Cyber Attack Notes
Cyber Attack Notes
Cyber Attack Notes
Hackers insert code to online forms that instructs company servers to release sensitive
data or executes damaging files. Hackers can use web app attacks for many reasons, the most
damaging among them getting customer’s username, passwords, and even credit card numbers
to either sell in the dark market or to blackmail the company.
DDoS AATACK
In both DDOS AND WEB APP ATTACKS, slow servers means a delayed interactions with
customers. A 100-millisecond delay in load time can hurt sales up to 7%.
Knowing the nature of the threats is the first step on stopping them to cause harm.
4. Phishing- attackers send out massive amounts of email containing malicious links that if
they are opened and clicked on can steal your login credentials or other important
information. Phishing attackers often rely on spoofing to pretend to be somebody else
usually your bank or an online store or really, anything at all that would get you to open
the email.
5. Social engineering – is definitely the oldest form of attack because usually it doesn't
even rely on a computer to perform. Social engineering is any type of attack that relies
on the psychological manipulation of a person into doing something that they should not
and divulging secret information. Usually the attacker will just pretend to be somebody
with authority and simply ask for the secret or the thing to be done. Many cyber security
experts say that humans are in fact is the weakest link in the cyber security chain.
7. Back door- can refer to any method for an authorized or unauthorized user can
circumvent normal security measures and gain access to a system with a higher level of
access. Sometimes back doors are installed a purpose by software or hardware
companies so that they can access their technology after the fact these non-criminal
types of backdoors can be used to help the user who's locked out of their account or for
troubleshooting purposes.
8. Malware malicious software or malware- is a broad blanket term that can describe
many different types of software code or bugs that intend to do damage to a system.
Malware can be created by anyone whether it's a single rogue hacker a group of hackers
or entire governments.
Malware could take the form by way of executable code scripts active content and other
forms of data. Malwares are referred in the media by a lot of different names like
computer viruses, Trojan horses, worms, ransomware spyware, adware or scare.
Anne often shops from WWJ Pinkart Calm. She has her information like email ID
address and credit card details saved on the website to enable a faster and hassle-free
shopping experience. The required information is stored in a server one day and received an
email that stated her eligibility for special discount voucher from shopping cart.com. In order to
receive the coupon code she was asked to fill in her shopping cart calm account credentials,
this didn't seem fishy to her at the time as she thought it was just an account verification step.
Little did she realized the danger she would be facing. She was knocked off her feet when a
substantial amount of money was wiped off her account. How do you think this happened? Well,
yes the email she received was fake and shopping cart calm account witnessed unauthorized
access from a third party.
This type of attack is known as a cyber attack and the person who carries it out is
called a hacker.
Could Anne have prevented this attack? Indeed, she could have with the help of cyber
security. Cyber security involves techniques that help in securing various digital components
networks data and computer systems from unauthorized digital access. There are multiple ways
to implement cyber security depending on the kind of network you are connected to and the
type of cyber attacks you are prone to.
So let's take a look at the various cyber attacks that Anne could have been exposed to:
Malware attack like Trojan adware and spyware to name a few had and downloaded
any suspicious attachments online, her system could have gotten corrupted by certain
malicious viruses embedded within the attachments
Phishing attack the type of cyber attack where the hacker usually sends fraudulent
emails, which appear to be coming from a legitimate source. This is done to install
malware or to steal sensitive data like credit card information and login credentials.
Man-in-the-middle attack where the hacker gains access to the information path
between Anne's device and the websites server. The hacker’s computer takes over an
IP address by doing so. The communication line between Anne and the website is
secretly intercepted. This commonly happens with unsecured Wifi networks and also
through malware
Password attack- is one of the easiest ways to hack a system. Anne's password could
have been cracked by using either common passwords or trying all possible alphabetical
combinations to prevent future cyber attacks and sought to implement a few
cybersecurity practices.
First she installed a firewall as the name suggests, it is a virtual wall between
Anne's computer and the Internet. Firewalls filter, the incoming and outgoing traffic
from your device to safeguard your network and they can either be software applications
or hardware reinforcements.
Secondly, implemented honey pots just like how flowers attract bees dummy
computer systems called honey pots. These are used to attract attackers. These
systems are made to look vulnerable in order to deceive attackers and this in turn
defends their real system. In addition to these, she also decided to use unique
alphanumeric passwords, antivirus software, and started avoiding mails from
unknown senders.
Cyber attacks are not just confined to individuals but also to public and private
organizations the cyber attacks carried out in such places are more deadly and they
result in colossal losses motives of such attacks are many starting from tampering with
crucial data to monetary gains.
Let’s have a look at a few of the cyber attacks that companies are subjected to various public
sector organizations and large corporations face the advanced persistent threat.
In this form of attack, hackers gained access to networks for a prolonged period in order to
continuously gain confidential information. Companies also witnessed the denial of service
attack where networks are flooded with traffic, which in turn leaves legitimate service requests a
variant of distributed denial-of-service. DDoS attack when multiple systems are used to launch
the attack.
When a hacker manipulates a standard SQL query in a database driven website it is known as a
SQL injection attack. By doing so, hackers can view, edit, and delete tables from databases
amidst a plethora of cyber attacks. It is indeed a challenge for organizations with several
networks and servers to ensure complete security. This is not an easy task and to help with this,
cyber security professionals are hired to work on identifying cyber threats and securing a
company's network. There are multiple java roles in the field of cyber security.
If hacking fascinates you then the role of an ethical hacker is something to be explored such
professionals try to expand networks vulnerabilities, just like how a hacker would do but only to
identify those vulnerabilities and resolve them for protection against an actual cyber attack.
If you are looking to design robust security structures then the role of a security architect is for
you.
A chief information security officer (CISO) plays a crucial role in enterprise security and is
entrusted with the overall safety of the information in an organization