When a cyber security attack happens to a big company it hits the news and gets plenty of air time. In a world of virtual money hundreds of thousands can be affected by a data breach. But it’s not just big banks and dating sites that are at risk. Small to medium-sized businesses are the likeliest targets of attacks. What kinds of cyber attack exist and how can you prevent them? Here are the # most common.
Common Forms of Cyber Security Attacks
Scareware
Scareware is any fraudulent internet activity that uses fear to manipulate or coerce the attacked into giving the attacker information or money. The user may not realize she is giving access to her computer.
Rogue Software
While rogue software attacks are successful with people who are not comfortable or versed in technology, they can be sophisticated enough to trick even savvy users. The elderly or late adopting adults are a prime target. The user receives a warning, sometimes a window that looks like their operating system’s own warning system, stating that they have a virus. They are directed to a website where they pay for a removal tool. The tool is either downloaded from the site or arrives as a file attached to an email. This file introduces the actual virus, which the user will not realize. The first of these types of Internet Fraud was released in 2008.
This is also a form of malware.
RansomWare
RansomWare is one of the nastiest cyber attacks and puts you at the greatest risk. Hackers gain access to your network and encrypt your data. They then ask for money in return for the decryption key. The problem? Many do not deliver on their promise. Handing your payment information to these types of cybercriminals can result in devastating losses. Learn more about RansomWare attacks.
Protect your business by educating staff about attacks. Show them examples and include in your technology policy that employees are never to download software unless it is sent from designated people in your company and that an announcement will also be made in person.
Phishing
Password Phishing
These phishing attacks try to get passwords. They use emails with links to sites that appear real and ask for the target’s username and password. More sophisticated approaches create pop ups or what appear to be authentic system dialog boxes like this blog explains. One of the biggest risks of phishing attacks are that people often use the same login credentials across the internet from email, to banking, to dating site, to health insurance and beyond. This makes easy work for hackers.
Spear Phishing
Within attacks that are categorized as “phishing schemes” spear phishing attacks are more sophisticated and targeted. Spear phishing targets only a few individuals in an organization, usually by email, to gain access to the network. These emails either look like they come from a trusted source and include a link to a form where the user must put in their username and password or asks for information that could help the attacker change the target’s credentials and then use them to log in.
An educated workforce is the first and best line of defense in combating these attacks. Phishing emails often use strange wording or have obvious misspellings. Sometimes there is information missing from the bottom of the email and a comparison between the site of the company claimed by the email can show errors. In addition, networks should be modernized and up to date with several layers of security.
Privileged Account Management
With Privileged Account Management users’ access to the network are varied. For example, more secure users may access login credentials and others may change them. These spear phishing attacks target users high on the food chain to access information.
Socially Engineered Malware
A type of phishing, Socially Engineered Malware targets a specific demographic by gaining their trust. They send emails that appear to be from organizations the user supports. Essentially it is a psychological ploy that uses the target’s trust in a specific organization to gain access to information. It does this by getting the user to click on an image, attachment or link and then it downloads the user’s information
Code Injection Attacks
Web Applications/CSS
These sneaky attacks embed malware code right into the CSS of an app. Using the app on a vulnerable device infects the computer as it quickly scans the code. Developers should look at any outside code prior to installing or using. In addition, they should take these safeguards:
- Don’t use path-relative links
- Set server header X-Frame-Options to “deny” on all pages
- Set the server header X-Content-Type-Options to “nosniff” on all pages
- Set a modern doctype on all pages
SQL Injection
SQL Injection attacks require a security vulnerability. Generally websites are targeted and use injected, malicious code. These work by manipulating entry fields so that SQL statements trigger the attack. These only work when there is a security vulnerability, like unpatched software. The point of these attacks is to allow the hackers to appear as the hacked site; tamper with data; void or modify transactions and become administrators of the database server.
Denial-of-Service Attacks
Denial-of-service (DoS) attacks seek to shut down sites so users cannot access them for a defined or indefinite amount of time. The hackers responsible for the attack bombard the network with requests hopeful that the traffic will overload the system. A form of this is the distributed denial-of-service (DDoS) attack where the traffic comes from different sources at a coordinated time. These are more difficult to shut down than those that originate from one machine.
A DoS or DDoS attack is analogous to a group of people crowding the entry door or gate to a shop or business, and not letting legitimate parties enter into the shop or business, disrupting normal operations.
Criminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers like banks or credit card payment gateways. Revenge, blackmail[2][3][4] and activism[5] can motivate these attacks.
Password Attacks
Password attacks are exactly what you think: attempts to figure out user passwords to gain access to a network. These attacks take different forms.
Brute Force Attacking
Using a script, cybercriminals try usernames with the most common passwords. It’s pretty easy to figure out usernames: first initial/last name, last name/first initial, first initial/last name, etc. The script cycles through the usernames, using a company directory once the username format is figured out, and the most common passwords.
Spyware
One way cybercriminals crack passwords is to place keystroke recording programs on targeted device. At the end of a day, simply downloading the data and then searching for repeated strings is the easiest way to discern passwords.
Dictionary Attacks
These attacks try common words, and words with common substitutions, in the password field. Go to a college campus and you’ll be shocked how many students’ email or login password is “college”. A dictionary attack on a university might include variations like (ollege, c0llege, (o11eg3, etc.
Drive-by Downloads & Malvertising
These two sneaky attacks are likely to work when the user is not tech savvy. They can cause all sorts of massive problems.
Drive-by Downloads
A user clicks on a link or approves a download from what appears to be their computer. Unknowingly they’ve downloaded some form of malware or a virus. Sometimes the person knows they are downloading something but have been told it’s something else. Other times the download happens without the user even being aware.
These attacks are designed to deceive. A user may visit a website, read an email or click on a pop-up window. They may think they are just clicking “okay” or “close’ but instead they have started a download.
Malvertising
Like the name suggests, these attacks look like innocuous banner and pop up ads. Sometimes these are Flash programs that infect a user’s computer. Other times they take the user to sites with bad links.
Other Types of Attacks
Botnets
Botnet is a portmanteau of “robot” and “network”. Essentially, a botnet attack is when a group of computers are infected using a specific Trojan Horse virus that allows remote control of the network.
Protect your network from these attacks by employing web-filtering systems. These monitor sites for suspicious activity and prevent users from accessing suspect sites. Learn more about web-filtering systems and five other protective measures.
Social Media Attacks
Most people know not to click on links in emails from people they don’t know or that look a little off. Cybercriminals have upped their game by creating sneaky social media accounts and ads. The Pentagon even fell prey to one of these attacks.
Man In The Middle (MitM) Attacks
A sophisticated form of electronic eavesdropping, MitM attacks happen when someone inserts himself in the middle of online communications. Sometimes it is just to learn information but other times it is to alter the messages between two parties. If user A and user B are emailing but user C can intercept and alter the messages it can be difficult for user A or B to detect. Authentication and tamper detection are the best defenses.
What’s Your Risk? CRA Can Help
80% of malicious attacks happen because of unpatched software and yet many businesses still fail to properly patch. The entry points that are most used are internet-based, specifically Java and Acrobat. Since 2012, unpatched Java has accounted for 50% of unpatched software enabled attacks. You should immediately audit your business’s resources to make sure that all software is properly patched and that there is a plan moving forward to keep it updated.
Worried about the downtime this can cause and the reduction in resources as you direct staff to deal with this issue? Contact Computer Resources of America to help. Our experts can audit, action plan and fix any vulnerabilities.