From Cyber Attack to Cyber Crime and Safeguarding Measures

Štítky:

In a world with unrestricted access to computers and the internet, technical skills and expertise are must-haves. However, having all these also means that any individual or group can carry out a cyber-attack from anywhere. This article aims to inform, in simple terms, about cyber-attacks and some of their common means or types, as well as the responsibility of individuals to ensure security from cybercriminals with possible safeguarding measures.

Cyber Attack

According to Cisco, an American multinational technology conglomerate, “cyberattack is a malicious and deliberate attempt, by an individual or organization, to breach the information system of another individual or organization.” [1] This may not sound serious, since it is only systems that are affected. Nevertheless, it is a big security issue since the internet is a vault of sensitive information, and almost everything is stored in the cloud. Whether it is simple social actions, such as setting up a Netflix account, or more security-requiring ones, for example setting up a bank account, a signature (name), as well as address or social number, are some basic requirements. The volume and value of collected information on these platforms depend on the services to be provided. The information can include home addresses, IP addresses which can be used to track one’s location, details of family members and friends, and the likes. Options of accessing and exploiting this kind of information can be exhaustive and it is rightly grounded, as there are many real-life examples. The same goes for organizations, state departments, and governments.

There is a number of ways in which a cyber-attack can be orchestrated. How then does one safeguard and secure systems against these, and when and how can one become a victim of the attacks? To understand the safeguarding measures, it is important to be able to recognize possible vulnerabilities or attacks. Knowing some of the popular means of cyber-attacks may help. They will be explored in the next section.

Means of Cyber Attacks

Malware

Also known as “malicious software”, it includes spyware, ransomware, viruses, and worms. [2] Spyware is malicious software that is designed to infiltrate systems, monitor and capture data, and send these stolen data for the author’s use or sale. [3] Ransomware is extortion software that can lock your computer and then demand a ransom for its release. [4] Viruses are written to alter the way a computer operates; they are designed to spread from host to host and have the ability to replicate. [5] Worms are similar to viruses; the difference is that viruses are triggered or activated through the actions of the host (intentional or not) while worms are self-replicative and independent of the host’s action(s). They do not need to attach to a particular software program. [6]

All of these forms of malware are transmitted as a result of vulnerabilities (loopholes in security designs), through emails and link attachments that come with them (if intended for this purpose), instant messages, and other basic elements of computers or smartphones. The malware installs some software program(s) that are built to block access to key computer network components, it pulls data from the hard drive, or disrupts critical components that might render the system inoperable. [1] All of the above mentioned can be experienced together.

Phishing

Simply put, phishing is done through emails that appear to come from a trusted source – an email address similar to that of a friend, a subscribed website, a trusted/known organization, and alike – but are in fact fraudulent. These fraudulent addresses may differ from the original by just a letter; for instance, UN0@123.com instead of UNO@123.com where the letter ‘O’ is replaced by a number of a similar shape. However, options of phishing are wider than that; users can be targeted through text messages or even phone calls [7], usually with the aim of stealing sensitive data like log in or credit card information, or installing malware on the system. [1]

A report by Ernst and Young mentions a record of over 550 million phishing emails sent out worldwide by a single campaign during the first quarter of 2018 [8]. It also mentions different strategies through which phishing can be done. One of the options is targeting a specific individual, in which case the attacker constructs the email accordingly. This is known as spear phishing and is usually the first step to a mass cyber-attack [7]. For instance, there is the Microsoft 365 phishing attack that came in the form of a fake email from Microsoft informing users of unauthorized mail access. It included a link to be clicked on in order to resolve the threat by, for example, changing a password, when, in fact, it was a way to get log-in information that would give the attackers remote access to the account. This can open doors to another type of phishing, called the business email compromise. This attack is based on the impersonation of a company executive vendor or supplier [7], and a report by Cisco done in 2016 recorded that there were about 22,600 victims of this kind of attack in the US alone. [9] Whaling is a phishing attack targeted at a ‘big fish‘, such as the CEO of an organization in order to steal his login credentials. [7] The attackers often research their victims on social media sites to collect detailed information on their personas, and then plan their attack accordingly; this is called social media phishing. Phishing via phone calls is known as vishing [7] (voice phishing). The attacker may, for instance, impersonate a bank staff to get sensitive information that will give him access to the victim’s account.

Phishing is, as of date, the most common type of cyber-attack and does not require technical skills. It can be done through social engineering and sweet-talking victims into falling for the attack. Avoiding it is as simple as not picking up unknown calls, not opening suspicious emails, and not clicking on the links that come within. To help secure the data of individuals, it is needed to increase awareness of this issue.

Denial of Service and Distributed Denial of Service (DoS and DDoS)

This has to do with overloading or flooding systems, networks, or servers in a malicious attempt to make the online service unable to fulfill requests. [1][10] It is distributed (DDoS) when the attack is launched, generally through botnets (a group of internet-connected devices that, unknown to the owners of the devices, have been hijacked and are being controlled remotely through the injection of malware [11]), and from numerous computers that have been compromised. [10] This usually results in a temporary interruption or suspension of the services of the target server, the host, or the application. That said, the reported analysis showed that 15 percent of DDoS attacks last as long as a month. [12]

DDoS attacks are more sophisticated nowadays due to the open access to tools and applications that can help carry out these attacks, and also due to the possibility of hiring booters and stressors [13] – DDoS attack experts for hire. This can lead to an increase in the number of cases and damages, which explains why Cisco reports that the number of DDoS attacks is expected to double to 15.4 million by 2023 [12].  DDoS attacks can be generally categorized into two: application layer and network layer attacks, following the seven layers of TCP/IP. The attacks on the application layer, as it implies, are targeted at specific applications and are, therefore, mostly DoS attacks, however, they can be DDoS as well. For instance, an attack aimed to stop a particular gamer from playing a game will be a DoS, and an attack aimed at a group of gamers a DDoS. The network layer attacks on the other hand are largely DDoS and are set up to clog the “pipelines” connecting your network. [13] An attack targeted at the gaming server itself belongs to this category.

Man in the middle

Also known as eavesdropping, it is more of a means than a type. It occurs when an attacker takes a position between a two-way communication line between systems, turning the individuals at both ends into victims. The intention is usually to “listen” and gather the information that may lead to financial gains or information on a bigger fish, which is then classified as whaling. The common point of entry for the attacker is usually through an unsecured local network or a malware installed in the devices of either of the users. [1]

Zero-day exploit

This is a term that cuts across all kinds of attacks, including those less popular, not mentioned in this article. All the known attacks, listed in this article or not, and related incidents or scenarios are usually monitored and analyzed with new security patches introduced to ensure that systems are more secure. This gives an insinuation that there are incidents or vulnerabilities that are yet to be known by cyber security organizations and therefore have no patch that addresses that possible vulnerability. When a hacker gains access to a device through an unknown vulnerability, it is known as a zero-day exploit. Though more difficult to achieve – as it requires new initiatives – it gives the easiest backdoor into a system since there is no tailored defense against it. Hackers oftentimes look for these vulnerabilities and subsequently trade them. [10] There is probably no end to cyber-attacks, nevertheless, it is necessary to work on decreasing the number of successful cases to the barest minimum.

Safeguard Measures and Security

By now, it is known that although there are different types of cyber-attacks, they share certain similarities. It is important to know that the types of cyber-attacks discussed in this article do not cover the long list of possible ways of becoming a victim. Also, given the mass information on this subject and its sometimes-conflicting nature, it can be understandably difficult to keep track of the state of the field. The good news is that the same measures work for almost all these attacks, if not all.

This is not to oversimplify things, as it often happens with analysis of cyber threats, but the truth is that the vital part of remaining secure only requires individuals to be informed and up to date with developments and to be cyber-vigilant. Individuals make up organizations and whether it is an attempted attack against an individual or an organization, it starts with a breach of an individual’s device. Responsibility, therefore, starts with each individual. This does not mean that everyone should become an expert in this field, although having more hands in this field would surely help. It simply means raising awareness and helping the experts do their job better by reporting perceived breaches. This way, patches and software updates as well as new software can truly mean security.

For software, applications, and devices being used, there is a need to ensure that they are kept up to date. These updates are to address some newly found security vulnerabilities and possible threat points [6] and, just as human actions are needed for malware to be activated on devices, human actions are needed to ensure the successful installation of these updates.

If there will be any need to download software, do so from trusted sites. This also applies to emails, do not open attachments in your email [14] when you are unsure of the source’s credibility. Think before you act and while conducting any online transactions, keep a wary eye. [14] The internet is an interesting place, however, it is necessary not to forget the possibility of a lurking criminal.

Installing firewalls should not be taken lightly, it ought to be a necessity. [15] Their importance cannot be overemphasized. Just like doors and fences are needed to keep houses secure from physical criminals, firewalls work the same way against online criminals. It is also vital to ensure that one’s data, including passwords, are backed up on external devices to help with recovery measures in the case of any breach. [15] This offers an option of stronger passwords to numerous applications and sites.

The reality is that there will always be records of breaches or attempted breaches. It is, therefore, vital to try to mitigate it and make it more difficult to breach our devices, while keeping the data in external devices in order to be recovered in any case of a successful breach.


Sources

  1. Cisco. (n.d.). What Is a Cyberattack? Retrieved March 2022, from Cisco: https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html?msclkid=300f5a13ae0e11ec833a944718789207
  2. UNiSYS. (n.d.). Cyber Attacks – What you need to know. Retrieved March 2022, from UNiSYS: https://www.unisys.com/glossary/cyber-attack/
  3. Kaspersky. (n.d.). What is Spyware? Retrieved March 2022, from Kaspersky: https://www.kaspersky.com/resource-center/threats/spyware
  4. Kaspersky. (n.d.). What is Ransomware? Retrieved March 2022, from Kaspersky: https://www.kaspersky.com/resource-center/threats/ransomware
  5. Johansen, A. G. (2020, July 23). What is a computer virus? Retrieved March 2022, from norton: https://us.norton.com/internetsecurity-malware-what-is-a-computer-virus.html
  6. NortonLifeLock. (2019, August 28). What is a computer worm, and how does it work? Retrieved March 2022, from norton: https://us.norton.com/internetsecurity-malware-what-is-a-computer-worm.html
  7. cisco. (n.d.). What Is Phishing? Retrieved March 2022, from cisco: https://www.cisco.com/c/en/us/products/security/email-security/what-is-phishing.html
  8. EY. (2019). Is cybersecurity about more than protection? Retrieved March 2022, from Ernst & Young: https://assets.ey.com/content/dam/ey-sites/ey-com/en_ca/topics/advisory/ey-global-information-security-survey-2018-19.pdf
  9. cisco. (2017). Cisco Midyear Security Report Update. The Rise of Business Email Compromise (BEC). Retrieved March 2022, from cisco: https://www.cisco.com/c/dam/en/us/products/collateral/security/email-security/email-rise-business.pdf
  10. imperva. (n.d.). DDoS Attacks. Retrieved March 2022, from imperva: https://www.imperva.com/learn/ddos/ddos-attacks/
  11. imperva. (n.d.). Botnet DDoS Attacks. Retrieved March 2022, from imperva: https://www.imperva.com/learn/ddos/botnet-ddos/
  12. cisco. (n.d.). What Is a DDoS Attack? Retrieved March 2022, from cisco: https://www.cisco.com/c/en/us/products/security/what-is-a-ddos-attack.html
  13. imperva. (n.d.). Distributed Denial of Service (DDoS). Retrieved March 2022, from imperva: https://www.imperva.com/learn/ddos/denial-of-service/
  14. digit. (n.d.). Stay safe on the internet. Retrieved March 2022, from digit: https://www.digit.in/technology-guides/fasttrack-to-cyber-crime/stay-safe-on-the-internet.html
  15. leaf. (n.d.). 10 Ways to Prevent Cyber Attacks. Retrieved March 2022, from leaf: https://leaf-it.com/10-ways-prevent-cyber-attacks/

Napsat komentář

Vaše e-mailová adresa nebude zveřejněna. Vyžadované informace jsou označeny *