Today’s computer networks are an indispensable facilitator of everyday business. But networks don’t exist in a vacuum. They are under constant threat of attack by a wide range of adversaries. According to dnsstuff.com, in order to establish an effective defense against these external attackers, you must understand what these attacks typically look like. Whereas the external threats of your network are incredibly diverse, the most notorious will often fall into one of the following categories.
A form of social engineering, phishing is one of the least technical types of attacks but also one of the most dangerous to your company’s systems and data. Phishing would usually be initiated through a deceptive email that seeks to trick legitimate users on your network into providing sensitive data such as user IDs, passwords, credit card numbers and Social Security numbers.
The recipient would be urged to click on a link that sends them to a fraudulent website where they’d be asked to input their personal details ‘for verification’. The link could also cause malware to be downloaded to their computer.
DoS and DDoS
A denial-of-service (DoS) attack occurs when a server is bombarded with numerous dud requests from a single computer that make it difficult for the server to respond to legitimate requests from other users. Think about what happens to some websites on Black Friday and Cyber Monday when they experience a surge in traffic making them unable to efficiently serve visitors. It’s the same thing except that a DoS is intentional and malicious.
A DoS was possible decades back when server, network and security infrastructure was much less advanced than it is now. Today, it’s virtually impossible for a single computer to execute a DoS successfully. But hackers have evolved with the times and their modus operandi is now the far more powerful distributed-denial-of-service (DDoS) attack.
A DDoS is launched simultaneously from multiple devices. These devices are not just computers but, in the age of the Internet of Things (IoT), could include digital cameras, microwaves, refrigerators and smart TVs. Virtually anything that can connect to the Internet. The most ferocious DDoS attacks are powered by an army of hundreds of thousands of devices and have brought down some of the most high-profile sites in the world.
A DDoS attack is extremely difficult to fend off. Small and medium-sized organizations will, however, be glad to know that, to increase their notoriety, hackers will usually direct DDoS against large multinational entities.
Adware is any application that tracks your browsing habits and preferences in order to display pop-ups and advertisements that would be most appealing to you. At first glance, this would seem like a relatively harmless objective. But the danger of adware lies in its collection of your online activity data, slowing down your computer, hogging your bandwidth and distracting you from focusing on what you need to do.
Most people don’t download and install adware intentionally. It’s often included as part of the well-hidden terms of downloading freeware from the Internet. The absence of explicit and conscious user consent means the adware should be viewed as at best suspicious and at worst malicious.
If adware popups are mainly an irritant, spyware is a much more formidable threat. While adware mainly helps its originator make cash from your clicking their advertisements, spyware almost always has an unequivocally ill motive.
As its name suggests, spyware is installed on your computer without your knowledge and leaves no obvious signs of its installation. It runs in the background. Keyloggers are the most common example of spyware and can collect vast quantities of confidential information including user IDs, passwords, credit card numbers, Social Security numbers, personal medical information and bank transaction data. Such information can thereafter be used in executing identity theft.
Ransomware is short for ransom malware and is a type of malware that prevents individuals and businesses from accessing their systems or data. The victim is urged to pay a ransom for access to be restored. The preferred payment method is cryptocurrency due to the difficulty of establishing the identity of the recipient.
While ransomware has captured the world’s imagination over the last few years, it’s actually a well-established phenomenon going back to the late 1980s. Ransomware is usually delivered via an unsolicited email that includes an infected attachment or a link to a malicious website.
Knowledge is the first step to protecting your network from these threats. It’s by knowing who your adversary is that you can put in place the appropriate measures to defend yourself from attack.