Cyber Attack

Home  ›  Cyber Security  ›  Cyber Attack
  • 14
  • Jul

Cyber Attack

KYogesh Cyber Security Comments Off on Cyber Attack
Reading Time: 2 minutes

Type of cyber Attack

  1. Malware: in which malicious software is used to attack information systems. Ransomware, spyware and Trojans are examples of malware. Depending on the type of malicious code, malware could be used by hackers to steal or secretly copy sensitive data, block access to files, disrupt system operations or make systems inoperable.
  2. Phishing: in which hackers socially engineer email messages to entice recipients to open them. The recipients are tricked into downloading the malware contained within the email by either opening an attached file or embedded link.
  3. Man-in-the-middle: or MitM, where attackers secretly insert themselves between two parties, such as individual computer users and their financial institution. Depending on the details of the actual attack, this type of attack may be more specifically classified as a man-in-the-browser attackmonster-in-the-middle attack or machine-in-the-middle attack. It is also sometimes called an eavesdropping attack.
  4. DDoS: in which hackers bombard an organization’s servers with large volumes of simultaneous data requests, thereby making the servers unable to handle any legitimate requests.
  5. SQL injection: where hackers insert malicious code into servers using the Structured Query Language programming language to get the server to reveal sensitive data.
  6. Zero-day exploit: which happens when a newly identified vulnerability in IT infrastructure is first exploited by hackers.
  7. Domain name system (DNS) tunneling: a sophisticated attack in which attackers establish and then use persistently available access — or a tunnel — into their targets’ systems.
  8. Drive-by: or drive-by download, occurs when an individual visits a website that, in turn, infects the unsuspecting individual’s computer with malware.

Credential-based attacks happen when hackers steal the credentials that IT workers use to access and manage systems and then use that information to illegally access computers to steal sensitive data or otherwise disrupt an organization and its operations.

How Can You Prevent A Cyber Attack?

There is no guaranteed way for any organization to prevent a cyber attack, but there are numerous cybersecurity best practices that organizations can follow to reduce the risk. Reducing the risk of a cyber attack relies on using a combination of skilled security professionals, processes and technology. Reducing risk also involves three broad categories of defensive action:

  • preventing attempted attacks from actually entering the organization’s IT systems;
  • detecting intrusions; and
  • disrupting attacks already in motion — ideally, at the earliest possible time.

Best practices include the following:

  • implementing perimeter defenses, such as firewalls, to help block attack attempts and to block access to known malicious domains;
    • using software to protect against malware, namely antivirus software, thereby adding another layer of protection against cyber attacks;
    • having a patch management program to address known software vulnerabilities that could be exploited by hackers;
    • setting appropriate security configurations, password policies and user access controls;
    • maintaining a monitoring and detection program to identify and alert to suspicious activity;
    • creating incident response plans to guide reaction to a breach; and
    • training and educating individual users about attack scenarios and how they as individuals have a role to play in protecting the organization.
KYogesh
Popular Contents
Up Coming Webinar
Archives

Our Visitor

0 0 3 5 1 8
Users Today : 0