Cyber Attacks – Threat and Remedy

It’s not fake news. Data exposure is now a fact of corporate and daily life. Just ask Evite, Capital One and Toyota – a few of the victims of large-scale data breaches this year, for overlooking cybersecurity. But just like everything else, there’s more going on behind the scenes. 

What you don’t see on the news are smaller, lower profile stories of small businesses and individuals suffering the consequences of cyberattacks – and they’re not as elaborate as you may think. According to research, Cybersecurity for Digital Operations, only 35% of IT staff rated their current cybersecurity as completely satisfactory. Staying on top of risk means continually assessing threats – even the most basic ones. Don’t give cyber-criminals an opportunity to get their hands on your valuable data or wreak havoc on your systems. Revisit these basic cyberattacks and refresh your cybersecurity strategy with the assistance of following resources.

Spoofing happens when a source hides its true identity, playing as someone or something else. This tactic is often used during a cyberattack to disguise the source of attack traffic. For example, sending an email with a fabricated “From:” address would qualify as spoofing. Identify fake email addresses and websites

DDoS

 

A Distributed Denial of Service (DDoS) attack is an attempt to flood a website or online service with traffic in order to overwhelm and render it unavailable. While a hacker doesn’t really gain any valuable information from this type of attack, they do find success in causing confusion and chaos – oftentimes making it a perfect distraction to launch another type of attack. Secure the perimeter to help prevent DDoS attacks.

Ransomware

 

 

Ransomware is a type of malware that holds your personal files hostage. The hacker demands payment – usually in an untraceable currency, like Bitcoin – in exchange for restoring access to your own data. The software spreads from one system to the next and encrypts all hard disk contents. Ransomware is a (mostly un-reported) crime of extortion, and the more valuable your data, the more you are at risk. Get your data back.

Phishing

Phishing attackers send mass emails to distribute malicious links or attachments that (if opened) can steal your login credentials and/or your account information. Sometimes, the email even asks you to reset your password – thus handing over access to your account. This is a fairly easy way for hackers to gain personal data, as their success ultimately relies on end user awareness and training. Identify a phishing email

 Social Engineering

 Social engineering is the number-one way hackers are getting into your systems for credential harvesting and even cryptojacking. Unlike other cyberattacks, this one involves human interaction. Perpetrators will lie or manipulate their way into your organization to gain access to your system(s) under the guise of something legitimate. Once inside, they install malware to pull confidential information or perform certain actions. Explore systems at risk

Tampering

Data tampering is intentionally modifying (destroying, manipulating or editing) data through unsanctioned channels. It’s one of the biggest threats that any application, program or organization can face and includes URL manipulation (or URL rewriting). This involves subtly changing parameters in a URL. To the unsuspecting user, the URL appears the same, but the altered parameter enables access to information. Configure and secure a DNS server

Exploiting a Back Door

A back door is a common application or program that enables remote access to software, a system or a network. Of course, hackers have found a way to exploit that by installing malware in a quest to steal data, deface a website, hijack a server, launch a DDoS attack or infect website users. Hackers predominantly utilize remote file inclusion (RFI) in these instances. In this scenario, the referencing function is tricked into downloading a back door trojan from a remote host. Lock your doors

Malware

Malware is an umbrella term that describes many nasty programs, codes and bugs that can confuse your system(s). The purpose is to attack, destroy or disable networks and devices by taking over. Usually, malware does not cause permanent damage – but don’t let that fool you. It can manipulate your data, alter your system’s functions and essentially spy on your activity without your knowledge or authorization. Change passwords frequently

Review on Post:

The above post is taken from https://www.uscybersecurity.net/. Its a nice post to have in your Blog. The post is nicely balanced between Technical and day to day vocabulary, which makes it easy to understand by anyone.

Post is missing a link between this important topic and its implications on Utility sector, how it can heart badly in utilities such as POWER, Gas and similar field. Take an example of power utility, in which in addition with companies own generation points private sector is also added for power import. The question / threat arises when the outsiders are added in this private network !

Leave a Reply

Your email address will not be published. Required fields are marked *