This blog has been updated to reflect industry developments. Originally published 1 December 2017.
But how do these attacks manifest themselves, and what are the most common cyber threats to organisations today?
In this post, we explore five of the most common cyber attacks and discuss what you can do to protect your organisation.
What is phishing?
Phishing is a form of social engineering where a criminal hacker tries to trick the user into clicking a malicious link or downloading an infected attachment or divulging sensitive or confidential information.
Proofpoint’s 2019 State of the Phish Report found that 83% of respondents experienced a phishing attack in 2018 (up from 76% in 2017), and Verizon’s 2019 Data Breach Investigations Report revealed that 32% of data breaches involved phishing.
Types of phishing
There are many types of phishing, including:
Vishing: Voice phishing or ‘vishing’ is a type of phishing conducted by phone. Most vishing attempts try to get the victim to reveal information like PINs, payment card details and passwords. Criminals then use those details to access online accounts to steal information or money.
Smishing: SMS phishing or ‘smishing’ is becoming a more popular form of phishing, partly because we increasingly rely on smartphones in both our work and personal lives.
Spear phishing: Spear phishing is a targeted form of phishing attack – usually conducted to seek financial gain or obtain insider information – where cyber criminals adapt their methods to reach a specific victim. Spear phishing attacks are rarely random – instead, they are most often conducted by perpetrators seeking financial gain or insider information.
Staff awareness training can help reduce the likelihood of a user falling for a phishing attack.
What is ransomware?
Ransomware is a type of malicious software designed to deny access to files until, or threaten to publish the victim’s data unless, a ransom is paid (although there is no guarantee that access will be restored, or that the criminal hacker will destroy the data).
The threat is growing. The 2019 Official Annual Cybercrime Report predicts that a business will fall victim to a ransomware attack every 14 seconds in 2019, and every 11 seconds by 2021.
3) DDoS attacks
What is a DDoS attack?
A DDoS (distributed denial-of-service) attack attempts to disrupt normal web traffic and take a site offline by overwhelming a system, server or network with more access requests than it can handle.
DDoS attacks typically serve one of two purposes:
1) An act of revenge against an organisation.
2) A distraction that allows cyber criminals to break into the organisation while it focuses on restoring its website.
How to prevent DDoS attacks
The reputational and financial damage as the result of the service unavailability inflicted by a successful DDoS attack can be severe. Therefore, preventing or at least quickly countering DDoS attacks can be critical for your organisation’s survival.
Regularly testing your IT infrastructure is paramount to keeping your systems secure, and is something any organisation should consider as part of its cyber security strategy.
4) Computer viruses
What is a computer virus?
A computer virus is a type of malicious code or program written to alter the way a computer operates. Much like a flu virus, it is designed to spread from one computer to another (but without the user’s knowledge) by:
- Opening an infected email attachment;
- Clicking an infected executable file;
- Visiting an infected website;
- Viewing an infected website advertisement; or
- Plugging in infected removable storage devices (e.g. USBs).
5) Attack vectors
Attack vectors are used to gain access to a computer or network in order to infect it with malware or harvest data.
There are four main types of attack vector:
A drive-by cyber attack targets a user through their Internet browser, installing malware on their computer as soon as they visit an infected website.
It can also happen when a user visits a legitimate website that has been compromised by criminal hackers, either by infecting them directly or redirecting them to a malicious site.
MITM (man in the middle)
An MITM attack is where an attacker alters the communication between two users, impersonating both victims to manipulate them and gain access to their data. The users are not aware that they are communicating with an attacker rather than each other.
Outdated (unpatched) software often contains vulnerabilities that criminal hackers can use to bring entire systems down. Where they exploit a vulnerability made public before a patch or solution has been rolled out by the developer, this is referred to as a zero-day attack.
Patch management is one of the five basic cyber security controls contained in the UK government’s Cyber Essentials scheme.
A SQL (Structured Query Language) injection occurs when an attacker inserts malicious code into a server that uses SQL (a domain-specific language).
SQL injections are only successful when a security vulnerability exists in an application’s software. Successful SQL attacks force a server to provide access to or modify data.
Protecting your organisation
Cyber attacks can cause significant disruption and damage to even the most resilient organisation. For those that fall victim, the reputational and financial repercussions can be devastating.
But did you know that your employees are your weakest link? In fact, human error is to blame for 88% of data breaches in the UK according to research by Kroll.
Security awareness saves you money
Educated and informed employees are your first line of defence. Empower them to make better security decisions with our complete staff awareness e-learning suite.
A cost-effective way of managing all your staff awareness training in one place, the complete suite contains eight e-learning courses to help you transform your employees from threats to assets.
Included in the complete suite is the Information Security and Cyber Security Staff Awareness E-Learning Course.