Modern hackers have a number of different types of cyber-attack in their playbook. Learn their methods and protect your business.
Cyber-crime takes place all around the world, every day. It’s a business, and like any business sector there are players of all sizes looking to make a profit. Cybercriminals can range in size from individual hackers through to large, surprisingly structured and organised organisations. However, the types of cyber-attack that they carry out are often similar. In this blog post we will take a look at six of the key types of cyber-attack that modern businesses should protect themselves against.
Six Key Types of Cyber-Attack
The attack vectors that are utilised by cybercriminals are constantly evolving. However, there are six key types of cyber-attack that we see carried out again and again: –
- Malware. Malware is a bit of a catch-all term, and it can be used to describe types of cyber-attack such as Trojans, worms, spyware, and viruses. What unites all types of malware is the malicious intent with which they are developed and spread, often through email attachments and operating system vulnerabilities.
- Distributed Denial of Service. Distributed denial of service (or DDoS) attacks work by flooding a network with an unmanageable amount of data. By overloading the network, attackers prevent networks and systems from functioning effectively by slowing them down to a crawl. Large-scale DDoS attacks have been launched against the likes of Dyn, who control a large part of the Internet’s DNS infrastructure.
- Man in the Middle. Man in the middle attacks steal confidential information by impersonating endpoints that users want to communicate with. A common example of this is online banking. Cybercriminals will setup a website that impersonates a bank’s website. They will then manage communication between a user and the actual bank’s website, stealing information throughout.
- Phishing Emails. Phishing emails are one of the most popular methods of cyber-attack utilised by cybercriminals today. Phishing emails are designed to mimic legitimate emails, lulling the recipient into a false sense of security. They often contain malware payloads, or try to persuade victims to carry out damaging actions such as money transfers to offshore bank accounts.
- Password Hacking. For web-facing portals that require usernames and passwords, cybercriminals often utilise brute force hacking to attempt to crack passwords. At Capital Support we recommend implementing multi-factor authentication, which prevents blunt force password hacking by introducing an additional security layer when actual users login.
- Drive-by-Downloads. Drive-by-downloads work by installing small exploit kits on compromised websites. If a user visits the website with an out-of-date browser, the exploit kit downloads to their machine and communicates with a separate server to upload malware to the infected machine.
Understand the Risks and Protect Yourself
There are many types of cyber-attack, and as a connected business you need to protect yourself from all of them. Understanding the risks is the first step towards securing yourself and your business. At Capital Support we deliver a range of Managed Security services that deliver end-to-end protection for regulated firms. Contact us if you’d like to learn more.