Even though we are well into our second decade of widespread internet use, the term ‘cyber attack’ is still a relatively new and daunting one for many people. Many individuals and small businesses entrust their cybersecurity to off-the-shelf antivirus softwares, which can effective but certainly aren’t foolproof.
When it comes to preventing cyber attacks, everyone should use a combination of best practices and security software to protect themselves and their data. Businesses should consider comprehensive security solutions as a critical component of operations–not just a vague expense in the ‘IT’ column.
Here’s a simple breakdown of what cyber attacks are, how much damage they can cause, and how to prevent them.
What is a Cyber Attack?
A cyber attack is a digital attack, disruption, or theft that is carried out from one or more computers. This attack can be on an individual web-enabled device or even an entire network. Cyber attacks typically work in one of two ways: they either disable the target devices for ransom or other nefarious purposes, or they try to gain access into a device or network to steal data or even digital assets.
There are a number of ways these techniques are enacted. Many of the names of these techniques are familiar, thanks to their use as buzzwords in the news. But few people fully understand what is happening when malware is detected by their antivirus software or their email server intercepts a phishing scam.
Types of Cyber Attacks
There are a number of different types of cyber attacks, each utilizing different methods to achieve different ends. Here are some of the most common.
Malware: (short for ‘malicious software’) is a file that is downloaded to a target computer. Depending on the functionality of the malicious software, it can do everything from read your keystrokes to steal credit card data and sensitive passwords to encrypting your entire computer for ransom.
Malware is a broad category, and its effects are equally broad. From stealing basic personal information to executing broad data heists or digital asset theft, malware is one of the principal ways hackers levy cyber attacks.
Phishing scams: Phishing is a play on the term ‘fishing’ precisely because it is a bogus attempt at ‘catching’ your private information (passwords, credit card numbers, etc.), most often through emails that ‘look’ official (ie: a fake email from the “Apple Store” reminding you to enter your password to check on something in your account). These fake emails attempt to gain access to one of your personal accounts by having you enter personal information on a page created by the hacker.
Middleman Attacks: Similar to phishing, these attacks use imitation networks to trick people into ‘willingly’ inputting their sensitive data into fake versions of services in order to gather credit card information or other sensitive online data. Middleman attacks are typically launched by creating fake Wi-Fi networks or web services in large public areas where many people might unknowingly log into an imitation network and immediately begin browsing the web under the (false) assumption that they are secure.
DDoS (Distributed Denial of Service) Attacks: DDoS attacks are often launched against businesses or governments, typically as an act more akin to digital warfare than theft.
These attacks target websites or servers by sending massive amounts of ‘requests’ for information, which essentially does the same thing as when you and every other person in your city tried to buy those N*SYNC tickets right when they went on sale back in 2002.
Even though modern web servers have much higher capacity than they used to, it is still possible to crash them with an overwhelming amount of web traffic, which is typically delivered with specialized tools that access servers at astonishing rates.
Bringing a business website offline can cost them staggering amounts of revenue, and sometimes this style of attack is used solely to wreak havoc, while others it is used to demand a ransom in order for the hacker to cease the attack.
SQL and XSS Attacks: Sequel injection and cross-site-scripting attacks both gain access to a website’s backend by identifying weaknesses or loopholes in their code, subsequently enabling them to act similarly to middleman or Phishing attacks, although the method is even more nefarious. Instead of imitating a legitimate network, these attacks live within legitimate websites, mean that the entire compromise is on the website’s end, making it virtually impossible for the casual end user to know anything is awry.
All of these techniques can be and have been used to launch some of the largest and most costly cyber attacks in history. And sometimes, those attacks are used in combination in order to inflict as much damage as possible.
Infamous Cyber Attacks
One of the most memorable attacks in terms of media coverage is no longer even considered in the top five largest. The Target breach of 2013/14 was executed through an attack on a third-party HVAC vendor’s access point to the Target network, which then allowed the hackers to access point-of-sale devices and skim up to 110 million credit card numbers. It cost two C-level executives their jobs and cost the company hundreds of millions of dollars in lost valuation and reparations.
The Yahoo! Accounts breach of 2013-14, which the company theorized was executed by a state-sponsored actor, ultimately led to all 3 billion of its user accounts being compromised in some way.
Many accounts had all their information accessed, including usernames, passwords, security questions, and mailing or email addresses, while others were ‘partially compromised’ but likely still provided the hackers with enough information to make more targeted attacks on users’ other accounts. Experts estimate that the breach cost Yahoo! nearly $4 billion in its subsequent sale to Verizon.
And in a full master class on what not to do if you get hacked, the Uber hacking of 2016 led to personal information of passengers and drivers getting accessed by hackers who hacked a third-party application Uber used, where they found passwords to internal databases which contained driver and passenger account information. Uber did not disclose the hacking until nearly a full calendar year later, and it paid the $100,000 ransom to the hackers without receiving any legitimate or legally-binding proof that the stolen data had been permanently destroyed.
How Improve Your Cyber Security
While holistic cyber security improvements often require a hands-on consultant to thoroughly evaluate the scope and nature of your network and applications, there are many best practices that can dramatically reduce your risk and vulnerability across the board.
Companies should enact cyber security governance and best practices at the highest level in order to maximize compliance and minimize risk exposure. That means involving cyber security professionals on a contract or full-time basis and writing internal bylaws in a way that maximizes corporate responsibility and accountability to prevent devastating personal or financial implications in the case of an attack.
Individuals and employees should all maintain different passwords for different accounts and should never store those passwords in online documents. As evidenced by the Uber attack, storing one password in another app is a lousy strategy and ultimately invites devastating results through even the simplest of hacking strategies.
In general, cyber security training is one of the most important aspects of a great security strategy. Even the best security software fails when individual users store their passwords in personal online accounts or otherwise mix professional protocol and leisure web use in a way that invites security risks into your network.
Brands of all sizes should manage and vet their vendors to prevent attacks from entering through a so-called ‘backdoor.’ These attacks can have devastating consequences and are the most common way that hackers access otherwise secure networks.
The JPMorgan Chase attack of 2016 was enabled by a less-secure webpage affiliated with the company (that was promoting a 5K running event, no less) and many of the other largest cyber attacks in recent history have occurred from similar lapses in comprehensive web security strategies.
Whether you use a third-party software service to vet and manage vendors or use an extensive in-house protocol, it is essential that you scour everything from your calendar app to web design to point-of-sale devices for potential vulnerabilities–and that you monitor them constantly to prevent new attack styles from defeating previously-secure entry points.
Cyber security may sound daunting, but third-party providers are making it easier than ever for everyone from local businesses to major corporations to enact all of the software-based practices associated with preventing cyber attacks. As for people? There is no substitute for great training and constant work towards best individual practices to prevent someone from logging into your sensitive enterprise network on a middleman style network.
Don’t cut corners when it comes to cybersecurity. Too much is at stake.
Article republished with permission. View the original article here.