Internet Attack / Cyberattack
Cyberattacks aren't just one thing. There are many types of attacks and several preferred targets. Criminals aren't as interested in creating mayhem as they are in extracting money from victims. To better understand the threats, you have to know what's out there.
What is a botnet?
A botnet or "robot network" is a network of devices infected with malware. They are typically under the control of a single person known as a "bot-herder." The owners of the infected machines often do not know their computers have been compromised. Botnets are often used to overwhelm systems in a DDoS (distributed denial of service) attack.
Malware is short for “malicious software” and it refers to any software designed to harm or exploit computer devices, services or networks. Malware includes ransomware, spyware, trojan horses, viruses and worms.
Ransomeware moves through your computer network, infecting everything it touches until at some point it will suddenly lock all your files. You are then told how much you have to pay (the ransom) to get a key that will unlock the files.
Spyware enters your computer and gathers information about you. It steals passwords, web browsing history, emails, payment information and anything else that could be used for profit or leverage against you.
Trojan Horses are often disguised as helpful software that hides damaging programs inside. Trojan Horses are generally used to open backdoors to your computer so that malicious users can access your system. Trojan Horses generally do not infect other files or self-replicate.
A Virus is usually an executable program that spreads from computer to computer because of human action. A shared program, email or file sent from one person to another. When you run the program, the virus infects other files as it runs. Once your computer is infected, the virus can be mild and cause annoying effects, or be severe and damage files, other software or even connected hardware.
Worms are like viruses, but they can spread from computer to computer without human actions. A worm will often go through your system and use your contact data to send itself out to everybody you know. Once your computer is infected, worms often let malicious users control your system remotely.
A blended threat puts together some of the most effective pieces of of other attacks like Trojan horses, viruses and worms into a single package.
Phishing is when someone contacts you by email, phone or text and pretends to be someone they're not. Typically it's through a “spoofed” message that's been made to look like it's from a legitimate source. They use social engineering to get you to reveal financial information, passwords, steal credit card info or give them access to your electronic devices.
Spear Phishing is a phishing attack directed at a specific, known person.
Man-in-the-middle (MitM) attacks
Main-in-the-middle (MitM) attacks or eavesdropping attacks require three players. The victim, the known entity that the victim is trying to communicate with and the “man in the middle” that’s intercepting the communications. The goal is to steal the information passing from the victim to the known entity without the victim knowing.
Denial-of-service (DoS) attacks are when a device floods systems, servers or networks with vast amounts of traffic. The goal is to overwhelm the bandwidth and resources of the attacked systems and prevent access for legitimate users. When multiple devices are involved in the attack, it's called a distributed-denial-of-service (DDoS) attack.
DNS tunneling uses the domain name system (DNS) to communicate with non-DNS traffic. It's a way to hide malicious data in legitimate transmissions, evade firewalls and other security systems.
A Structured Query Language (SQL) injection happens when malicious code is inserted into a server that uses SQL. It's usually entered via a fillable field, and the goal is to get the server to dump data, alter data or give the intruder access to the backend.
A zero-day vulnerability is a flaw in software that can be exploited and doesn't yet have a fix. Software companies try to keep zero-day vulnerabilities quiet until they have a security patch. Zero-day vulnerabilities that a software company doesn't know about can be sold for large sums on the black market. When someone targets a zero-day vulnerability, the attack is known as a zero-day exploit.
Why are computers being attacked?
There are many reasons, but most attacks fall into one of eight broad categories.
Corporate espionage to steal data on new products, services and promotions.
Cyberwarfare is usually designed to hit particular countries or political parties. Their goal is typically espionage and sabotage.
Destructive targeted attacks are typically aimed at specific companies.
Government espionage to steal data or government operations, organizations, personnel and weapons.
Hacktivism are attacks focused on specific organizations or governmental bodies to force changes in policies or actions.
Indiscriminate attacks are often wide-ranging and don't seem to target any particular entity. They're simply designed to sow chaos.
Ransomware attacks infiltrate systems to lock up data and extract ransom payments.
Stolen credit card and financial data for fraudulent purchases and transfers.
Stolen e-mail addresses and login credentials to gain access to incriminating information or financial data.
Stolen medical-related data for blackmail or to extract payments to keep data off the web.
You can learn more about dozens of large cyberattacks over the years on this Wikipedia page: https://en.wikipedia.org/wiki/List_of_cyberattacks
So why does all this matter?
Over the years, cyber attacks have grown in sophistication, damage they cause and money they cost. With so much data and business online, smaller companies don't know how to protect their digital assets.
10 Biggest Computer Hacks Of All Time
10 Things That Will Happen If The Internet Collapsed!
Preparation - Survival
These are steps you CAN and SHOULD make to start protecting yourself. Over half of all cyberattacks are on systems that aren't using one of these protection methods.
1. Install updates and patches. Most have security fixes in them to keep you protected.
2. Enable strong passwords. Never reuse a password. You can use a password manager to handle things for you. On Apple, there's iCloud Keychain built into the newest systems. For people or companies with multiple computer types, Dashlane password manager has excellent security with family and business plans.
3. Enable 2FA, 2SA or MFA. That means 2-factor authentication, 2 step authentication or multi-factor authentication. For example, if you log into a payroll system on your computer, it sends you a text with a verification code you must enter before you get in. So even if someone gets your password, they also have to get the secondary device you use for authentication.
4. Enable security features on your network router. Regularly check to make sure the software on the router is updated.
5. Enable device encryption. So if your device gets stolen, the data remains secure. If your device doesn't offer that, consider third-party products like Bitlocker for Windows or Filevault for the Mac OS.
6. Avoid public wifi. It's tempting and convenient, but it's a great way for hackers to get into your system.
7. Use a Virtual Private Network (VPN). It gives you a direct tunnel to your ultimate destination, encrypts the data that goes back and forth while shielding your identity. Avoid the free services because they usually make money by selling your data. I like the more prominent vendors like NordVPN or Express VPN.
8. Turn on the firewall provided in the Windows or Mac operating system. If you're paranoid like me, upgrade to one of the more robust commercial products for more thorough protection.
9. Install and enable malware and virus protection. You want something checking attachments that come on emails or data your downloading from online sites. Look for software that includes online website monitoring, so you don't end up on sites that steal your data.
10. On corporate systems, only use approved software and devices. That way, you aren't accidentally introducing a problem into a secure system.
11. Backup your devices. There are three levels of backup you can put in place.
The first level is to start by keeping your documents on internet-connected drives like Dropbox, Google Drive or Microsoft's OneDrive. They keep a copy on your computer, and when you connect to the remote drive, the systems synch and back things up.
The second level is to use some sort of automated cloud backup like carbonite. They continuously backup your data files to a remote system.
Finally, run a backup to a local device like a removable hard drive or USB drive. Then store that in a secure location, so if all your online data is wiped, you still have a local backup you can restore from.
12. Thoroughly wipe any drives and devices that you're getting rid of. Call the manufacturer or choose factory reset, so any lingering or hidden files are taken out and are not at risk of being stolen.
13. Be paranoid about emails you're getting. Don't trust the enclosed links, attached files or fishy-sounding explanations you read. Unless I've specifically asked for a file, I don't download anything that's been sent to me. Be cautious of attached invoices, claims that your credit card was billed or pleas from a kidnapped friend or family member. Those are common scams people use to steal your money and destroy your data.
14. Be cautious of what you post online. If you're going on vacation, don't post vacation photos until you get back home. Don't share too much about your personal schedule. Limit pictures of things in your home, so you don't make yourself a target.
15. Never share personal data like your social security number, birthdate or credit card information with someone who calls you. Often it's scammers that will turn around and use that data to break into your online accounts and steal from you.
Click Here for information on what to do from the United States government website, Ready.gov.
Click Here to download a PDF file with information on what to do from the United States government website, Ready.gov.
This information is presented to make people aware of the larger world around them. If you can prepare for something as devastating as this, you're much more likely to be ready for smaller disruptions. Be aware and prepare.