In the new era of Next Normal, Cyber Attack is often happening. That is why companies need CISO to protect their data. Check out this post to find out more.
How And Why Cyberattacks Happens?
Every day, cyber-attacks hit companies. Former Cisco CEO John Chambers once claimed there are two separate kinds of companies: compromised and compromised. The overall number of incidents rose almost fourfold between January 2016 and October 2017, according to the Cisco Annual Cybersecurity Survey.
This year cybercrime has risen as criminals try to take advantage of insecure business networks. Attackers often look for ransom: $500,000 and more have been damaged by 53 percent of the cyber-attacks.
Further motivations may also unleash cyber-attacks. Many attackers view the destruction of programs and data as a kind of hacktivism.
Common types of cyber attacks
Malware
The term malware describes malicious software such as spyware, ransomware, viruses, and worms. It exposes malware to a network, typically when a user clicks on an unsafe connection or email attachment that then downloads hazardous applications. Blocks access to the major network (ransomware) modules, the malware installs and other damaging programs, Once within the device, malware will covertly collects information from the hard disk (spyware) by transmitting data and disrupts some components and inoperative.
Phishing
Phishing is the practice of sending fraudulent messages that are usually sent by e-mail from a reputable source. The aim is to capture personal details such as credit card and password data or to install ransomware on the victims’ device. Cyber-threats are becoming more and more common.
Man-in-the-middle attack
Man-in-the-middle attacks or MITIS occur when attackers enter a two-part transaction, also known as eavesdropping attacks. The attackers will search and capture data after it disrupts the traffic.
For MitM attacks two common points of entry:
First of all, attackers will pass between a visitor’s computer and the network on unsecured, public Wi-Fi. The intruder transfers all details through the attacker without understanding it.
Second, when the malware breaks a device, an attacker can install software to process all the information of the victim.
Denial-of-service attack
A denial of service is attacking the exhaust resource and capacity of flood systems, servers, and networks. The system can not meet legitimate demands.
To start this assault, attackers can often use many compromised computers. It refers this to as a DDoS attack (Distributable Denial-of-Service).
SQL injection And Zero-day exploit
Structured query language (SQL) is introduced after an intruder puts malicious code into a computer using SQL, which causes a system to share details it wouldn’t ordinarily. An assailant could inject malicious code into a vulnerable Website search box to perform SQL injection.
A zero-day attack is revealed during a network bug, often prior to a fix or workaround. During this period, attackers target exposed weaknesses.
It requires continuous vigilance for the identification of zero-day vulnerabilities.
DNS Tunneling
DNS tunneling uses port 53 for transmitting non-DNS traffic using the DNS protocol. It sends traffic via DNS to HTTP and other protocols. The usage of DNS tunneling has many legal explanations.
Fraudulent motives still exist for utilizing VPN services from DNS Tunneling. They may block outbound traffic including DNS, which is normally transmitted via an Internet link.
It handles DNS requests for malicious use to exfiltrate data from a compromised system into the infrastructure of the attacker. It may also use this may also as callbacks from the network of the intruder to a device that is infected.