The internet has not only transformed the way companies do business, but has also fundamentally changed people’s relationship with their confidential information. While this information was once safely locked away (more or less), today much of it can be found somewhere online. With more people using network services for entertainment, managing their finances, and doing their jobs, cyberattacks aimed at gathering and capitalizing on valuable data have become increasingly common, leaving everyone at risk of internet exposure.
For many people, the prospect of a cyberattack seems like a distant event; something that may happen to someone somewhere, but certainly “not to them.” But reports indicate that the total number of reported cyberattacks nearly doubled from 2016 to 2017, and since the majority of hacking intrusions likely go unreported, the true number is almost certainly much higher. Experts simply assume that once the data from 2018 is analyzed, the year will go down as a record-breaking one for cyberattacks.
Although there are many examples of security breaches, here are some of the most common ways that attackers gain unauthorized access to systems or shut them down entirely:
With internet traffic setting new records each year, it’s hardly a surprise that distributed denial of service (DDoS) attacks have become one of the most common types of security breaches. The concept behind DDoS attacks is really quite simple: inundate a server with access requests until it overloads and crashes. Easy to organize and execute, DDoS attacks typically involve sending out malicious code to thousands of computers that instructs them to send requests to a single target. This “botnet” can be directed by a single attacker, often completely unbeknownst to the computer’s owner. However, 2018 saw a new form of DDoS attack, memcaching, make headlines by delivering record amounts of traffic to bring down well-protected servers. DDoS mitigation services help to spot these attacks before they intensify and safely redirect the traffic before it brings a network to its knees.
Oftentimes, the easiest way to access a system isn’t by hacking into it, but rather by hacking into its client systems. In a man in the middle (MitM) attack, an attacker waits for a trusted client to connect to a server. The attacker then hijacks the session by substituting its IP address for the client’s and disconnecting the client. The attacker then continues the session with the server, which believes it’s still communicating with the original client. In many cases, the attacker carries out a two-way deception, causing the client to believe they’re still connected to the server when they’re actually connected to the attacker. This allows the attacker to gain access to information from both sides since both the client and the server believe they’re engaged in legitimate communication with each other.
A “classic” form of cyberattack and a common example of security breaches, phishing has stuck around as long as it has for one simple reason: it’s effective. Phishing attacks send emails that appear to originate from legitimate sources, but are designed to encourage the recipient to take an action of some kind that will give the attacker access to valuable personal information. Perhaps it’s clicking on a link that downloads malware onto the computer or following a link to another site that asks for credit card information for seemingly legitimate reasons. While often the subject of derision, some phishing attacks are quite sophisticated, playing on vulnerabilities of human psychology or exploiting a lack of knowledge. Most people may know not to click the link to send money to a mysterious African prince in need, but what about an email from Apple informing them about an unauthorized charge to their credit card? Although spam filters are quite good at detecting many phishing emails, the best protection continues to be caution and critical thinking.
Deception is a vital ingredient of most types of security breaches. One of the more insidious deceptions comes from domain name server (DNS) hijacking because it subverts one of the most basic functions of the internet. Each website has a unique DNS identification, much like an entry in a phone book that allows network infrastructure to direct internet traffic to the intended destination. By using malicious software, a hacker can redirect a query to a different DNS, usually a site controlled by the hacker that uses a variety of means to steal information from visitors. If the site looks legitimate, people may share their financial or personal information on forms or click links that download malware onto their computers.
No discussion of cybersecurity would be complete without mentioning malware. Short for “malicious software,” malware comes in a dizzying variety of forms, all of them rather unpleasant to deal with. Most malware disguises itself by attaching to legitimate code and replicating itself as it spreads from system to system. Whatever form it takes, the intention is typically the same. Malware gives an attacker unauthorized access to the victim’s computer. Sometimes that access is very limited, only allowing partial visibility into certain files or processes. In other cases, malware can create backdoors that allow hackers to gain total control over a computer or even direct it to engage in illegal activity. One form of malware, ransomware, has made headlines in recent years for its ability to bring entire cities to a halt. Ransomware shuts down access to critical data, which attackers then promise to provide in exchange for payment. The best protection against malware is often preventing it from being installed in the first place. Unsurprisingly, phishing attacks are one of the leading delivery methods for malware.
With cyberattacks on the rise, everyone, not just businesses and governments, needs to be on the lookout for the common strategies used in network security breaches. By preparing for the worst and maintaining vigilant practices, it’s possible to minimize the impact of cyberattacks or avoid them altogether.