VOLUME 106

   ISSUE 106

18 Aug 2020

Article of the Month   Around the World

 

Cyber Security Threats and How to Avoid Them

Cyber attacks are the new way of attacking method without using any physical media or equipment. Cyberattacks are also known as computer network attacks. A cyberattack can alter, steal, or destroy a specified target by hacking into any system like desktop pc, smartphone or any kind of IoT device. At the present time cyberattacks are mainly focused on small to large businesses, governments institutes, and famous people. According to John Chambers, the CEO of Cisco said; there are two types of companies in the world, someone, who has been hacked and someone who doesn't yet know they have been hacked. The reason behind these attacks is depended on a type of attack and the purpose of the attacker. Some attackers attack to the systems for money or intimidation. Therefore, cyber-attacks come in a different form which we should be cautious, and the cybersecurity professionals are mainly concerned about minimizing the risk and the damage.

TYPES OF CYBER ATTACKS AND DAMAGE THEY CAN CAUSE


There are many types of Cyber-attacks which are created for a specific task or specific purpose. An attack can be done through in any kind of media like wired or wireless. At the present time, there are some major types of Cyber-attacks are coming to the various sources. Malware, Denial-Of-Service attacks, Man-in-the-middle attacks, Phishing, and spear-phishing attacks, SQL injection attacks are some of the major attack types.

A. Malware

Simply, Malware is an unwanted program or software which is installed in any system without permission. Malware is the parent of the Viruses, Worms, Trojan horses, Bots, Spyware, Adware, Ransomware, etc. While Malware is running on the system, it can easily create a full of a vulnerable unsecured area in the system and then the hackers can enter the system without authentication from the user. After that, it can take control of the system and monitor the user's actions and keystrokes, finally, it will send the all kind of private data of your system into the attacker's system. Studies have recorded, Ransomware is the most newly malware attack type at the present time. Ransomware is a type of malware attack, created to block access to the private data of the system until a ransom is paid. Ransomware can be entered into any kind of system via the phishing emails or unknowingly visiting an infected website. According to CNBC, ransomware spiked 6,000% in 2016, and most ransomware victims, in an attempt to recover their data, paid the ransom. Below figure shows the example for the Ransomware.
 




B. Denial-Of-Service (DOS) attacks

DOS attack is a major cyber-attack, which attack confidentiality, and integrity of the system by targeting the availability of the system. It will terminate the connection between the system's resources and service requests. Extension of the DOS attack is known as the distributed denial-of-service (DDoS). It will do the same methodology that the DOS attack did, with launching a large scale of responses from other host machines, which were controlled by the attacker. But DOS attacks don't provide direct impact to the user. Some of them use DOS attacks for the satisfaction of service denial. Another purpose of launching DOS attacks is to take a system offline. DOS and DDOS attacks can be implemented by TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack, and botnets.

C. Man-in-the-middle attacks

Man-in-the-middle attacks can occur between the client and a server. Because of attacker act in the middle of the server and the client. Session Hijacking, IP Spoofing, Replay, are the popular types of man-in-the-middle attacks. In the Session Hijacking, attacker hijacks a session between a trusted client and network server. Telnet Sessions can be used to Session Hijacking. IP Spoofing is a method used to enter the machine with unauthorized access when an attacker pretends like another machine by handling IP packets. Replay attacks can happen when the attacker catches the saved old messages from one participant, and he sends later to another party by pretending as a real party. The difference between other attacks and Man-in-the-middle attack is Man-in-the-middle participates from the start of the session.

D. Phishing and spear-phishing attacks

Phishing is one of the simple attacking methods to get private information like passwords, credit card details from users by sending emails, creating Login forms like original forms. It is a criminal activity using Social Engineering techniques. Before launching the phishing attack, the attacker is doing the research about the target and understand the target behaviors. Spear phishing attacks are the more enhancement version of the phishing attacks. Because attackers take more time to gather target details with studying about the target. Below figure show the phishing E-mail which is acted like an original E-mail.  




E. SQL injection attacks

SQL injection attacks are commonly dealing with the website that is based on databases. Most of the servers handle the critical data of the websites using the SQL to manage the databases. Therefore, these types of attacks majorly focus on these servers, using malfunctioned code to get the server to reveal data it normally wouldn't.

BEST PRACTICES TO AVOID CYBER ATTACKS


Today, Cyber-attacks are increasing highly in the world due to different reasons. We cannot face directly with these attacks as a normal war. But we can avoid exposing these threats by following various instructions and precautions. For avoiding Malware attacks, we can update the operating system, browsers, software. And also, enabling click to play plugins, uninstalling unnecessary apps and software. For avoiding DOS and DDOS attacks by buying more bandwidth, always configure network hardware and update the firmware,using DDOS protection devices and software modules, and creating DDOS playbook. For avoiding Man-in-the-middle attacks by implementing WEP/WAP Encryption on Access Points, using HTTPS for HTTP websites, Public Key Pair Based Authentication. For preventing Phishing attacks, by studying what are the phishing techniques, think before what you are clicking, install Anti-Phishing addons, implementing firewalls and finally using anti-virus software with up-to-date. For preventing SQL injection attacks by implementing Prepared Statements, by implementing Stored Procedures, validating user input finally updating the overall database with the website.


 

By:

Chamith Mayura

Chamith is an undergraduate of General Sir John Kotelawala Defence University, Faculty of Computing who is currently following Bachelor of Science Honors Software Engineering degree programme, currently, he is working as an Intern - Information Security Engineer at Sri Lanka CERT|CC

 





 





 

 

 

 

 

 

 

 

 

 


 



 

 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
   
   

  Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
   

   

"Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products............."

 

Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks

   

"It turns out that the root cause behind several previously disclosed speculative execution attacks against modern processors, such as Meltdown and Foreshadow, was misattributed to 'prefetching effect,' resulting in hardware vendors releasing incomplete mitigations and countermeasures............"

 

How COVID-19 Has Changed Business Cybersecurity Priorities Forever

   

"For much of this year, IT professionals all over the globe have had their hands full, finding ways to help businesses cope with the fallout of the coronavirus (COVID-19) pandemic.........."

 

Police Use of Facial Recognition Ruled Unlawful in World-First Case

"Rights groups are celebrating after the Court of Appeal ruled that the use of facial recognition (AFR) technology by South Wales Police is unlawful, although the force may not stop future pilots........."

Human Error Threatens Cloud Security

"Virtually all security professionals believe that human error could put the security of cloud data at risk, according to new research published today..........."

FireEye Announces Bug Bounty Program

"California cybersecurity company FireEye today announced that it is opening up its bug bounty program to the public........"
 

Brought to you by: