Types of Cybersecurity Attacks


Denial-of-Service (DoS) 
Imagine you're sitting in traffic on a one-lane country road, with cars backed up as far as the eye can see. Normally this road never sees more than a car or two, but a county fair and a major sporting event have ended around the same time, and this road is the only way for visitors to leave town. The road can't handle the massive amount of traffic, and as a result, it gets so backed up that pretty much no one can leave. 

That's essentially what happens to a website during a denial-of-service (DoS) attack. If you flood a website with more traffic than it was built to handle, you'll overload the website's server and it'll be nigh-impossible for the website to serve up its content to visitors who are trying to access it. 

This can happen for innocuous reasons, of course, say if a massive news story breaks and a newspaper's website gets overloaded with traffic from people trying to find out more. But often, this kind of traffic overload is malicious, as an attacker floods a website with an overwhelming amount of traffic to essentially shut it down for all users. 
In some instances, these DoS attacks are performed by many computers at the same time. This scenario of attack is known as a Distributed Denial-of-Service Attack (DDoS). This type of cyber attack can be even more difficult to overcome due to the attacker appearing from many different IP addresses around the world simultaneously, making determining the source of the attack even more difficult for network administrators. 

Session Hijacking and Man-in-the-Middle Attacks 

When you're on the internet, your computer has a lot of small back-and-forth transactions with servers around the world letting them know who you are and requesting specific websites or services. In return, if everything goes as it should, the web servers should respond to your request by giving you the information you're accessing. This process, or session, happens whether you are simply browsing or when you are logging into a website with your username and password.  
The session between your computer and the remote web server is given a unique session ID, which should stay private between the two parties; however, an attacker can hijack the session by capturing the session ID and posing as the computer making a request, allowing them to log in as an unsuspecting user and gain access to unauthorized information on the web server. There are a number of methods an attacker can use to steal the session ID, such as a cross-site scripting attack used to hijack session IDs. 
An attacker can also opt to hijack the session to insert themselves between the requesting computer and the remote server, pretending to be the other party in the session. This allows them to intercept information in both directions and is commonly called a man-in-the-middle attack. 
 Credential Reuse 
Users today have so many logins and passwords to remember that it’s tempting to reuse credentials here or there to make life a little easier. Even though security best practices universally recommend that you have unique passwords for all your applications and websites, many people still reuse their passwords—a fact attackers rely on. 
Once attackers have a collection of usernames and passwords from a breached website or service (easily acquired on any number of black market websites on the internet), they know that if they use these same credentials on other websites there’s a chance they’ll be able to log in. No matter how tempting it may be to reuse credentials for your email, bank account, and your favorite sports forum, it’s possible that one day the forum will get hacked, giving an attacker easy access to your email and bank account. When it comes to credentials, variety is essential. Password managers are available and can be helpful when it comes to managing the various credentials you use.
This is just a selection of common attack types and techniques. It is not intended to be exhaustive, and attackers do evolve and develop new methods as needed; however, being aware of, and mitigating these types of attacks will significantly improve your security posture.

Comments

Post a Comment

Popular posts from this blog

The Importance of IT Infrastructure Monitoring

For a service to be more resourceful and resources to be better utilized, IT monitoring becomes indispensable for business. The information technology the environment is becoming more important every day, as more and more IT is directly related to corporate business. IT professionals are increasingly charged to ensure high availability of environments without any downtime on business and critical services. The problem is that this process of ensuring that no problem occurs in the environment is not an easy task when a monitoring tool is not used for it. When it comes to an IT environment, downtime can be from a server heat issue to a switch port issue. Performing a manual item-by-item assessment to find out the root cause of a problem can be quite labor-intensive and even time-consuming as the larger the environment, the greater the management demand. IT infrastructure monitoring is the process of analyzing and making decisions based on what has been ascertained, making th
Read more

THE BENEFITS OF THREAT MONITORING

Threat monitoring refers to a type of solution or process dedicated to continuously monitoring across networks and/or endpoints for signs of security threats such as attempts at intrusions or data exfiltration. Threat monitoring gives technology professionals visibility into the network and the actions of the users who access it, enabling stronger data protection as well as preventing or lessening of the damages caused by breaches. Today companies employ independent contractors, remote workers, and staff who use their own devices for work, posing additional risk to the company’s data and sensitive information and driving the need for threat monitoring at enterprises. HOW THREAT MONITORING WORKS Threat monitoring involves continually analyzing and evaluating security data in order to identify cyber attacks and data breaches. Threat monitoring solutions collect and correlate information from network sensors and appliances as well as endpoint agents and other security technologi
Read more

What’s Required to Start Threat Hunting?

A top threat hunting service takes a three-pronged approach to attack detection.  Along with skilled security professionals, it includes two other components necessary for successful hunting: vast data and powerful analytics. 1. Human Capital Every new generation of security technology is able to detect a greater number of advanced threats — but the most effective detection engine is still the human brain. Automated detection techniques are inherently predictable, and today’s attackers are very aware of this and develop techniques to bypass, evade or hide from automated security tools.  Human threat hunters are an absolutely critical component in an effective threat hunting service. Since proactive hunting depends on human interaction and intervention, success depends on who is hunting through the data. Intrusion analysts  must have the expertise to identify sophisticated targeted attacks , and they also must have the necessary security resources to respond to any discovery of
Read more