10 Most common Cybersecurity attacks
Fast fact: 90% of healthcare organizations have suffered at least one data breach exposing patient data over the past two years, while 45% were hit by more than 5 breaches in the same time period. More than 113 million medical records were stolen in 2015 alone.
Whether you have read the latest data breach headline in the news and you are trying to understand what the type of that attack is, or whether you’re a security analyst in your organization, it helps to understand the different ways an attacker might try to cause harm. Here’s an overview of some of the most common types of attacks seen today.
#1 Malware: A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or of otherwise annoying or disrupting the victim. Malware refers to various forms of harmful software, such as viruses and ransomware. Once the malware is on your device, then it will be able to send all confidential data that you have silently, stores your keystrokes and take control of your machine:
#2 A very common malware is Shamoon virus: This virus was discovered around on 2012 and was made to attack 32-bit NT kernel versions of Microsoft Windows.
It was used to spread the malicious-content from an infected machine to other systems connected on the network.
Once Shamoon virus is installed on a system and this system becomes infected, the virus assembles the files the attacker needs from it and sends it back to the attacker. Once this process is done, all infected files are deleted, and the master boot record of the infected system got over-written, making it unable to be used.
#3 Phishing: Tricking individuals into disclosing sensitive personal information through deceptive computer-based means.
In a phishing attack, you might receive an email that looks legitimate and is coming from someone you know and trust. The email will prompt you to click on a link and then it will take you to a website that looks familiar to you. Then you will be entering your credentials, which might be your work email and password, credit cards detail or you Social Security Number. This website will be nothing but a trap that captures your credentials.
#4 DoS: The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.)
#5 DDoS: Distributed Denial of Service – (DDoS) A Denial of Service technique that uses numerous hosts to perform the attack. Usually, this is done when many computers from different locations are attacking the same resource (website, computer, service etc.) and flooding it with more traffic than it was built to handle, which leads to shutting down the service for all users.
#6 Man in the middle: (MitM) An attack on the authentication protocol run in which the Attacker positions himself in between the requesting computer and the remote server, so that he can intercept and alter data travelling between them.
#7 SQL injection: SQL stands for structured query language; it’s a programming language used to communicate with databases. SQL injection attack is a piece of malicious code that specifically targets vulnerable websites the has database servers. These database servers store critical data for the website users. This data could be credit cards details, passwords, usernames…etc.
#8 Cross-Site Scripting: When the attacker injects a piece of malicious code into the website to harm its users, not the website. That means that the malware hits only the website users’ browsers and is able to steal any information the users send to the site, which damages a website’s reputation.
#9 Credential Reuse: One of the ways attackers rely on to attack users, is the fact that the majority of people are comfortable with having the same password for many different accounts. No matter how tempting it may be to reuse credentials for your email, bank account, and your favourite sports forum, it’s possible that one day the forum will get hacked, giving an attacker easy access to your email and bank account. When it comes to credentials, variety is essential.
#10 Mobile Attacks: Smartphones and tablets have long been established as popular personal electronics devices. According to Kaspersky lab statistics for 2018, In 2018, 5,321,142 malicious mobile installation packages were detected.
- A very common mobile attack is the Overlay Malware: A type of mobile malware designed to mimic the look and feel of a legitimate target application.
However, these are the most common types of attacks. If you want to read about the other types of attacks, go back to the Glossary of Technical terms section and check the Cyberattacks types and definitions part.
Now your take on this argument.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also join our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
Click here to Download 5 E-Books that I have taken time to prepare for you.
These E-Books contains formulas that have helped many of my students to nail the PMP Exam. You can also make use of this E-Books. While you are using it if you have questions to ask me concerning the Formulas, feel free to shoot me a mail. I am committed to assisting you to nail your PMP exam. It’s a pledge. You can always count on me as a friend.
PS: For like seven years since I started blogging I have tried many platforms and tools. Some worked and some of them performed below expectation. Here are some of the tools that I will gladly recommend for you any day, any time.
PS: Click on the link below to sign up for my Online E-Course CRM Training. Make sure you confirm your subscription by clicking on the link sent to you. Thanks.
Adeniyi Salau PMP , CCNA R&S , CDMP, CEP, MOS, MCP, CSCU (Project 2016), Microsoft Certified Security and Networking Associate is a Google and Beingcert Certified Digital Marketer, Project Manager and SEO Expert of repute with about a decade of Blogging and online marketing experience. He is always ready to share his experience with others.