Cyber security is nothing but securing vital and confidential information such as banking information, client information, and passwords from various forms of online assaults such as hacking, virus, spyware and more recently, ransomware.
The larger the business, the more complex cyber protection can become especially for business collecting payments via credit cards online. As millions of dollars’ worth of transactions is conducted on the World Wide Web daily, there is a growing need to impose effective protection and measures to counter and repel cyber related crimes. Business must continuously update their software and internal procedures since new threats are being introduced on a daily basis.
A news story posted in a local newspaper advised that police authorities were looking for information on individual that were embedding innovation into Point of Sale Terminals that records credit card information and then transfers the data to buy products/services online. At the point when the owner of the credit card received their bill, they noticed the merchant where they purchased their product had put through thousands of dollars. The business owner is contacted about these purchases and has no idea what has happened and thus has to spend time looking into the matter that can take days while potentially getting a bad rap from customers and having services suspended by the credit card company. Ultimately this ends up costing thousands of dollars to the business owners in lost time and potential future revenues.
Spyware, malware, phishing and, more recently, ransomware – the list of online threats can be confounding and daunting. Knowing what you’re up against is half the battle. Each of these types of attacks has specific characteristics:
Spyware is the software that collects information about you or your computer without your knowledge. However, it must be noted that the expression “spyware” yields a touch of perplexity for however the word renders a thought of data being sent back to specific people the reality of the matter is that not all spyware applications may play out this occupation. In this way, numerous PC staff managing the information security administration lean toward “malware” set up of “spyware” as it shows a product that is especially impeding to the PC framework. Another word “adware” is additionally prominent to determine programming applications like keyloggers and Trojans, which are only “spyware” in utilization.
Malware is a broad category of software (including viruses, worms, Trojan horses, etc.) that damages your computer, in either a minor or major way.
Malware (“malicious software”) is software written to attack individual PCs and entire networks of computers. That attack compromises your computer security through clearly malicious, hostile, or harmful functionality or behavior. Any malicious program that doesn’t want to be heard or seen is usually classified as a type of Trojan. Some even open a Backdoor on your computer.
Ransomware is a much more extreme version of spyware that will actually threaten to lock you out of your computer or encrypt your files unless you cough up a free.
Ransomware is computer malware that installs covertly on a victim’s gadget (e.g. computer, smartphone, wearable device). And that either mounts the cryptoviral attack from cryptovirology that holds the victim’s data hostage, or mounts a cryptovirology leakware attack that threatens to publish the victim’s data, until a ransom is paid. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, and display a message requesting payment to unlock it. More advanced malware encrypts the victim’s files, making them difficult to reach, and demands a ransom payment to decrypt them.
The ransomware may also encrypt the computer’s Master File Table (MFT) or the entire hard drive. Thus ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
4) Distributed Denial Of Service Attack (DDoS):
A distributed Denial of Service (DDoS) is an attack on a network which is composed to bring it to a halt. This is done by sending useless traffic to a specific service/port on a server. The amount of traffic sent would overwhelm the service, so that legitimate traffic would be dropped or ignored.
DDoS attacks have developed from the basic DoS assaults that were in the wild in 1997. These attacks originate from one source and can emerge from 100’s of locations around the world. The most visible attacks were those in February 2000, where high traffic sites (eBay/Amazon/Yahoo/CNN/Buy.Com/Datek/ZDNet) were faced with the task of handling huge amounts of spoofed traffic. In recent days, there have been attacks on Cisco which resulted in considerable downtime. Some public blacklist have also been targeted by spammers and taken out of business.
In conclusion, DDoS attacks are very difficult to trace and stop. New hardware appliances are being manufactured specifically for these types of attack. Many dedicated server providers simply unplug the server that is being attacked until the attack has stopped. This is not a solution this is a careless and temporary fix. The culprit will still exist and has not been held accountable for their actions. Once an attack is detected hosts should immediately engage their upstream providers.
This is an attempt, usually via e-mail, to trick people into revealing sensitive information like usernames, passwords, and credit card data by pretending to be a bank or some other legitimate entity. They thus abandon security protocols. The e-mails typically include a link to a Web site that appears to be legitimate and which prompts users to provide information.
A) Here are other examples of phishing attacks?
=> An e-mail scam asks PayPal customers to provide additional information or risk getting their account deleted because of changes in the service agreement. Recipients are urged to click on a hyperlink that says “Get Verified!”
=> E-mails that look like they come from the FDIC include a subject line that says “check your Bank Deposit Insurance Coverage” or “FDIC has officially named your bank a failed bank.” The e-mails include a link to a fake FDIC site where visitors are prompted to open forms to fill out.
=> E-mails that look like they come from the IRS tell recipients that they are eligible to receive a tax refund and that the money could be claimed by clicking on a link in the e-mail. The link directs visitors to a fake IRS site that prompts for personal and financial information.
=> A legitimate – looking Facebook e-mail asks people to provide information to help the social network update its log-in system. Clicking the “update” button in the e-mail takes users to a fake Facebook log-in screen where the user name is filled in and visitors are prompted to provide their password. When the password is typed in, people end up on a page that offers an “Update Tool,” but which is actually a Trojan virus.
B) Identifying a Phishing email?
=> Check the sender information to see if it looks legitimate. Criminals will choose addresses that are similar to the one they are faking. For instance, phishers have used [email protected] However, legitimate PayPal messages in the USA come from [[email protected]] and include a key icon.
=> Most phishing e-mails come from outside the U.S. so an address ending in “.UK” or something other than “.com” could indicate it’s a phishing attempt. The e-mail address may also be obscured. Hitting “reply all” may reveal the true e-mail address. If you are unsure whether the e-mail is legitimate, go to the company’s Web site to see the address listed.
=> Legitimate companies tend to use customer name or username in the e-mail, and banks often will include part of an account number. Phishing emails typically offer generic greetings, like “Dear PayPal customer”.
6) Brute Force Cyber Attack:
Brute force attacks begin with automated software that’s used to figure a password (or an answer) to get behind a locked “digital door.” The automated software can run billions of combinations of letters, numbers, and symbols over and over until it becomes statistically correct and cracks the code.
The higher the encryption on the data, the longer it takes to break through the door and obtain the desired data. Sometimes this process can take a few minutes; other times it can go on for years before it’s able to break the code. Brute force attacks are a serious threat capable of affecting millions of accounts and tarnishing a business’s reputation.
A) How Brute Force Attacks Work
- An attacker decides on their intended target: either an encrypted file that has been stolen (offline) or a login page (online).
- They use a computer program that’s configured to endeavor entry by using usernames, along with millions of password combinations. (They may also9 attempt one secret word with many usernames.)
- Once the correct username and password combination is found, the attacker is able to access the secure data.
B) Example of a Brute Force Attack
Back in 2013, several GitHub users were notified about potentially being a victim of a brute force cyber-attack that happened on the site. Many users had weak passwords that led to the site being targeted and ultimately letting sensitive data get into the hands of outsiders. GitHub notified users that they would be forced to change their passwords and use more secure combinations.
During this incident, the attackers used over 40,000 unique IP addresses that made it easier for them to fly under the radar. This attack was done slowly on purpose in order to not raise any alarm to GitHub security.
Brute force attacks are used to break through security measures so they can reach the intended data target. While this may seem like something only hackers can use to their advantage, many security firms use brute force attacks to help test their client’s systems.
Whether online or off, any time a system is under an automated attack it’s a severe threat because it’s just a matter of time before it succeeds. By implementing countermeasures you can at least slow attackers down.
7) SQL Injection Attack:
SQL injection works against lazy sites that coded database access into the webpage itself. E.g. the web page says something like “action=http://database.example.com?price+where+item=bun” and a hacker makes their own query that says “action=http://database.example.com?pass… On the other hand, the site does not sanitize input properly and the programmer is able to ask for the price for “bun;show+password+where+user=admin”
I will show you a basic example of SQL injection. Let’s take the query: SELECT * FROM users WHERE user=”$username” and password=”$password”. Normally if you enter password something like hello for admin then it will be interpreted as SELECT * FROM user WHERE user=”admin” and password=”hello.” Now what if you enter password as “OR 1=1? It will be interpreted as SELECT * FROM users WHERE user=”admin” and password=’’’’ OR 1=1, which is always correct and thus you are logged in. The different SQLi attacks have basically the same methodology at their core, though the application changes with the website in which you are trying to find the vulnerability.
8)Cross-site Scripting (XSS):
Is a misnomer, it’s really intra-site scripting. Suppose there is a page example.com/storefront where you can buy things, and there’s another page on the same site example.com/userforum. On the off chance that userforum allows people to post comments that unclude script (or something that will be unescaped into a script). Then that script is allowed by the browser to interact with storefront because they are both in the same domain. On the off chance that a victim has both pages open at once, the script can read values from the storefront page (login names, order numbers) and pass the information to a third-party site by a web request. It may also be able to write to form values, so in some cases it could re-write an item cost or coupon entry and allow an attacker to obtain goods for free.