Types of Cyber Attacks

-

Types of Cyber
Attacks

There are many methods of Cyber Attacks from malware injection to phishing to social engineering to the internal stealing of data. Other advanced but common forms are DDoS AttacksBrute Force attacks, hacking, holding a computer system (or a website) for ransom using direct hack or Ransomware.
Some of them have been listed below:
  • Gaining, or attempting to gain, unauthorized access to a computer system or its data.
  • Disruption or denial of service attacks (DDoS)
  • Hacking a website or mal-facing the site
  • Virus or malware installation
  • Unauthorized use of a computer for processing of data
  • Inappropriate use of computers or applications by employees of a company, in a way that it harms the company.
The last one – the inappropriate use of computers or apps by employees – could be deliberate or due to lack of knowledge. One has to figure out the real reason why an employee, for example, tried to enter wrong data or accesses a particular data record which he or she was not authorized to change.
Social engineering could also be a cause whereby an employee deliberately tries to hack into the database – just to help a friend! That is, the employee was befriended by a criminal and is emotionally forced to obtain some innocent data for the new friend.
While we are here, it is also advisable to teach the employees about the dangers of public WiFi and why they should not use the public WiFi for office work.
ReadWhat are Honeypots and how can they secure computer systems.

Cyber Attacks Response

Prevention is always better than the cure. You must have heard this a number of times. The same applies to the field of IT when it comes to protection against Cyber Attacks. However, assuming that your computer(s) or website(s) were attacked, even after taking all the precautions, there are certain common general response steps laid down:
  1. Did the attack really happened or is someone calling in to play a prank;
  2. If you still have access to your data, back it up;
  3. If you cannot access your data, and the hacker is demanding ransom, you may want to consider approaching the legal authorities
  4. Negotiate with the hacker and regain the data
  5. In case of social engineering and employees misusing their privileges, checks should be conducted to determine if the employee was innocent or acted deliberately
  6. In the case of DDoS attacks, the load should be mitigated to other servers, so that the website comes back online as soon as possible. You may rent out servers for a while or use a cloud app so that costs are minimal.
For exact and detailed information on responding the legal way, please read the whitepaper mentioned under the References section.

Prevention of Cyber Attacks

You might already know that there is no 100% foolproof method to counter cyber crime and cyber attacks, but still, you have to take as many precautions to protect your computers.
The primary things to be done are to use a good security software, that not only scans for virus, but also looks for different types of malware, including but not limited to ransomware, and stops it from entering the computer. Mostly these malicious codes are injected into your computers by visiting or downloading things from non-reputed websites, Drive-by downloads, compromised websites that display malicious advertisings also known as Malvertising.
Along with the antivirus, you should use a good firewall. While the built-in firewall in Windows 10/8/7 is good, you can use third party firewalls that you feel are stronger than the default Windows Firewall.
If it is a corporate computer network, make sure there is no Plug and Play support in any of the user computers. That is, employees should not be able to plug in Flash drives or their own Internet dongles into the USB. The IT department of the company should also keep a watch on all the network traffic. Using a good network traffic analyzer helps in prompt attendance to strange behaviors arising out of any terminal (employee computer).
For protection against DDoS attacks, the website is better mitigated to different servers, instead of being hosted simply on a single server. The best method would be to have a mirror constantly up using a cloud service. That will greatly reduce the chances of a DDoS being successful – not for a long time at least. Use a good firewall like Sucuri and take some basic steps to protect and secure your website.

Comments

Post a Comment

Popular posts from this blog

Network Topology

-
Image
Types of Network Topology Network Topology is the schematic description of a network arrangement, connecting various nodes(sender and receiver) through lines of connection. BUS Topology Bus topology is a network type in which every computer and network device is connected to single cable. When it has exactly two endpoints, then it is called  Linear Bus topology . Features of Bus Topology It transmits data only in one direction. Every device is connected to a single cable Advantages of Bus Topology It is cost effective. Cable required is least compared to other network topology. Used in small networks. It is easy to understand. Easy to expand joining two cables together. Disadvantages of Bus Topology Cables fails then whole network fails. If network traffic is heavy or nodes are more the performance of the network decreases. Cable has a limited length. It is slower than the ring topology. RING Topology It is called ring topology because it form
Read more

Grey Hat Hackers

-
Image
Grey Hat Hackers As in life, there are grey areas that are neither black nor white. Grey hat hackers are a blend of both black hat and white hat activities. Often, grey hat hackers will look for  vulnerabilities  in a system without the owner’s permission or knowledge. If issues are found, they will report them to the owner, sometimes requesting a small fee to fix the issue. If the owner does not respond or comply, then sometimes the hackers will post the newly found exploit online for the world to see. These types of hackers are not inherently malicious with their intentions; they’re just looking to get something out of their discoveries for themselves. Usually, grey hat hackers will not exploit the found vulnerabilities. However, this type of hacking is still considered illegal because the hacker did not receive permission from the owner prior to attempting to attack the system. Although the word hacker tends to evoke negative connotations when referred to, it is important
Read more

White Hat Hackers

-
Image
White Hat Hackers White hat hackers choose to use their powers for good rather than evil. Also known as “ethical hackers,” white hat hackers can sometimes be paid employees or contractors working for companies as security specialists that attempt to find security holes via hacking.White hat hackers employ the same methods of hacking as black hats, with one exception- they do it with permission from the owner of the system first, which makes the process completely legal. White hat hackers perform penetration testing, test in-place security systems and perform vulnerability assessments for companies. There are even courses, training, conferences and certifications for ethical hacking.
Read more