Organisations are warned all the time about the threat of cyber attacks, but what does that really mean? How might a crook actually inflict damage?
Here are seven of the most common methods of attack.
The term ‘hacker’ is often used synonymously with ‘cyber criminal’, but it actually refers to a specific activity in which someone circumvents an organisation’s security measures. This could be for malicious purposes (i.e. criminal hacking) or to alert organisations to weaknesses that need to be addressed (i.e. ethical hacking).
Hackers can target organisations in several ways, but they’ll usually use exploits (in the form of software, chunks of data or command series) that search for and take advantage of bugs or vulnerabilities. Hackers also often use password-cracking software, which are programs that automate password-guessing based on a huge database of common passwords.
- Adware and spyware
Adware (advertising-supported software) displays ads on your computer, typically in the form of popups and windows that can’t be closed. It’s closely related to spyware, which is designed to monitor users’ Internet activity. Spyware gathers information, which can either be sold to a third party or used to target you with adware.
- Trojan horses
A Trojan horse (or just ‘Trojan’) is a malicious program that masquerades as something useful, tricking users into downloading it. Once on the victim’s computer, the Trojan can be used to steal data, install more malware or modify files.
- Viruses and worms
Viruses attach themselves to programs, script files and documents in order to spread to other victims. They are often used to gather information or harm the host computer(s) and network(s).
Worms spread to other computers, but unlike viruses they are self-contained and self-propagating. They usually show up via email and instant messages, and are often designed to steal data or delete files.
Ransomware is a type of malware that locks victims’ computers, preventing them from accessing files until a ransom is paid. When the payment is made, the criminal provides a decryption key that will give the victim access to their systems again.
There are plenty of problems with ransomware, both logistically and ideologically. First, not all attacks are ‘true’ ransomware and the malware can be easily removed without paying up. Second, there is no guarantee that paying the ransom will result in your systems being restored. After all, you’re relying on an anonymous criminal keeping their word. Third, paying ransoms rewards the crooks and gives them the money and incentive to launch more attacks.
Ransoms should be unnecessary if organisations regularly back up their systems. Although it takes time to access those backups, the delays will be less costly than acquiescing to the criminals’ demands.
- DDoS attacks
In a DDoS (distributed denial-of-service) attack, crooks overload an organisation’s servers in order to make its website temporarily unavailable. This can serve one of two purposes. It could be an act of revenge against an organisation, or a distraction that allows the crooks to break into the organisation while its staff are focusing on restoring its website.
Unlike the other attacks listed here, phishing attacks target human weaknesses as opposed to technological vulnerabilities. Crooks send emails (and occasionally texts or social media messages) that masquerade as urgent correspondence from legitimate sources. They aim to trick people into downloading malware or handing over sensitive information.
Cyber incident response
You can learn more about these and other threats by reading our free green paper: Cyber incident response (CIR) management – An introduction.
A CIR system helps organisations identify and respond to cyber security incidents quickly and effectively, which reduces the financial damage that attacks cause and ensures that the organisation’s reputation remains intact.
Download our guide to learn:
- The benefits of adopting a CIR system;
- Our recommended approach to CIR;
- The importance of scenario development; and
- Best-practice guidance for establishing a CIR system.