Common types of cyber-attacks to be aware of
With the Internet constantly expanding into more households – and people using it more often than before – opportunities to hack into networks and computers, spread viruses and damage software will only continue to rise.
There are many programs you can install and advice you can take to reduce the threat of such attacks to your cyber security. But before you even get to that point, you need to know what they are and how they can affect you.
Generally speaking, you can often breakdown different types of cyber-attacks into two groups: ones that are targeted, and ones that are not targeted. Un-targeted attacks see hackers aim for as many devices, users or services as they can manage, not caring who the victims are. One of the best-known is the phishing email, written to appear as if it has been sent by a legitimate company and designed to get you to pass on private information. Most attempt to provoke panic by suggesting something is wrong and needs to be fixed quickly, requesting things that real companies would never ask for.
Water holing and ransomware are two other un-targeted approaches you need to be aware of. The former sees attackers exploiting a vulnerability in a website to install malware onto it, ready to catch future users. The latter sees a user’s system locked down by an infection until they pay a ransom to their hijackers. Yet of all the indiscriminate cyber-attacks out there, scanning is one of the most far-reaching. Using a network vulnerability scanner, a program assesses countless machines across a network, searching for weaknesses which can be targeted through any of these methods.
Alternatively, targeted attacks tend to involve more planning, as the hacker learns all the details about an organisation and its weak points. A twist on the first method mentioned, spear phishing is a common approach which involves sending emails specifically targeted at certain individuals or companies. Often these include specific information about their recent online activity in order to appear more genuine.
A more disruptive approach is a Distributed Denial of Service attack, whereby multiple systems are all guided to target one website or system at once. Overwhelming the site with traffic, this type of attack aims to freeze the system, stopping users and administrators from accessing it. Yet arguably the most frustrating of all methods to deal with is when a hacker subverts the supply chain, slipping malicious malware or circuitry on to a number of devices before they have even reached their destination. The main danger in this last approach lies in the fact that the receiver may not even know it’s happened.