Understanding Cyber Attacks: Common Threats and Tips for Protecting Your Organisation
In the digital era, one of the most concerning issues for organisations is cyber attacks. Cyber attacks, or any attempt to destroy, steal, disable, expose or gain information through unauthorised digital access, can be devastating to organisations. In fact, according to the ACSC Small Business Survey Report, cyber attacks already cost the Australian economy $29 billion dollars every year, and they are increasingly frequent.
Organisations need to be thoroughly protected from these attacks, and they need to employ specialists who know how to do this. For those wanting a thorough understanding of the topic, this article will define and detail different types of cyber attacks, including well-known recent attacks. It will then provide tips for how companies can protect themselves from attacks and conclude by discussing future cyber crime trends.
The demand for cyber security experts continues to grow, with research predicting Australia will need between 11,000 to 18,000 additional cyber security workers by 2028. If you want to become a cyber security expert, you can gain the advanced skills and knowledge you'll need to prevent cyber attacks with an online Master of Cyber Security from ECU.
What is a cyber attack?
Put simply, a cyber attack is an attack perpetrated by a human being through a computer against another computer, multiple computers or an entire organisation. What is a cyber attack’s purpose? Typically, cyber attacks have one of two goals. The first is to deny access to a computer or its data. While dangerous, these types of attacks are not necessarily the most dangerous. The second possible goal of an attack is to gain access to a computer’s or network’s data and potentially access administrative privileges. This type of attack can be more dangerous, as it puts sensitive information in the hands of those who should not have access to it.
Any cyber attack can have devastating consequences for an organisation. These consequences include attackers using breached computers as the launching point for further attacks, holding companies and individuals ransom and causing electrical blackouts. Experts go as far as to say that cyber attacks can affect the functioning of life as we know it.
Cyber attacks can have equally catastrophic consequences for businesses. They can cause public relations crises and result in litigation, compliance issues and fines. They can also cause insurance premiums and the cost of company debt to increase, and lead to the devaluation of a trade name and the loss of intellectual property.
Cyber attacks occur in a number of ways. One of the most popular is phishing, where a person sends an email, pretending to be a trusted source, and attempts to elicit information. Another common form of attack is a malware attack, where a user unknowingly downloads malicious software that operates in the background of a computer in order to gain access to sensitive data. Different types of cyber attacks will be explored in more detail below.
10 types of cyber attacks
As the world increasingly relies on technology and computer systems, the number and types of cyber attacks have grown, as has the sophistication of these attacks. For this reason, understanding the different types of attacks, including their goals and consequences, is important.
Here is an overview of the top 10 types of cyber attacks:
1. Phishing
Have you ever received an email from an overseas source claiming you’ve won the lottery or that some unknown person has bequeathed you money? These types of emails are known as phishing emails, and they are extremely common, with hundreds of thousands being sent every month. The main goal of phishing is to gain personal information, which is often later used to obtain money or goods. Another goal of phishing, however, can be to convince a user to do something, such as download malicious malware.
One particularly harmful type of phishing is called spear phishing. Under this attack, the attacker takes time to conduct research into their target and then creates personal and relevant messages, often using email spoofing, where they pretend to be a person that the victim would expect to hear from. The consequences of phishing scams can be catastrophic. In 2020 alone, phishing and other scams cost Australians more than $630 million dollars, according to the Australian Competition & Consumer Commission.
2. SQL Injection
An SQL injection is a type of cyber attack that is used specifically on database-driven websites. Put simply, an SQL injection occurs when a malefactor executes an SQL query to a database. SQL commands are inserted instead of information (for example, login details or a password). The injection can then perform a number of commands, such as reading sensitive data, modifying or deleting data and even forcing a system shutdown. In some cases, SQL injections can issue commands to another operating system.
The consequences of SQL injections can be far-reaching. A successful attack can result in unauthorised access to personal data, as well as attackers taking over systems and siphoning off funds or trade secrets.
3. Cross-site scripting
Cross-site scripting, otherwise known as an XSS attack, uses third-party web resources to run scripts on a victim’s computer. With this type of attack, the attacker injects malicious JavaScript into the target website. Then, when the victim visits that page, the website transmits page information, such as the victim’s cookie, to the attacker. The attacker can then use this information for session hijacking.
Cross-site scripting can be especially dangerous as attackers usually exploit additional vulnerabilities. What this means is that the scripting enables attackers to not only steal cookies but to also log keystrokes, capture screenshots and discover and collect network information. Ultimately, they can gain valuable information and can, in time, access and control the victim’s computer.
4. Denial-of-Service attack
A Denial-of-Service (DoS) attack and the related Distributed Denial-of-Service (DDoS) attack can wreak havoc on a system’s resources as it overwhelms its ability to respond to service requests. A DoS attack sees a large volume of network traffic descending on a target while a DDoS attack is launched from a large number of different computers (potentially hundreds of thousands) that are infected by malicious software and ultimately controlled by the attacker (referred to as a Botnet).
A DoS/DDoS attack is a little different from most cyber attacks as it isn’t designed to give the attacker access to information. However, the consequences of this type of attack can still be disastrous for businesses. If, for example, an attack is launched on a business and their systems go down as a result, then a competing business may benefit while the attack victim works to get its systems online again. In addition to this, additional attacks may be launched while a system is down.
5. Brute force and dictionary network attacks
Did you know that the most common password on the planet is 123456? Unfortunately, a lot of people use easy-to-guess passwords that leave them open to brute force and dictionary network attacks. What’s worse is that people then re-use their badly-chosen password on multiple websites.
A brute force attack is where attackers use trial-and-error tactics to guess passwords, personal identification numbers and other login data. To do this, they use automated software that test a huge number of potential combinations.
A dictionary attack is similar. Using this method, an attacker attempts to open a password protected resource with a ‘dictionary list’ of common combinations, words and phrases.
Both attacks are common and can have dire consequences. When an attacker chances upon the correct password, they have easy access to systems, including email databases and financial information. But unlike other cyber attacks, where systems may suspect them, with this type of attack they are logging in as the user would. For this reason, their activity can go undetected, and they may not be caught for a long time.
6. Insider threats
Most people think that cyber criminals are attackers sitting on a faraway computer on another continent. But the reality is that the threat can be a lot closer to home. One particularly insidious type of cyber attack is an insider threat, where the attack comes from people within or associated with the organisation—for example, employees, former employees, contractors or associates.
As the name suggests, an insider threat is where someone uses their knowledge of the inner workings of an organisation to obtain unauthorised access to their security practices, data and computer systems. The attack can have various goals, including fraud, theft of confidential information and accessing commercially valuable information. Once in the wrong hands, the information can be sold, used to start a competing business or held for ransom.
7. Man-In-The-Middle attack
A Man-In-The-Middle (MITM) attack is where an attacker hijacks a session between a trusted person and their network service. The attacker substitutes their own IP address for that of the trusted person, all while the server continues the session. The server then believes that it is communicating with a trusted authority.
An MITM attack can occur in real time to obtain current information, or an attacker can use it to gain access to old messages and information. Once the attacker has this information, they can try and impersonate the trusted individual or company.
As the server believes that the MITM attacker is trusted, the attack can have disastrous consequences. The attacker can often build a full profile of the trusted individual or company, and then use that information to impersonate them in any number of scenarios.
8. Drive-by attack
Another insidious cyber attack that doesn’t require the user to do much at all is a drive-by attack. In this type of attack, malware is often spread to unsuspecting computers as cyber criminals plant a malicious script into the HTTP or PHP code of a website. Then, when a user visits a particular page, they are frequently redirected to a page controlled by criminals.
Unlike other types of attack, a user doesn’t have to do anything such as download or click for this type of attack to happen. Instead, attackers take advantage of insecure systems that contain security flaws to plant their code.
By redirecting unsuspecting users to pages controlled by the cyber criminals, attackers can increase their chances of obtaining sensitive data. Acquisition of personal data is the usual consequence of a drive-by attack.
9. Eavesdropping attack
As the name suggests, an eavesdropping attack is where an attacker intercepts or listens to network traffic to obtain sensitive information. Eavesdropping can be conducted passively, where an attacker detects the information by listening to message transmission on a network, or actively, where an attacker poses as a trusted system and intercepts communications through probing, scanning and tampering.
Eavesdropping often results in attackers gaining access to passwords, credit card information or other confidential information, which they can then use for their own financial gain.
10. Malware
Malware is an umbrella term to describe any number of malicious types of software that can be installed on users’ computers, without their express consent or knowledge. Often, this type of software attaches itself to legitimate apps or other software on a computer and then replicates. Many different types of malware have been created, including viruses, worms, trojan horses, spyware and adware.
One particularly problematic type of malware is ransomware. Ransomware blocks access to a user’s data and threatens to publish or delete it unless a ransom is paid.
The consequences of malware can be catastrophic, and can range from files being lost to entire computers and systems being shut down, with hefty ransoms demanded for them to be returned.
5 examples of cyber attacks
The Australian Cyber Security Centre reports that a cyber attack occurs every 10 minutes, so the fact that a number of high-profile organisations have fallen victim to large-scale attacks isn’t surprising. Here are five examples of recent attacks:
1. Canva
One recent and infamous cyber security attack was conducted against Canva, the multibillion-dollar online design platform. In May 2019, a cyber criminal by the name of GnosticPlayers contacted technology news website ZDNet and claimed to have breached Canva. The data that was compromised included the profile information of 139 million users, encrypted passwords, OAuth login tokens and limited credit card information. The attacker had planned to sell the information on the dark web.
Fortunately, Canva was able to stop the attack in its tracks before the attacker could figure out how to decrypt the passwords. Several months later, the attacker claimed that he had decrypted the passwords, forcing Canva to manually update the passwords of millions of users.
2. Zynga
In 2019, game company Zynga fell victim to a huge cyber attack. The person behind this attack was also GnosticPlayers, the criminal responsible for the Canva attack.
The Zynga attack involved a password breach affecting approximately 200 million users. Login information (email addresses, usernames and passwords) for the games Draw Something and Words with Friends was stolen. Zynga encouraged all users to reset their passwords and look out for malware, and assured users that no financial information had been stolen.
3. SolarWinds
One very recent cyber attack was conducted against major information technology consultancy SolarWinds, which provides software for major entities in the U.S., including Fortune 500 companies and the U.S. government.
Late in 2020, a massive attack occurred that spread to the company’s clients quickly. For months, the security breach went undetected, and foreign attackers, who were believed to be from Russia, were able to spy on private companies, including powerful government players such as the U.S. Department of Homeland Security. Currently, the government is still working to secure its systems and says that this could take years to do.
4. Ashley Madison
The Ashley Madison data breach was one of the most embarrassing in recent history. Back in 2015, a criminal group called Impact Team compromised the extramarital affair website Ashley Madison. Initially, they released a small amount of personal information after the website wasn’t shut down, as per the initial demands. Later in the year, they sent out a larger data file, exposing millions of users.
As if that breach wasn’t bad enough, five years later, the attack is still wielding massive consequences. Now, the very same attackers are contacting victims and threatening to release even more personal information unless they pay a bitcoin ransom of $1,000.
5. Sony Pictures Entertainment
One infamous recent cyber attack occurred against Sony Pictures Entertainment. In late 2014, a group of cyber criminals called Guardians of the Peace attacked Sony’s data network. They leaked everything from embarrassing emails to salary information to yet-to-be-released movies.
The threat escalated when the group warned of terrorist acts against movie theatres if the entertainment group released the movie “The Interview.” Initially, Sony shelved the movie, but then conducted a limited release.
Tips for preventing cyber attacks
It’s clear that cyber attacks can lead to terrifying, dire and financially significant consequences, and sometimes threatening the viability of a business, according to specialist insurer Hiscox. For this reason, people and organisations should do what they can to protect themselves.
Here are five ways organisations can protect themselves against cyber attacks.
1. Maintain and patch hardware, software and systems
Maintaining and patching hardware and keeping accurate records of software and systems are essential ways to prevent cyber attacks.
In terms of maintenance, businesses should always restrict access to, and then remove altogether, hardware that is no longer in use. Old machines and systems should also be wiped of any sensitive information. If hardware is in continuous use, it should be updated with the most recent protective mechanisms including patches, anti-virus and firewalls.
In terms of record-keeping, businesses should keep a record of all software, users and systems. They should also remind employees to be careful about where they keep their devices and the use of USB sticks or portable hard drives.
2. Implement MFA (Multi-Factor Authentication)
Multi-Factor authentication (MFA) is a security process whereby users are required to provide two or more identity proofs before they can gain access to their accounts. MFA works in the following way: First, a system will require a password, and then, second, the same system will typically send a code to the user’s personal mobile device or email address that must be retrieved and submitted. Given that two proofs are required, and one usually requires the user’s mobile phone or email, having MFA adds an additional and personal layer of security that criminals can usually not penetrate.
For this reason, this type of protection is essential.
3. Create a security-focused culture
For the average person, cyber security attacks are not front of mind. For this reason, one of the best ways to protect an organisation is to create a security-focused culture. Ultimately, an organisation’s employees are its first and last line of defence against a number of different attacks.
A security-focused culture goes beyond telling staff to be careful. It begins with training employees and ensuring that they know how common cyber attacks are and how consequential they can be. After this, creating a security-focused culture means that staff are encouraged to do whatever they can, whenever they can, to protect against cyber threats and make certain they act quickly if they believe a system has been compromised. This can include maintaining good passwords and reporting suspicious activity.
4. Encrypt and back up data
Given the prevalence of cyber attacks, businesses should have a plan to not just prevent them but to also recover from them if they occur. One of the best ways to do this is to back up an organisation’s data.
Data backup needs to occur regularly using multiple backup methods. For example, data should be backed up daily to a portable device (or to the cloud), and weekly and quarterly backups also need to occur. IT teams should also regularly test and check data backups.
5. Use robust cyber protection mechanisms
Given how sophisticated cyber attacks have become, all organisations need to use robust cyber protection mechanisms, including firewalls, anti-virus (AV) software, intrusion detection systems (IDS) and other protective systems to ensure that their data and systems stay safe.
An IDS system monitors the behaviour of a network and reports any unauthorised intrusions. AV software detects malicious code and disallows execution of code and systems that might be suspicious. A firewall allows organisations to control network traffic and blocks suspicious activity.
Further cyber attack prevention resources
To learn more about how to protect yourself and your organisation from cyber attacks, please see the following:
- Norton, “11 Ways to Help Protect Yourself Against Cybercrime.” The security giant offers advice, primarily for consumers, on preventing a hack.
- Business.gov.au, "How to Protect Your Business From Cyber Threats." This government resource provides cyber security tips for business owners and leaders.
- IndustryWeek, “How to Protect Your Business From Cyber Attacks.” Learn more about security recommendations that adhere to the framework established by the National Institute of Standards and Technology (NIST).
Cyber attack trends
Cyber attacks are becoming both more sophisticated and more common. In the future, this trend is likely to continue. Here are five trends in cyber crime every individual and organisation should be aware of that will shape the future.
1. More attacks that rely on human interaction
Many people think that the future of cyber crime involves ever-more tech, but that may not be the case. Instead, social engineering, a nontechnical strategy that involves attackers breaching security standards through first relying on human interaction, will continue to increase in prevalence.
The reason that this trend is likely to continue is because social engineering attacks work with alarming frequency. With this increase, attackers are becoming more sophisticated and knowledgeable, and are able to fool an increasing number of people with their fraudulent communications.
2. Risks associated with the expansion of remote work
Going forward, more and more people will work from home. In fact, millions of people across the world already do (and that was before the COVID-19 pandemic, which made working from home ever more popular). Although this might be good news for workers everywhere, it presents significant cyber security risks. A study by Malwarebytes found that 20% of IT workers surveyed reported security breaches in their organisations following pandemic-related stay-at-home orders.
Employees working from home may not have the same cybersecurity protections on their home networks as they have at work. For this reason, attackers are already compromising insecure home systems, and it’s only a matter of time before large-scale breaches occur.
3. Lack of monitoring of critical systems
Despite the huge risks that cyber attacks present, in the future, a lack of monitoring of critical systems may enable even more attacks. Although the idea that organisations wouldn’t monitor their systems seems counterintuitive, this can and does occur for a number of reasons, including alert fatigue and a lack of properly trained staff.
Many businesses lack properly trained staff, and this can have disastrous consequences. According to a survey by the Information Systems Security Association (ISSA), 70% of organisations believe that their security has been impacted by the global cyber security skills shortage.
4. Big-game ransomware attacks
Ransomware attacks are unfortunately not a thing of the past. In fact, they are getting more and more complex in their ability to bypass detection controls and infiltrate key systems to harvest the data they need. As a result, cyber criminals are focusing this expertise on very large (big-game) enterprises.
Often in these types of attacks, attackers are simply hijacking existing systems, meaning they don’t need to design their own systems and tools to pull off the attack. They simply use existing infrastructure to infiltrate systems, and they often go undetected for months.
5. Exploitation of systems administration tools
The interconnectivity of systems has many benefits for users in terms of time and convenience. However, systems interconnectivity will increasingly pose a problem as attackers exploit systems administration tools to gain access to a multitude of systems.
As systems become even more interconnected, attackers will run harmful software aimed at a computer’s memory, so they can shut down entire systems and prevent them from being rebooted.
Further resources on cyber attack trends
To learn more about cyber crime trends in the future, please see below:
- Forbes, “The 5 Biggest Cybersecurity Trends in 2020 Everyone Should Know About.” Learn how artificial intelligence will play a part in cyber attacks, among other trends.
- Cybersecurity Insiders, “Cybersecurity Trends to Keep Track Of in 2021.” Read more about the impact of COVID-19 on cyber crime and what that might mean for the future.
- Center for Internet Security, “2021 Cybersecurity Trends to Prepare For.” Technology and security leaders share their thoughts on the trends to watch in 2021.
Cyber attacks: A business-critical threat in the future
According to TechNewsWorld, cyber attacks represent the single biggest threat and financial risk to enterprises going forward. Organisations of all sizes, as well as individuals, need to do what they can to understand what cyber crime is and how it can affect them.
Beyond that, businesses and individuals alike need to be prepared. They should educate themselves on the necessary steps and spend time and money on ensuring that they do not fall prey to the increasingly sophisticated and often undetectable ways in which they can be attacked.
Join the fight against cyber crime and become an expert in this rapidly growing field with a Master of Cyber Security from ECU Online.