Cyber Attacks like any criminal activity cannot be predicted nor completely avoided. However, being aware and having the ability to identify such attacks are valuable should the unexpected occur and could avoid you from losing precious data. Statistics show an attack occurs every 39 seconds and 43% of attacks target small business’ costing billions;
Here are 5 common cyber-attacks to watch out for:
DoS is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic or sending it information that triggers a crash. In both instances, the DoS attack deprives legitimate users of the service or resource they expected.
While a DoS may not have direct access to important data, it is a means of gaining access to a network. It can be used as a smokescreen to distract from other methods of attack. Overwhelming a company’s primary system may expose other present vulnerabilities. Commonly it is used by protestors to disrupt your services or competition to take away visitors from your website, and for many organisations, this can be critically damaging.
Indicators of a DoS attack include:
- A typically slow network performance such as long load times for files or websites
- The inability to load a particular website such as your web property
- A sudden loss of connectivity across devices on the same network
With a traditional MITM attack, attackers place themselves between two end points of data transmission and intercepts this. The cyber criminal needs to gain access to an unsecured or poorly secured Wi-Fi router. These types of connections are generally found in public areas with free Wi-Fi hotspots, they scan the router looking for specific vulnerabilities such as a weak password.
Once attackers find a vulnerable router, they can deploy tools to intercept and read the victim’s transmitted data. The attacker can then also insert their tools between the victim’s computer and the websites the user visits, to capture log in credentials, banking information, and other personal information.
SQL injection attack
A SQL (Structured Query Language) injection, also known as SQLI, is a common attack path that uses malicious SQL code for backend database manipulation, accessing confidential information including sensitive company data, user lists or private customer details.
Including unauthorized viewing of user lists, effects can include the deletion of entire tables and, in certain cases, the attacker gaining administrative rights to a database, all of which are highly detrimental to an organisation.
Phishing and Spear Phishing attacks
Phishing is an attack often used to steal user data, including login credentials and credit card numbers. Attackers masquerade as a trusted entity, duping a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.
Email phishing is a numbers game. Attackers send out thousands of fraudulent messages netting a significant information and sums of money, even if only a small percentage of recipients fall for the scam. Great lengths will be explored in designing phishing messages to mimic actual emails from a spoofed organization. Using the same phrasing, typefaces, logos, and signatures makes the messages appear legitimate.
In addition, attackers will usually try to push users into action by creating a sense of urgency. An email could threaten account expiration and place the recipient on a timer. Applying such pressure causes the user to be less diligent and more prone to error.
Typical Phishing scams consists of:
- Emails informing of deactivation and urging password resets
- Requests for personal details such as banking
- Downloadable attachments which disguise malicious malware
- Emails disguised as your bank or colleagues sent from a public account such as Gmail rather than the company domain
- Links to URLS which are misspelt
Malware & Ransomeware Attack
“Malware” is short for “malicious software” - computer programs designed to infiltrate and damage computers without the users consent. Malware can take many different forms including viruses, worms, trojan horse and more. Initially created as pranks in the early 1980’s, as the internet expanded and became everyone’s tool for business, virus writers and hackers started to focus their talents on more criminal activity.
Ransomeware is a clear example of this. Often delivered as a phishing scam or in a more aggressive form - exploiting security holes which infect computers. Once a ransomeware has taken over your computer, it threatens you with harm, usually by denying you access to your data. A ransom is demanded from the victim, which once paid the attacker will restore access to the data - however in certain circumstances this has not prevailed. One of the most recent worldwide ransomeware attacks was infamous WannaCry in 2017.
Users are shown instructions for how to pay a fee to get the decryption key. Costs can range from a few hundred to thousands, payable to cyber criminals in Bitcoin.
Today many experts believe the amount of malicious software being released on the web, might actually surpass the release of valid software.
Malware uses a variety of different delivery mechanisms, the most common are:
- Trojan Horse: A program which appears to be one thing, a game, or useful application; relying on the user to download it and run it on the target.
- Virus: A type of self - propagating malware which infects other programs/files of a target, via code injection. The virus injects itself into existing software/data and spreads to other areas, in extreme cases this can include the operating system.
- Worm: A worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, it does not need to attach itself to a software program in order to cause damage. Worms can be transmitted via software vulnerabilities, or could arrive as attachments in spam emails or instant messages.
The Gallery Partnership are specialists in IT Security. For more information about how to keep your organisation secure, call us on 0207 096 2808 or send us a message.