As our society continues to rely more heavily on digital services and cloud-based infrastructure, we have seen a coinciding increase in cyber-attacks and criminal activity. Unfortunately, the pandemic has created a world of opportunity for cybercriminals as it has pushed us even further towards decentralized work environments. There are new cyber threats being created daily, and so it is important to understand the different attack vectors that might be used and how to respond.
What is a Cyber-attack?
A cyber-attack is an attempt by a hacker to gain unauthorized access to an IT system for the purpose of exploiting and stealing sensitive information. Hackers will typically draw on similar strategies and tactics that have previously proven effective, so an understanding of what these methods are might provide some benefit the next time your organization is dealing with an incident.
Here is an overview of some common attack types that we are seeing today:
Malware
Malware refers to a variety of different forms of malicious software including things like computer viruses or ransomware. Once installed, they will typically carry out a variety of different functions – Many will take control of your computer or monitor your actions and keystrokes. Some even send out confidential data from your computer without your knowledge.
Malware must be installed onto your computer for it to perform any functions. As such, attackers will use a variety of methods to try and you to install their malware onto your computer – typically, they will include a link to download a seemingly harmless file or attachment that actually contains a malicious payload.
Phishing
For the most part, people generally understand that downloading suspicious attachments from strange emails is probably a bad idea. However, hackers have also realized this and have turned to phishing tactics to trick people into giving up sensitive data or confidential information. They will typically pretend to be a trusted authority figure or close friend in order to trick you into installing a malware attachment or sharing a password.
The next time you see an email from a seemingly trusted source, pay close attention – is there a sense of urgency? Is the writing style different? Are they asking you to provide sensitive information or send money?
SQL Injection Attack
Many servers that store sensitive company information use a language called SQL (pronounced “sequel”) to manage their database. SQL injection attacks specifically target these kinds of servers by using malicious code to get the server to divulge information that it normally wouldn’t. With this method, attackers are able to create, read, modify and delete data that is stored in the database.
The best way to protect yourself against an SQL Injection attack is to make sure that your database permissions are properly configured. Most SQL Injection attacks stem from improper database configuration.
Denial of Service (DoS) Attack
A Denial of Service (DoS) attack involves an attacker flooding a target with traffic in an attempt to disrupt its operations or bring it down entirely. In other words, an attacker floods a website with more traffic than it was built to handle, meaning that it can no longer process requests from legitimate users trying to access site content.
These types of attacks can be especially difficult to overcome when performed by multiple computers at the same time. Distributed-Denial-of-Service (DDoS) attacks appear as if they are coming from many different locations around the world, making it difficult to determine its original source.
Man-in-the-Middle (MITM) Attacks
A Man-in-the-Middle (MITM) attack occurs when an attacker inserts itself between two people trying to communicate, effectively spying on the interaction between the two. This can go on completely undetected while the people are communicating, as it will seem like they are just communicating as they normally do.
Cross-Site Scripting or XSS Attacks
Cross-Site Scripting attacks involve injecting malicious code into a website in order to target its users. For example, an attacker might leave a malware download or embed malicious JavaScript in a blog comment in the hopes that a reader will click on it.
Once access is gained, the attacker can then carry out a variety of different functions from within your browser window. For example, they might change the details of a bank transfer request by redirecting money back towards themselves or by changing the monetary amount that is sent.
How Stratejm can Help:
The internet can be a dangerous place, and it can often be difficult to keep up with cyber threats and exploits that seem to be changing all the time. Partnering with a managed security services provider is, therefore, the best way to ensure that your organization is adequately protected from cyber threats. Stratejm can help with your extensive cybersecurity experience providing comprehensive security solutions for enterprises of all sizes.