Introduction to Cyber Attacks
The traditional methods of attacking are through bombs, guns and some other physical objects which have the power to destroy lives and shut down businesses on a global scale. Today's technology-reliant world has changed things. Those weapons are still dangerous like there were in the past but the introduction of computers has made recent attacks more sophisticated. They always come unannounced, and you hear about them every day, Cyber attacks.
Many people see cyber attacks as a form of voodoo, but there is nothing like that with computers. Cyber attacks do, however, require a certain level of intelligence and computer knowledge.
The requirement of computer intelligence has made the only effective way to defend the attack a herculean task. It means anyone who wishes to defend against cyber attacks must understand the concept behind them.
There are numerous definitions for Cyber attacks.
In Mikko Niemelä's book, “Anatomy of a Cyberattack“. He explains cyber attacks as a method adopted by a cybercriminal to perform malicious actions. The action is in two categories: either to disable the target computer or put it offline. It can also be to get access to the target computer's data or admin privileges on a system.
A cyber attack can be either active or passive. In the case of an active attack, the primary aim is to destroy the system or gain total control from the owner. While in a passive attack, the attacker does not attack the system. Instead, the attacker stays in the middle and continues accessing information from the system illegitimately.
What makes an Attacker to target us?
Valuable items make banks and malls targets of traditional thieves. The computerized methods of almost everything in the present age have made the most valuable information available on the internet.
Financial information, health records, personal data and the likes are no more physical documents but now online. That valuable information has made it essential for criminals to use cyber attacks instead.
As long as you make use of the internet and have some personal data online; you are a potential target of attackers. Against the general belief that attackers target top organizations and people with great financial strength only, attackers target anyone who can give them the valuable details they need.
Irrespective of your status in the society, you can also be a victim of a cyber attack, so you should take responsibility on how to defend against it.
Common Types of Cyber Attack
Cybercriminals use a lot of methods, but here are the five most common ones:
Phishing is a technique where cyber criminals lure an unsuspected individual into clicking a mail or a link which can be harmful to such person. Such person might be tricked into downloading malware that's disguised as an essential document, or urged to click on a link that takes them to a fake website where they'll be asked for sensitive information like bank usernames and passwords.
Many phishing emails are relatively crude and emailed to thousands of potential victims, but some are sent to a targeted audience based on the attacker's information. Someone who posts a lot of sports betting can be lured by an attacker with a juicy offer about them.
The fundamental goal of an attacker in cases like this is to hold you at ransom. An attacker uses malware to encrypt victims files or the entire system then requests the victim to perform some particular action (usually involves sending money), before the victim's file or system can be restored. The action is similar to the kidnapping of people in the physical aspect of malicious activities. The costs can range from a few hundred dollars to thousands and are typically payable to cybercriminals in cryptocurrency.
c. Malicious Software (Malware)
Malware is any kind of software, no matter how it's structured or operated, that “is designed with the goal of causing harm to computer or networks.”
Microsoft describes worms, viruses, and trojans as varieties of malware, distinguished from how they reproduce and spread. These attacks may render a computer or network inoperable, or grant the attacker root access to control the system remotely.
d. Denial of Service (DoS)
The aim is to frustrate legitimate people from accessing a needed resource. Denial of service is a brute force method of trying to stop some online service from providing its service at a needed time.
For instance, an attacker might send so much traffic to a website or so many requests to a database that overwhelms the systems' ability to function, making them unavailable to anybody. DoS can also be performed using many computers to carry out an attack, which is referred to as a Distributed Denial of Service attack (DDoS).
e. Man in the Middle attack
A man in the middle attack (MITM) is a method by which attackers manage to secretly interpose between the user and a web service they're trying to access. For instance, an attacker might set up a Wi-Fi network with a login screen designed to mimic a school network; once unsuspected students connect to it, the attacker can harvest any information they send, including banking details.
Defending against cyber-attacks are not meant for cybersecurity experts alone. There is a need for we individuals to be security-conscious and expose ourselves to basic cybersecurity knowledge and about different forms of cyber attacks and how to defend against them.
The best form of security is to avoid it, so any link or email you are not sure of, don't check it or click it. Stay Safe