Cyber Up with CERT PNG Cyber Smart Pacific
Here are a list of some of the most common cyber security threats the world of computing faces today.
Phishing attacks use fake communication, such as an email, to trick the receiver into opening it and carrying out the instructions inside, such as providing a credit card number. “The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine,” Cisco reports.
- Denial of service
A denial of service (DoS) is a type of cyber attack that floods a computer or network so it can’t respond to requests. A distributed DoS (DDoS) does the same thing, but the attack originates from a computer network. Cyber attackers often use a flood attack to disrupt the “handshake” process and carry out a DoS. Several other techniques may be used, and some cyber attackers use the time that a network is disabled to launch other attacks. A botnet is a type of DDoS in which millions of systems can be infected with malware and controlled by a hacker, according to Jeff Melnick of Netwrix, an information technology security software company. Botnets, sometimes called zombie systems, target and overwhelm a target’s processing capabilities. Botnets are in different geographic locations and hard to trace.
Malware is malicious software such as spyware, ransomware, viruses and worms. Malware is activated when a user clicks on a malicious link or attachment, which leads to installing dangerous software. Cisco reports that malware, once activated, can:
– Block access to key network components (ransomware)
– Install additional harmful software
– Covertly obtain information by transmitting data from the hard drive (spyware)
– Disrupt individual parts, making the system inoperable
The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware.”
- Password attacks
With the right password, a cyber attacker has access to a wealth of information. Social engineering is a type of password attack that Data Insider defines as “a strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices.” Other types of password attacks include accessing a password database or outright guessing.
- Man in the middle
A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-party transaction. After interrupting the traffic, they can filter and steal data, according to Cisco. MITM attacks often occur when a visitor uses an unsecured public Wi-Fi network. Attackers insert themselves between the visitor and the network, and then use malware to install software and use data maliciously.
- Social engineering attack
A social engineering attack is a branch of cyberattack that psychologically manipulates people into performing actions that are not in their best interest. Attacks are often executed with the goal being to gain sensitive information about an individual or organization, such as passwords and account numbers.
Social engineering attacks include:
This is a targeted attack in which attackers specifically target individuals with security privileges or influence. This type of hacking technique works because the individual will be more willing to trust an email from someone they know than one coming from an unknown sender, leaving them vulnerable to malicious files and links that can steal their information or install malware on their device.
Homograph attacks are a type of phishing attack that uses very similar web addresses to legitimate websites. The goal is for people who don’t notice the slight difference in URL and blindly submit their credentials and other sensitive information into an attacker’s hands.
This is just a list of some of the most commonly faced Cyber security issues around the globe.
Given the many threats lurking out there on the world wide web, do you feel vulnerable? Feeling reluctant dabble in the electronic world?
Well stress less, adhere to the 4 simple smart cyber practices and you will be back online feeling confident as ever.