What is Cyber-attack?
Cyber-attacks are unwelcome attempts with malicious intent to steal, expose, alter, disable or destroy information through unauthorized access by exploiting a vulnerability or weakness in a computer system or systems of individuals or of an organization.
Why cyber-attacks happen?
Motivations for a cyberattack can vary it depends on the intent. There are four main classifications:
Criminal: Criminally motivated attackers generally seek financial gain through money theft, data theft, supply chain disruption leading to business disruption
Socio-Political: Socially & politically motivated attackers seek attention for their causes. They make their attacks known to the public
Personal: Personally motivated attackers generally will take money, data, or a mere chance to disrupt a company’s system. (They maybe disgruntled current or former employees)
Others: This includes spying, espionage in order to gain an unfair advantage over competitors or to tarnish the reputation
Who is behind cyberattacks?
It can have multiple types of classification, but the most accepted classifications are:
Outsider Threats: This includes organized criminals or groups, professional hackers, hacktivists, etc.
Insider Threats: Employee or employees careless of security policies and procedures, current or former disgruntled employee(s), Business partner, client(s), contractor(s), supplier(s), etc.
What are common types of Cyberattacks?
Types of cyberattacks are classified into four generic categories:
Network Security Attacks: Network security attacks are any attempts that are made to exploit servers, firewalls, computers, routers, switches, printers, etc. The goal of a network attack can be to bring down a network, steal, modify, or remove access to valuable data.
Wireless Security Attacks: Wireless security attacks are any attempt to intrusion and penetration that target wireless networks, such as mobiles and other devices connected via business Wi-Fi. The goal of such an attack is to target information that is being shared through the networks.
Malware Attacks: Malware is any piece of software or code that was written to damage and destroy targets computers and computer systems with the intent of doing harm to data, devices, or to people. The goal is to infect the targets systems and perform unusual activities like stealing sensitive data, sending out emails without user action, randomly rebooting, denying user access, etc.
Social Engineering Attacks: Social engineering attacks are any attempt to psychologically manipulate a user (it involves human interaction) into giving up sensitive information like user account credentials, OTP, Card details, wiring funds, or personal customer information. These attacks rely on human error, rather than any kind of vulnerability in operating system or software
Way to Mitigation?
No system is hacker-proof or 100% vulnerability-free against such attacks. Cyber attackers have enough time, and resources to launch an attack and to find a way in.
But such risks and consequences related to such attacks and by mitigated (minimized) by following best practices
- Deploy a “difficult to attack” cyber security defense system
- Shift your financial transactions and confidential data to Blockchain
- Follow strict Zero trust security model
- Migrate to cloud
- Multi authentication and authorizations
- Think twice before clicking any unidentified link from unidentified/identified source
- Increase cyber security awareness among colleagues
- Make cybersecurity a habit not just practice