Cyberattacks have almost become a certainty for businesses that deal with important online data. One of the most recent attacks hit Tesco Bank in November 2016, leading to customer losses of £2.5 million. Previous incidents have damaged JD Wetherspoons, TalkTalk and Hilton Hotels, and now cybercriminals are targeting vulnerable SMEs and individuals. It’s clear that cybercrime is a huge issue for everyone with online personal data, but how do cyberattacks actually work?
One of the most common types of cyberattack is Denial of Service, which blocks intended users from accessing online content. They can last anywhere from a few hours to a number of weeks. DDoS (Distributed Denial of Service) is the next step up from regular DoS, and involves saturating the victim’s servers with multiple devices and commands. The effects of Dos/DDoS attacks can be devastating, acting as a distraction as security settings are destroyed. However, their main aim is visibly disrupting operations to make a statement. One of the most high-profile DDoS attacks was carried out on the BBC on New Year’s Eve in 2015.
Malware, short for ‘malicious software’, is the all-encompassing term given to malevolent code such as Trojans, worms, adware, spyware and viruses. Malware is usually used to destroy or steal information, finding its way into the targeted system via emails, downloads or by exploiting vulnerabilities. Malware can be used to spy on organisations and internet users alike for extended periods of time, undetected. It is mainly geared towards making a profit by getting hold of valuable information and using it as a tool, but can also be used simply to disrupt operations.
Disguised as a request for data from a trusted third party, Phishing aims to steal information by persuading the victim to click on a link and enter personal data. Phishing works in the same way as spam, but it can have far more serious consequences. With so much correspondence now taking place online, victims rarely think twice about following commands that they think are from a legitimate source. This type of cyberattack obviously compromises the security of individuals and organisations, and is damaging for the image of the impersonated source.
MITM stands for Man in the Middle. In these types of cyberattacks, cybercriminals impersonate the intended end-point of a digital conversation – for example, a MITM could impersonate your bank, which is as scary as it sounds. The conversation works both ways – a bank might believe they are talking to a customer as much as a customer might think they are talking to their bank, but in fact the whole thing is run by the MITM, who quite literally sits in the middle of the exchange. As well as manipulating a conversation, MITM is used to eavesdrop. The success of the attack lies in whether or not each party is convinced by the impersonation.
5. Water holing
Water holing is the process of setting up a fake website or manipulating an existing, legitimate site to exploit its users. Water holing usually targets an organisation or a group, but does so by using the information of an employee. Cybercriminals pick certain employees and track their online usage to work out which sites will be easiest to infect. Once the individual’s information has been obtained, the cybercriminal can gain access to their workplace. Although water holing is uncommon, it’s very hard to detect. Because of this, it can be used against high security organisations, which makes it even more worrying.
While there are various methods used to target individuals and corporations, there are equally as many ways to defend against them. The first step is to update firewalls as well as general security settings. When it comes to Malware, it’s a case of applying common sense and avoiding suspicious links from unknown or anonymous sources. Companies and individuals can also invest in VPNs (Virtual Private Networks) and patch management – which involves ‘patching up’ software vulnerabilities. Checking that websites use the ‘https’ prefix and using verification protocols can help avoid MITM impersonations, water holing, and any malicious software living in sketchy online locations. And if you’re still confused, there are numerous different cybersecurity companies that can offer advice and updates. So, there may well be a long list of cyberattacking strategies out there, but there’s plenty that can be done to stop them. . . and the time to do it is now.