A cyber attack is an intentional malicious attempt to attack, damage or illegally access information systems for some benefit or ulterior motives.Recently, the gross volume of cyber attack instances have increased. This can be associated with the mass migration to digital platforms as a result of constantly evolving technology. Making computing systems lucrative targets for hackers. Business systems are particularly very vulnerable because of the ransom involved. The most common cyber attacks include:
1. Password attacks
Passwords are the most popular type of authentication to computer information systems, computer networks, personal computer devices or infrastructures. A person’s password can be obtained through:
- Guessing probable words. This can be done in either one of two ways. First, using a dictionary of common passwords where an encrypted file is copied and the same encryption applied to the dictionary for comparison. Alternatively, trying different passwords especially related to the person’s name, birthday, pet , job title among others hoping one works. It is called the brute-force method.
- Looking over the shoulder as a person keys in the password
- Looking around the person’s desk since some people actually write on sticky note pads or post its and stick it on the desk or computer itself
- Using social engineering
- Accessing a password database
- Hacking the connection to a network for unencrypted passwords
The best way to deal with this is to implement an account lockout policy, which basically blocks an account after a couple incorrect passwords.
2. Malware attacks
Malware is derived from the two terms “malicious software”. There are different types of malware:
Usually, they come in form of a link or email attachments. Once clicked, the malware is installed then it can:
- Disrupt some components
- Make the system totally inoperable
- Transmit data from the hard drive
- Instal addition risky software
- Block access to major components
To prevent malware attacks, you can adapt practices such as getting rid of outdated software, keep internet activity active, log out when you’re done, upgrade your password among others.
3. Phishing attacks
These also include spear phishing attacks. They are the offensive actions of sending fraudulent communication that seems to come from a trusted source, commonly via email. Phishing attacks have become increasingly infamous cyberthreats. The goal is to get personal data like credit card and login information or manipulate the victim to do something. It can be a link to a scam website that can trick you into handing over personal information or an attachment that loads dangerous software onto your device.
Hackers rely on technical tricks and social engineering to achieve this. In spear phishing, attackers conduct research of their target on social media or other platforms and create an email that is relatable to the user. This makes it very hard to identify as an attack or protect against it.
For example: they can see from social media that you love The Big Bang Theory. So they will draft an email claiming to give you full access to watch all the episodes of the series, actually for free with only the click of a single link. As a fan, you end up clicking the link without giving it any further thought. Techniques that scammers use include:
- Website cloning
Here they copy legitimate websites to trick you into entering login credentials or personally identifiable information, abbreviated as PII
- Email spoofing
They impersonate a trusted source like a partner, a loved one or your management and falsify the “From” section of the email, making it appear as if it’s an email from a person you know well.
To defend yourself against such attacks you can practice some of the following:
- Carefully examine email headers
The “Return-Path” and the “Reply-to” parameters should lead to the same stated domain.
- Critical thinking
Take your time and analyze every unread email in your inbox. In addition, decipher the URLs of the links.
Test the content of the email in a sandbox environment.
- Hovering over suspicious links
Drag your mouse over the link but do not click. See where it could take you.
4. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
DoS and DDoS attacks are meant to exhaust resources and bandwidth by overwhelming servers, systems or networks with traffic. DDoS use botnets to achieve this. Botnets are a network of computers infected with malware, which can be operated as a group without the owners’ knowledge. They can be mitigated by:
- Black hole filtering
Drops unwanted traffic before it enters a protected network.
- RFC3704 filtering
Ensure traffic is traceable to its correct network source and reject traffic from spoofed addresses.
Unlike most attacks, attackers don’t benefit directly from it and usually use this attack to sabotage a system and launch another attack. There are different types of DoS and DDoS. Among them are:
5. Teardrop attacks
They cause confusion and subsequently crash a system. This is done by overlapping the length and fragmentation offset fields in sequential Internet Protocol (IP) packets.
- TCP SYN flood attacks
The system becomes unusable when the connection queue fills up.Hackers manipulate the function of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. This system is flooded with minute in-process queue with connection requests, it replies to these requests but are not responded to and times out waiting for a response.
To prevent this, you can decrease timeouts on connections, increase the size of connection queues or place servers behind a firewall configured to stop inbound SYN packets
6. Smurf attacks
They generate huge amounts of network congestion. ICPM echo requests originating from a seemingly spoofed victim address targeted at broadcast IP addresses are used. IP spoofing and the ICMP saturate the system with traffic.
To counter such attacks, you need to configure the end systems to defend them against responding to ICMP packets from broadcast addresses. Secondly, you can disable IP-directed broadcasts at their routers. This disables ICMP echo broadcast requests at network devices.
7. Ping of death attacks
Causes systems experience buffer overflows among other crashes reassembling IP packets. The maximum IP size is 65,535 bytes. Attackers use IP packets to ping systems with an IP size exceeding this limit, resulting in fragmentation of the packet. These attacks can be stopped by getting a firewall that will check fragmented IP packets for maximum size.