CYBER SECURITY THREATS - 5 COMMON ATTACKS
Information holds great value in today’s society, both in regard to organizations and individuals. Such information may, for example, include bank account details or confidential organizational documents. Due to the fact that information is so valuable in today’s society, there is also great incentive for cyber criminals to try and steal this information. The amount of attacks that is executed have increased significantly in recent years, and many of these attacks represent a major economic loss for those who are affected.
HOW DOES IT HAPPEN?
In order to steal, or block access to the information, cyber criminals have developed a number of methods. This includes both methods that rely solely on technical solutions and methods which aims to manipulate people into providing the information voluntarily.
1. Social Engineering
The use of social engineering is an attempt to get the targets to share their private information, voluntarily. There are several ways to accomplish this, where some of the common approaches are described below.
Phishing is the act of trying to obtain private information by sending out some form of electronic message to the victim, pretending to be a trusted actor. These messages often call for the recipient to share their personal information, such as passwords or the like, on a fake website, but which looks exactly like the true version.
There are also other types of phishing. One of these is vishing, where the attacker calls the victim on the phone and asks them to disclose their private information, for example their credit card number. In this case, the attacker pretends to call from a bank. They then claim that the bank account has been flagged for suspicious activity and to make it accessible again, the victim has to disclose their credentials. It is also common that the victim is requested to confirm their identity via electronic identification, which allows the attacker to access the victims personal account.
Pharming is an attack that involves the victim arriving at a different website than expected, a false website belonging to the attacker. The attack is made possible with the technique of altering which IP address that corresponds to a specific domain.
Dumpster diving simply means searching through trash cans or containers for USB memories, laptops, important paper documents or other items. There is always a possibility that these items contain valuable information that the perpetrator can make use of. It is therefore recommended not to leave any information behind that should not be publicly assessable.
2. Denial-of-Service (DOS) ATTACK
A DoS-attack involves the attacker trying to make a specific Internet service unavailable. If successful, the information provided by the service will also become unavailable while the attack is in progress.
A DoS-attack may last for a long time and is the result of the attacker trying to overload the system. This is done by sending massive amounts of information to the system, which it eventually cannot manage.
There is also another type of DoS-attack, known as a distributed denial of service (DDoS) attack. A DDoS-attack involves sending massive amounts of information originating from multiple sources, which is more difficult to protect against compared to an ordinary DoS-attack.
Malware is software that in one way or another damages the system. Malware may change how the system works and thus does not work as the user wants to nor expects. The purpose of malware is often to steal information from the victims or pressure them to pay a ransom, for example, by encrypting the information and request payment to make the information accessible again. This type of malware is called ransomware.
Malware is usually spread through emails containing links to websites that contains the malicious code which then causes the user’s computer to become infected. It is also common for the code to be spread over files downloaded on the internet.
Common types of malware are:
- Trojan horses
A keylogger is a type of software, sometimes stored on hardware, which logs the button presses of a keyboard. When the victim enters, for example, his or her password, it enables the attacker to access this information.
A keylogger, in the form of some type of hardware, is a device that is connected between the keyboard and the computer. If the keyboard is wireless, the equipment only needs to be placed in near proximity of the keyboard to record button presses sent from the keyboard to the computer.
When the keylogger is in the form of software, it is harder to detect since there is no physical evidence to look for. In addition, keyloggers usually do not affect the system other than logging the button presses of the keyboard.
5. Man-in-the-Middle Attack
This type of attack involves the attacker intercepting the communication between two systems, for example, the connection between a client and a server. The attacker then receives access to the information that is being sent between the two and has the possibility to read, modify and add data before it is transmitted to its actual destination.