Detailing Cyber Incidents: Part 1

As is the case with most criminals, cyber attackers have a variety of methods at their disposal. There are nearly endless ways to intrude an IT environment to eventually penetrate internal systems. In an ideal world, all organizations would have the security protections to guard them against every type of attack, but that’s just not realistic yet.

It is well established that when cybercriminals are able to penetrate an organization, the result can be catastrophic for the victim. Data theft/loss and financial extortion can be crippling, sometimes wiping companies (such as FlexMagic Consulting) out of business.

Once a hacker has penetrated or circumvented whatever security is in place, the assailant has many options available to extract data, disrupt business activities, hold the victim ransom, and/or more. Any of these can be achieved through several different types of cyber attacks, but there are some such as the ones below, that are particularly prevalent:

Phishing

Phishing is the most common hacking method used by cybercriminals because of its ease of use and success rate. Phishing is a form of social engineering that involves the attacker tricking the victim into clicking on a malicious — but authentic-looking — link. Often, attackers launch phishing campaigns through email, but a major misconception is that this is the only attack vector for “phishermen.” There are numerous outlets for browser-based phishing threats, such as schemes launched through malicious apps and extensions, social media, instant messenger, browser-pops, rogue browser plug-ins. These lead the victim to give away sensitive information (such as a password) or enabling ransomware or some other form of malware. Organizations of all sizes can be painfully vulnerable to phishing attacks because criminal hackers target the weakest links in most companies — their employees.

Denial-of-Service (DoS) attacks

This is another frequently used attack method for cybercriminals. The most common DoS attacks involve flooding the victim’s systems with traffic. Once saturated, the victim’s systems crash and cannot carry out business activities. This can disable an organization, preventing their users’ access to and use of IT resources (i.e. email).

One specific sort of DoS attacks are DDoS attacks — Distributed Denial of Service. These are launched as cybercriminals use multiple weaponry sources to launch several synchronized attacks that bombard various points of the victims’ systems. This allows the attacker to hit several components of the victim all at once and remain difficult to detect because of the numerous attack points, both of which make incident response even more difficult.

Man-in-the-Middle (MitM) attacks

Cyber infiltration from a third party results in what is referred to as a Man-in-the-Middle attack. This involves an outside entity intercepting and altering the communication between two parties who believe they are only communicating with each other.

By impersonating them both, the attacker manipulates both victims in an effort to gain access to data. The users are naively unaware that they are both communicating with an attacker. Some examples of this include session hijacking, email hijacking and Wi-Fi eavesdropping.

Drive-by attacks

As you would expect, this type of attack gets its name in reference to the quick-hit, hard-to-detect nature of non-digital drive-by attacks. Assailants swoop in, attack, and quickly leave with little trace but can succeed with significant damage. Drive-by cyber attacks are common methods of spreading malware. Criminal hackers seek out insecure websites and plant malicious scripts into code on one of the pages. These scripts can then install malware onto the computer of someone who visits the site or re-direct the victim to a different site controlled by the malicious actors.

One of the aspects that makes these attacks so dangerous is that this attack strategy does not rely on the unsuspecting user to take much of any action in order to fall victim. Simply by visiting one of the compromised sites, victims can unknowingly be infected with malware. To make matters worse, malware can be slipped inside and remain concealed enough to go undetected if the user and his or her organization don’t have proper security protections in place.

Password attacks

Naturally, password attacks are when cybercriminals specifically target potential victims’ passwords. These sorts of attacks are aimed specifically at obtaining a user or an account’s credentials in order to gain the user or account access. A successful password attack can enable the cybercriminal to obtain access to major internal systems, critical data, and really anything the user or account’s identity can access.

Criminal hackers use a variety of techniques for getting their virtual hands on passwords, such as password-cracking programs, dictionary attacks and password “sniffers,” — or even just by guessing the right words (letters, numbers, special characters, etc.). This last option usually requires at least some personal knowledge of the individual victim (such as the user’s birthday or dog’s name), but cybercriminals are certainly capable of deciphering unchanged default passwords, guessing the simplest of codes which often include “123” or even the credentials of those who use the word “password” to safeguard their accounts. This is why having strong passwords is so important and why all those inconvenient (but necessary) timely password reset requirements should be taken seriously.

Responding to these incidents

Once you know what attacks to be wary of, the next step is preparing for them to target your organization. Since it continues to become a widely accepted theory that “it’s not if you’ll be attacked, but when,” it’s critical that every organization has a plan in place for if they are hit with a cyber attack — an incident response plan.

In part two, I will discuss what to do in order to safeguard your organization from these attacks.

Stay tuned…


Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Jane Fonda
How Jane Fonda Achieved a Net Worth of $200 Million
William Burr
How Bill Burr Achieved a Net Worth of $8 Million
Why is Health Insurance So Expensive?
James Lico
10 Things You Didn’t Know about Fortive CEO James Lico
The 20 Most Expensive Stocks in 2019 By Share Price
Advice on Obtaining a Credit Card as a College Student
Takeaways from The 2019 Student Card Survey from Creditcard.com
American Tower
Why American Tower is a Solid Long-Term Dividend Stock
20 ‘Smart’ Technologies That Will Be Available Before We Know It
embedded personal devices
Where are We With Embedded Personal Devices?
20 Smartphone Technologies That Will Blow You Away
bullets that change direction
Where are We With Bullets that Change Direction?
WOW Air
The 20 Worst Airlines in the World in 2019
Swift and Sons
The 20 Best Steakhouses in Chicago
Caladesi Island
The 20 Best Beaches in Florida in 2019
Why La Cosecha Argentinian Steakhouse is One of Miami’s Finest Steakhouses
Hybrid Cars
The 20 Best Hybrid Cars of All-Time
Rolls Royce Silver Seraph
The Rolls Royce Silver Seraph: A Closer Look
The Rolls-Royce Silver Spirit
The Rolls-Royce Silver Spirit: Its History and Its Evolution
Rolls Royce Twenty
A Closer Look at the Rolls Royce Twenty
A Closer Look at the Hublot Bigger Bang
IWC Big Pilot's Watch Constant-Force Tourbillon Edition Le Petit Prince
A Closer Look at the IWC Big Pilot’s Watch Constant-Force Tourbillon Edition Le Petit Prince
A Closer Look at the Jaeger-LeCoultre Master Ultra Thin Tourbillon
Time Traveling: The Hublot Classic Fusion Zirconium