The world of cybercrime is a constantly shifting and evolving one, constantly seeking new opportunities to exploit. New threats to cyber security crop up so regularly that it can be a real challenge to keep track not only of the threats themselves, but the terminology used to describe the attacks.
Understanding the different types of potential threats and the terms used to identify them is the first step in the fight against cyber-crime, and improving your IT Security. The following definitions and descriptions are designed to help you develop this understanding.
Attack Vectors: A definition
There are various pathways or methods that cyber criminals attempt to launch and carry out cyber-crime, called Attack Vectors. These vectors are attempts to exploit some form of systemic vulnerability to gain access to sensitive information such as credit card details, account login details or similar, or launch malware and viruses, malicious email attachments or web links, pop-up windows or instant messages that dupe innocent web users in some way.
Most often the motive for the cyber-attack is financial with the criminal attempting to steal cash or details that give them access to bank information that allows them to buy things using other people’s money. They can also access personal information and hold the owner of that information to ransom.
Some attacks are motivated by anger or political activism, in which the crime is designed to disrupt or damage a business’s operation or discredit reputation.
Passive vs Active Attacks
Passive attacks take place when a cyber-criminal monitors systems for weaknesses and exploits these as soon as one is found, gathering the information they need to exploit the person or business involved.
These are difficult to detect as the criminal does not actively engage the system to seek out vulnerabilities.
Active attacks, as the name suggests, take a direct and intentional set of actions to disrupt cyber systems, and target areas of weakness such as weak passwords, low-capacity firewalls and unprotected private details to launch cyber-crime attacks.
Different types of the most common Attack Vectors to look out for:
This is one of the oldest forms of cyber-attack in which software that is intentionally designed to damage systems, devices or networks is installed through malicious emails, websites or advertising links that users unwittingly click on or open.
These can include ransomware, spyware, Trojans and viruses which either threaten system stability, gather personal information or damage systems irreparably.
As with malware, malvertising uses digital adverts delivered either on websites or by email that encourages users to click on links which then activate or launch the cyber-attack. The danger is that often malvertising takes on a trustworthy guise, for example using a popular or well-known web pages as the hosting site or even re-registering expired legitimate domains to host their malvertising links.
The danger is the often the site owners are unaware that the adverts they’re hosting are nefarious until it’s too late, and for users it’s hard to distinguish between a legitimate digital advert and one that is intentionally trying to steal information or similar.
This type of cyber-crime has been around for many years, and it’s likely we’ve all seen it crop up in our email inbox or on our mobile phones. Phishing is an email, text message or telephone-based attack in which the cyber-criminal poses as a trusted sender and requests sensitive information such as login credentials, passwords, bank account details, bank or credit card PINs or similar.
These attempts have become extremely sophisticated over time, with criminals replicating legitimate organisation’s details so accurately that it can be difficult to know whether the request is genuine or not.
Weak credentials and security protocols
One of the most common ways for cyber-criminals to gain access to sensitive information, networks or systems is through weak credentials such as common passwords, leaked personal information files giving details such as usernames and passwords, or details being shared erroneously through a phishing attack.
Similarly, if an organization has a poor cyber-security culture and protocols, it becomes easy for cyber-criminals to intercept messages with sensitive information as they are transferred, or intercept login credentials between a legitimate user and a log-in system.
Once the criminal has these details they are free to carry out their activities until noticed, as they are to all intents and purposes logged in as a verified user.
When sensitive information flows from one source to another across a digital path, for example by email, FTP transfer or similar, it becomes vulnerable to attack and needs to be encrypted for protection. This is a particular concern with the recent increase in popularity of remote and flexible working.
The challenge is that attempts to steal information whilst in this state have become ever-more sophisticated, meaning that encryption techniques have had to adapt to ensure the information remains protected.
The truth is, though, that oftentimes businesses or individuals are using either low-level or even no encryption protection at all, making it easier for cyber-criminals to intercept the information and exploit it.
Like many other systems, cyber-security systems rely on regular updates, testing and verification schedules and correct and attentive configuration to operate properly.
Poor cyber-security protocols such as using default username and password combinations in place after installation or failed update procedures can vastly increase systemic vulnerability.
Distributed Denial of Service (DDoS)
This form of attack is where a system is bombarded with internet traffic to an extent where the server or system is overwhelmed and becomes vulnerable to other forms of cyber-attack.
Cyber-criminals carry out these attacks using multiple machines known as botnet which prevents users from accessing the business or organisation’s legitimate website, forcing an overall failure.
Another form of ‘verified’ user attack comes in the form of a malicious or careless insider – an employee who wittingly or unwittingly exposes confidential information to attackers. They may be a disgruntled employee looking for revenge, or simply someone who is careless with the information – these are hard to spot as again, the access that is given is based on legitimate information.
Sophisticated cyber-criminals have developed systems that use trial-and-error to make hundreds of login attempts per second using multiple username/password combinations to try and access your accounts.
Whilst cracking a combination can take anywhere from seconds to years, the threat is a real one and still used by many hackers today.
Dealing with these Attack Vectors
If your business has a digital presence and systems, it’s crucial not only to be aware of the various threats but also to know how to protect against them.
At Trinity Managed Services we have the expertise, experience and tools needed to ensure that your business cyber-security is operationally prepared to deal with any threat.
We specialize in vulnerability assessments, network assessments, system reviews and upgrades, full security system design and implementation, and comprehensive support to ensure that your business remains as secure as possible against cyber-threats.
Contact us today on 0330 055 28 33 or email firstname.lastname@example.org to find out how we can help you with your IT security.