk of cyberattacks by being diligent with system access, including revoking access as soon as someone leaves the company, and having strict role-based access control implemented. This can prevent disgruntled former employees from acting maliciously and make sure only the right people have the appropriate permissions.
- Get professional assistance: It is important to be able to stay up to date with the latest cybersecurity threats and strategies, and to detect attacks fast. The last thing can be done using a security monitoring tool such as a SIEM solution.
- Multi-factor authentication: Using multi-factor authentication helps prevent hackers from gaining access to your network or devices if they find passwords. This is particularly important for companies, where a high risk of phishing emails is present.
- Provide employee education: Make sure that your employees are aware of the importance of cybersecurity and how to avoid cyber attacks, including the risks of malware and phishing.
- Update systems: No matter the system or program you use, it should always be updated. This lets you take advantage of the latest security patches that address known vulnerabilities.
- Use firewalls and antivirus: All devices on your company’s network should have antivirus and firewalls software installed. This provides another layer of protection by detecting malware and reducing other risks.