Common types of cyber attacks
Every year, cybercrime is on the rise as attackers seek to benefit from vulnerable business systems. A cyber attack refers to an unwelcome attempt to steal, expose, alter, disable or destroy information through unauthorised access to computer systems (IBM).
Cybercriminals are becoming more and more advanced in their attacks, requiring businesses big and small to seriously up their game when it comes to monitoring threats and adjusting their defenses. As a UK Software Agency, we are constantly keeping on top of the evolving cybersecurity landscape, ensuring that we are implementing secure development and deployment practices that meet the needs of our clients. In this blog, we’ve put together a list of the most common types of cyber-attacks that your business should be aware of.
#1 — Malware
Malware is a term used to describe malicious software and encompasses a variety of attacks including spyware, viruses, and worms. This type of cyber-attack uses a vulnerability to breach a network, such as when a victim clicks on a dangerous link or email attachment. The malicious software is then installed inside the system and can cause some serious damage including:
- Denial of access to the network
- Retrieving data and stealing information
- Making the system inoperable
Prevention tip: You should ensure that your business is using Antivirus and anti-malware tools that will help to identify and protect your endpoint devices or larger network against many traditional and new malware-related threats.
#2 — Phishing
Another extremely common cyber-attack is phishing, which refers to the practice of sending fraudulent communications to unsuspecting users, disguised as coming from a reputable source. The communication (commonly emails, text messages, or social media messages) typically contains a link to a malicious file or script designed to enable cybercriminals to control your device to extract valuable data and more.
Phishers utilise social engineering and public information sources to collect information that helps them along the way in convincing you that they are legitimate sources - including information about your work, interests, and activities. And we aren’t just talking about badly written emails from a “distant great Uncle” from the other side of the world who claims you have a billion-pound fortune to inherit if only you provide all of your bank details… No no. Modern phishing attacks are leading even the most technologically-enabled person to question the legitimacy of some attempts. In 2021, a survey by Pointproof found that a whopping 91 percent of UK organisations were hit by bulk phishing email attacks.
Furthermore, the report found that phishing attacks are becoming more successful. Of respondents surveyed, 83 percent said their organisation had been hit with a successful email phishing attack, up from 57 percent in 2020.
Prevention tip: To avoid falling victim to a phishing attack, always think carefully before clicking on links in emails you are unsure about. Pay close attention to email headers, sender's details and where the link is heading.
#3 — Denial-of-Service (DoS) Attack
This attack describes a class of cyber attacks that are designed to ultimately render a service unusable by slowing down networks or making them inaccessible for the people who need them.
Denial-of-Service attacks typically target the web servers of high-profile businesses such as banking, e-commerce, media companies, and government entities. Attackers typically attempt to disrupt an organisation's services in one of two ways: by flooding systems, servers or networks with traffic to exhaust resources and bandwidth or by sending nefarious data such as bugs that activate a crash. No matter the strategy, the outcome is always the same: to take the network or machine down and cause disruption.
DoS attacks are on the rise. According to research by Netscout, nearly 3 million DoS attacks occurred in the first quarter of 2021. This is almost a third more than the same period the previous year. January 2021 saw the largest number of DoS attacks ever recorded, with 972,000 attacks.
Emails, online accounts, e-commerce sites, and a variety of other services all become unusable in a DoS condition. DoS attacks can have major implications for organisations, including loss of business, financial costs due to spending time and money getting the system back up, frustrated customers, and reputational damage.
Prevention tip: Monitor and analyse network traffic via a firewall or intrusion detection system. Administrators can set up rules that create alerts for things such as unusual traffic while also being able to identify traffic sources.
#4 — Man-in-the-Middle (MitM) Attacks
This is a type of cyber attack whereby an attacker essentially eavesdrops on a conversation between two targets. The attacker intercepts a two-party transaction, placing themselves ‘in the middle.’ From here, they will attempt to steal and manipulate data by interrupting the flow of traffic. The goal of a MitM attack is to collect sensitive data, passwords, or banking details as well as often try to convince the victim to take some sort of action, such as changing their login credentials or completing a transaction.
A MitM attack typically consists of two phases:
Phase 1) Interception
In the interception phase, attackers gain access to a network through an open or poorly secured Wi-Fi network and/or via manipulation of the DNS servers. The attacker will then carry out a scan, searching for vulnerabilities and possible points of entry. This is commonly done through weak passwords, however more advanced methods include IP spoofing or cache poisoning. Upon a target being identified, the attacker will typically deploy data capture tools that analyse and collect the transmitted data of the victim and then either redirect traffic or manipulate the user’s web experience.
Phase 2) Decryption
The second phase of a Man-in-the-Middle cyber attack is decryption, which is where the (stolen) data is decoded and made sense of by the attacker. This decrypted data is then utilised by the cybercriminal for a whole range of purposes including identity theft, fraudulent bank activity, or activities that will disrupt business operations.
Prevention tip: Avoiding MitM attacks requires users to take practical steps including avoiding using public networks and WiFi networks that are reported as ‘unsecured’; paying attention to ‘website not secure ’ alerts, and logging out of secure applications when not in use.
#5 — SQL Injection attack
SQL or “structured query language” is a type of computer language which is used to communicate with databases. For legitimate purposes, SQL is used for things such as retrieving details from large data sets. However, SQL is also commonly used as a cybercrime tool in what is known as a SQL Injection attack.
In a nutshell, SQL injection is a technique that cybercriminals use to gain unauthorised access to a web application database by adding malicious code to a database query. The attack manipulates SQL code to provide the attacker with access to otherwise protected resources. If the SQL injection succeeds, it can expose the intellectual property, customer data, or the administrative credentials of an organisation.
The main consequences of a SQL Injection attack include:
- Confidentiality: Since SQL databases typically hold sensitive data, loss of confidentiality is a significant problem.
- Authentication: If poor SQL commands are used to check user names and passwords, it may be possible to connect to a system as another user with no previous knowledge of the password.
- Authorisation: Through the successful exploitation of a SQL Injection vulnerability, it may be possible to change authorisation information held in a SQL database.
- Integrity: It is possible to alter or even delete sensitive information with a SQL Injection attack.
Prevention tip: Limit the privileges and access that you assign to users. When assigning someone an account, don’t provide administrator functionality unless it is absolutely necessary, as this could provide access to the entire system if an attacker were to successfully carry out an SQL injection attack.
In 2022, cybercriminals are becoming more advanced than ever in their processes. Reducing your exposure to cyber attacks really boils down to the technology, systems, processes, policies, and IT security tools in place to prevent them from occurring. However, it also falls heavily on the adequate education and training of the end-user, ensuring they are in a good place to recognise and respond to the common strategies used by cybercriminals, as listed above.
Do you need help building bespoke, innovative and secure software? Drop the Rocketmakers team a line today.