News headlines about high-profile cyber attacks have been increasingly frequent over the course of the past 18 months; it seems like every week there’s a new story. Reading the finer details about these attacks is as exciting as watching your fingernails grow, and often seems to require a PHD in Cybersecurity Studies from Oxford to understand. Fortunately, the entry requirements for this blog are much lower.
Let’s get back to basics. What actually is a cyber attack? It’s where hackers attempt to steal data, breach a computer system, or just cause major disruption for your businesses operations. Attacks can appear in many different forms, and here’s a look at the more common cases to watch out for.
Phishing
Phishing is not the sort of activity that you want to get caught out on. That email you’ve just received from someone within the company, does it contain a link directing you to sign in, or an attachment you weren’t expecting? If so, be careful – those links could send you to a fake login portal or an attachment that might download malware onto your computer for stealing sensitive information. It can be as easy as that for hackers to gain access to your info.
Spear-phishing is similar but is far more focused. With a quick Google search, hackers find information about you or a target group that will get you to let your guard down. They can locate something as easy to find as an email address and then they’ll use it to trick you into trusting that their email is from a reliable source.
Even the world’s best goalkeeper will still concede goals from time to time. Similarly, phishing threats can’t be mitigated by security software alone. It’s far more effective to train your employees to know how to spot and deal with phishing emails in the first place. Get them to ask themselves a few questions before opening an email:
- Does the link go to the URL that has been identified? (You can always hover over it to check).
- Are there any obvious spelling mistakes that a legit company just wouldn’t miss?
- Does the tone of voice sound right if it includes a persona you might know?
And it’s not just emails that are impacted either. Phishing scammers also target texts and phone calls so make sure your team are trained to smell something ‘phishy’ when it comes along. Sorry.
Malware
Now, malware (aka malicious software) can be a huge pain in the backside if it makes itself comfortable on your computer. If accidentally downloaded (i.e. you clicked on that attachment that offered a free cruise around the Bahamas), it’s not always apparent that the malware has caused any problems. It’s not as if you get an instant alert or red flag moment. In fact, programmes might run normally at first. Malware isn’t in a rush. It creeps and embeds itself into legitimate code or apps, without you knowing, and collects information over days, weeks, or even longer periods. It’s here for a long time, not a good time.
There are two common forms of malware to look out for.
- Spyware, which likes to lurk about in the background to collect data like passwords, files and browsing history before feeding it back to a hacker who can use it as they please.
- Ransomware, which encrypts software and files so hackers can hold them up for ransom and threaten to delete or publish files unless money is paid to them. If they are feeling nice, they might actually let you have those files back – if you pay up. It’s not just celebrities this happens to, take the Pegasus scandal for example. That spyware was able to monitor your phone 24-hours a day, and managed to infect thousands of phones via spear-phishing and zero-day vulnerabilities.
Man-in-the-middle attack (MITM)
It is what it says on the tin, messages are intercepted between two users, and those messages can then be filtered or altered by the hacker without either of them knowing.
Fortunately, this isn’t as common as it used to be because of the increased prevalence of end-to-end encryption in messaging platforms, but that doesn’t mean it’s gone the way of the dodo. It can still occur when using unsecure wi-fi, or can be set up by malware. So if you find yourself questioning a conversation online, it’s always best to check you’re dealing with the right person.
Denial of service attack (DoS)
This one can put a real spanner in the works for a business, as Amazon experienced in 2020 when they were targeted with the largest denial of service (DoS) attack in history.
Basically, the hackers’ aim is to overload systems with so much traffic (using bots) that site can’t function properly or could even go offline altogether. Why would hackers do this? It’s usually politically motived, but it can also be used to inflict brand damage or disrupt a competitor’s services. Chaos is a ladder.
SQL injection
This one’s all about damage to data and it happens a lot to websites with databases that are vulnerable. Hackers do a quick copy and paste of harmful code into the search box of a website, which then allows them to read and delete data. This can get even worse; hackers can even escalate this issue to a DoS attack.
Cryptojacking
Although this attack isn’t as severe as some of the others, it can still drain a lot of business resources which might give you a nasty shock when it comes to paying your energy bills.
During a cryptojacking attack, hackers gain access to a company’s systems so that they can use their servers/computers to mine cryptocurrency. Although this doesn’t sound as devastating as the above, this issue is widespread. And, if hackers are able to use your systems for this, it only goes to show how vulnerable you are to a more serious attack. So it’s worth being vigilant. In 2018 it was said that there were 55% of businesses affected globally by crypto-mining. Although, thankfully that has now declined a lot, thanks to the closure of Coinhive (a crypto-mining service provider).
Zero-day exploit
This one is fast and furious. Systems usually have flaws that appear over time, and it’s a developer’s job to patch those flaws up to make sure your software isn’t vulnerable to attack. But hackers get wise to this, and if a flaw is found cyber criminals all over the world close in to exploit it. Hence the term ‘zero-day exploit’ as developers have zero days to patch the issue.
DNS tunnelling
DNS is basically a translator for human-readable domain names to IP addresses. But it’s not just used for this purpose – it’s also utilised to transfer small amounts of data between two systems, which makes it a hacker’s absolute dream. They can easily crawl their way around defences and create a backchannel of data that is inserted into DNS. They can then obtain data from systems and, more worryingly, install malware to cause a number of disruptions. To fully understand this one you probably do need a Cyber PHD, but here’s an article that goes into more depth.
So, there you have it, a whistle-stop tour of some of the most common types of cyber attacks to look out for. We don’t share this blog lightly of course, nor do we wish to cause alarm. But cyber attacks are real and they can cost you time, money, and reputation. As more and more people embrace remote working, your vulnerability will only increase. Any business can fall victim to a cyber attack, so it’s never been as important to keep your eyes peeled and your team trained when defending your business.
And, if you want any extra advice on this topic, you know where we are.
