Type of cyber Attack

1. Malware: in which malicious software is used to attack information systems. Ransomware, spyware and Trojans are examples of malware. Depending on the type of malicious code, malware could be used by hackers to steal or secretly copy sensitive data, block access to files, disrupt system operations or make systems inoperable.
2. Phishing: in which hackers socially engineer email messages to entice recipients to open them. The recipients are tricked into downloading the malware contained within the email by either opening an attached file or embedded link.
3. Man-in-the-middle: or MitM, where attackers secretly insert themselves between two parties, such as individual computer users and their financial institution. Depending on the details of the actual attack, this type of attack may be more specifically classified as a man-in-the-browser attack, monster-in-the-middle attack or machine-in-the-middle attack. It is also sometimes called an eavesdropping attack.
4. DDoS: in which hackers bombard an organization’s servers with large volumes of simultaneous data requests, thereby making the servers unable to handle any legitimate requests.
5. SQL injection: where hackers insert malicious code into servers using the Structured Query Language programming language to get the server to reveal sensitive data.
6. Zero-day exploit: which happens when a newly identified vulnerability in IT infrastructure is first exploited by hackers.
7. Domain name system (DNS) tunneling: a sophisticated attack in which attackers establish and then use persistently available access — or a tunnel — into their targets’ systems.
8. Drive-by: or drive-by download, occurs when an individual visits a website that, in turn, infects the unsuspecting individual’s computer with malware.

Credential-based attacks happen when hackers steal the credentials that IT workers use to access and manage systems and then use that information to illegally access computers to steal sensitive data or otherwise disrupt an organization and its operations.

How Can You Prevent A Cyber Attack?

There is no guaranteed way for any organization to prevent a cyber attack, but there are numerous cybersecurity best practices that organizations can follow to reduce the risk. Reducing the risk of a cyber attack relies on using a combination of skilled security professionals, processes and technology. Reducing risk also involves three broad categories of defensive action:

• preventing attempted attacks from actually entering the organization’s IT systems;
• detecting intrusions; and
• disrupting attacks already in motion — ideally, at the earliest possible time.

Best practices include the following:

• implementing perimeter defenses, such as firewalls, to help block attack attempts and to block access to known malicious domains;
  • using software to protect against malware, namely antivirus software, thereby adding another layer of protection against cyber attacks;
  • having a patch management program to address known software vulnerabilities that could be exploited by hackers;
  • setting appropriate security configurations, password policies and user access controls;
  • maintaining a monitoring and detection program to identify and alert to suspicious activity;
  • creating incident response plans to guide reaction to a breach; and
  • training and educating individual users about attack scenarios and how they as individuals have a role to play in protecting the organization.

India Rank’s Among Top 10 In Global Cybersecurity Index 2020.

GCI-Global Cybersecurity Index is a yearly survey carried out by ITU (International telecommunication union) the united nations specialized agency for ICT’s. GCI was first launch in 2015. For year 2020 the index maps 82 questions on 194 members state cybersecurity commitments. And the ranking was measured on basis of five pillars:

• Legal measures
• Technical measures
• Organizational measures
• Capacity development measures
• Co-operation measures

India rank’s in 10th position with score of 97.5.The list is topped by USA with score 100 followed by United Kingdom and Saudi Arabia in second position with score 99.54. India has also secured the fourth position in the Asia Pacific region underlining its commitments to cybersecurity.

Estonia ranked third with score 99.48. while Korea(Rep of),Singapore, Spain spotted at fourth with score 98.52 also fifth was secured by Russian Federation, United Arab Emirates, Malaysia with score 98.06.

Lithuania holds sixth position with score 97.93, Japan secured seventh with score 97.82.Eight and ninth would be Canada and France with score 97.67 and 97.6.

The goal of GCI is to help countries in identifying areas for improvement in the field of cybersecurity. As well as encourage them to take action towards those areas.

Cybersecurity is multidisciplinary field and its application involves all sector, industries and stakeholders both vertically and horizontally. In order to increase development of national capabilities efforts have to be made by political, economical, by law of enforcement, justice department, educational institutes, private sectors, Public-Private partnership, developers of technology and intra-state cooperation. 

Finally India has worked relentlessly  on all the five pillars over the last few years, resulting in significant improvement in its ranking. We hope GCI will also help in address the gap between developed and developing countries by encouraging knowledge, upskilling, and building competencies.