The most dangerous types of cyber attacks you must know
Since the invention of computers and internet age, cyber attack has been an issue to worry, Many companies have drawn to the lines of wreckage due to data loss, compromise of information and privacy attacks; all these being traced to that nightmare of a thing that escorted the internet called “Cyber attack”.
Now let’s take a very short journey through the major types of cyber attacks and the havoc they have done so far
Malware, short for “malicious software,” refers to any intrusive software developed by cybercriminals (often called “hackers”) to steal data and damage or destroy computers and computer systems. Examples of common malware include viruses, worms, Trojan viruses, spyware, adware, and ransomware. Recent malware attacks have exfiltrated data in mass amounts. Microsoft puts it this way “Malware is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network."
Different ways of malware infection:
- A wormis a standalone piece of malicious software that reproduces itself and spreads from computer to computer.
- A virusis a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.
- A trojanis a program that cannot reproduce itself but masquerades as something the user wants and tricks them into activating it so it can do its damage and spread.
Some real life cases of malware attacks include:
LockerGoga, ransomware, 2019: LockerGoga is a ransomware that hit the news in 2019 for infecting large corporations in the world, such as Altran Technologies and Hydro. It’s estimated that it caused millions of dollars in damage in advanced and targeted attacks.
Emotet, trojan, 2018: Emotet is a trojan that became famous in 2018 after the U.S. Department of Homeland Security defined it as one of the most dangerous and destructive malware. The reason for so much attention is that Emotet is widely used in cases of financial information theft, such as bank logins and cryptocurrencies.The main vectors for Emotet’s spread are malicious emails in the form of spam and phishing campaigns 2 striking examples are the case of the Chilean bank Consorcio, with damages of USD 2 million, and the case of the city of Allentown, Pennsylvania, with losses of USD 1 million.
Zeus, trojan, 2007: Zeus is a trojan distributed through malicious files hidden in emails and fake websites, in cases involving phishing. It’s well known for propagating quickly and for copying keystrokes, which led it to be widely used in cases of credential and passwords theft, such as email accounts and bank accounts.The Zeus attacks hit major companies such as Amazon, Bank of America and Cisco. The damage caused by Zeus and its variations is estimated at more than USD 100 million since it was created in 2007.
Phishing is a type of cybersecurity attack in which malicious actors or actresses (you never know) send messages pretending to be a trusted person or entity. Phishing messages are known to manipulate a user causing him to perform actions like installing malicious files, clicking a malicious link, or even divulging sensitive information such as access credentials. The cyber attack phishing is the most common type when it comes to social media engineering, it describes in general a term describing attempts to manipulate and trick a computer user. Recently, social engineering is becoming an increasing common threat vector used in almost all security incidents. Most of the time, social engineering such as phishing are combined with other attacks like Malware and network attacks.
Some real life cases of phishing attacks:
Facebook and Google: Between 2013 and 2015, Facebook and Google were tricked out of $100 million due to an extended phishing campaign. The phisher took advantage of the fact that both companies used Quanta, a Taiwan-based company, as a vendor. The attacker sent a series of fake invoices to the company that impersonated Quanta, which both Facebook and Google paid. Eventually, the scam was discovered, and Facebook and Google took action through the US legal system. The attacker was arrested and extradited from Lithuania, and, as a result of the legal proceedings, Facebook and Google were able to recover $49.7 million of the $100 million stolen from them.
Upsher-Smith Laboratories: In 2014, a BEC attack against a Minnesotan drug company resulted in the loss of over $39 million to the attackers. The phisher impersonated the CEO of Upsher-Smith Laboratories and sent emails to the organization’s accounts payable coordinator with instructions to send certain wire transfers and to follow the instructions of a “lawyer” working with the attackers. The attack was discovered midway through, enabling the company to recall one of the nine wire transfers sent. This decreased the cost to the company from $50 million to $39 million. The company decided to sue its bank for making the transfers despite numerous missed “red flags”.
FACC: FACC, an Austrian manufacturer of aerospace parts, also lost a significant amount of money to a BEC scam. In 2016, the organization announced the attack and revealed that a phisher posing as the company’s CEO instructed an employee in the accounting department to send $61 million to an attacker-controlled bank account.
3. MAN IN THE MIDDLE ATTACK (MITM):
A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.
The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites and other websites where logging in is required.
Broadly speaking, a MITM attack is the equivalent of a mailman opening your bank statement, writing down your account details and then resealing the envelope and delivering it to your door.
Real life events of Man in the middle attacks
- In 2011, Dutch registrar site DigiNotar was breached, which enabled a threat actor to gain access to 500 certificates for websites like Google, Skype, and others. Access to these certificates allowed the attacker to pose as legitimate websites in a MITM attack, stealing users' data after tricking them into entering passwords on malicious mirror sites. DigiNotar ultimately filed for bankruptcy as a result of the breach.
- In 2017, credit score company Equifax removed its apps from Google and Apple after a breach resulted in the leak of personal data. A researcher found that the app did not consistently use HTTPS, allowing attackers to intercept data as users accessed their accounts.
4. DNS SPOOFING:
DNS (Domain Name Service) spoofing is the process of poisoning entries on a DNS server to redirect a targeted user to a malicious website under attacker control. The DNS attack typically happens in a public Wi-Fi environment but can occur in any situation where the attacker can poison ARP (Address Resolution Protocol) tables and force targeted user devices into using the attacker-controlled machine as the server for a specific website. It’s the first step in a sophisticated phishing attack on public Wi-Fi, and it can also trick users into installing malware on their devices or divulge sensitive information.
Most attackers make use of premade tools to perform DNS spoofing. Some of the actors even write their own tools. Any location with a public Wi-Fi is a primary target of this form of attack although it could also be performed in any location with just a connected device.
Real life events of DNS spoofing attacks
- OilRig, a threat actor operating in the Middle East, created tools with custom DNS Tunneling protocols for C2. The threat actor was able to use this not only as a main channel of communication but also as a fallback channel if originally placed communications didn’t work correctly.
- Unit 42 also observed xHunt, a threat actor which targeted government organizations in the Middle East with a backdoor called Snugy. This backdoor used DNS tunneling to communicate with its C2 server, specifically by issuing DNS A record lookups to resolve custom crafted subdomains of actor-controlled C2 domains.
5. BIRTHDAY ATTACK:
A birthday attack is a type of cryptographic attack, which exploits the mathematics behind the birthday problem in probability theory. Birthday attack can be used in communication abusage between two or more parties. The attack depends on a fixed degree of permutations (pigeonholes) and the higher likelihood of collisions found between random attack attempts, as described in the birthday paradox/problem.
In probability theory, the birthday paradox or birthday problem considers the probability that some paired people in a set of n randomly chosen of them, will have the same birthday.
The birthday attack is named after the birthday paradox. The name is based on fact that in a room with 23 people or more, the odds are greater than 50% that two will share the same birthday. Many find this counterintuitive, and the birthday paradox illustrates why many people’s instinct on probability (and risk) is wrong. You are not trying to match a specific birthday (such as yours); you are trying to match any birthday.
6. AI –POWERED ATTACK:
These are attacks done powered by artificial intelligence. Unfortunately, artificial intelligence has also empowered cybercriminals. Taking advantage of sophisticated and intelligent technology solutions, they can find loopholes in corporate IT networks, Launch large-scale Denial of Service (DoS) attacks, Counter the limited security capabilities of an average organization. Cyberattacks that harness AI might be the biggest threat facing organizations today.
- The AI algorithm bias fiasco continued in this year. Apparently, in America, health care algorithm’s bias has prevented many dark-skinned patients from being able to receive extra help. This came down from almost 50% to less than 20%. The algorithm bias became such a big issue that the American Senators have started to protest the ‘racially biased’ health algorithm saying that the formulas have many ‘historical and human biases built-in’
- 2019 saw two of the biggest data exposures of all time. Where one involved Facebook where more than 540 million users’ data was accessible on unprotected servers until April 2019, as if Mark Zuckerburg didn’t have enough problems. The other was when the financial records of 885 million people were left exposed by First American on public servers where anyone could access them until May 2019. It seems like over the last decade hackers have become more sophisticated with the help of AI when it comes to data and privacy breaches.
- GPT-2 is the name of the machine learning model that was trained on a dataset of 8 million web pages. It was able to adapt the style and content of some of the first pages that it was given from the data. AI could first implement its algorithms on completing first few sentences or write poems, at times better than human beings, but when BBC decided to test it with a real story, the output it gave out made it clear, as BBC put it ‘that it could be used to create fake news pr abusive spam on social media.
- What AI offered to the world of cybersecurity is its ability to detect malware as soon as it enters into a system, or in some cases before it enters it. But, at the same time hackers have used AI to blackmail someone for money after blocking access to their computer system.
- In June 2019, two Florida city governments were hit by a ransomware attack and in order to recover their affected data assets they had to pay more than a million dollars. The first one was Riviera Beach Municipal Party, which paid around $600,000 in bitcoin in order to recover their IT systems which were locked by attackers. The second was Lake City, who had to give up $460,000 to malefactors after suffering Emotet malware downloaded Trickbot and subsequently Ryuk ransomware.
In case if you were paranoid about AI moving beyond human intelligence, that thought isn’t too far. At least in the video gaming world. The idea of AI beating top human video gamers in a strategy game like Starcraft 2 to the point that it defeats 99.8% of them may seem ordinary but, what you should actually be thinking about is that the AI isn’t ‘just playing’ games. The AI is being trained to respond strategically in the real world scenarios. The players deemed the AI AlphaStar’s strategies as unorthodox at times, which tells us how far AI’s own decision making has come.
The AI-AlphGo in 2016 defeated Lee Se- Dol, an 18-time world Go Champion, who retired this year saying ‘the AI cannot be defeated’. Not only this, but AI has been able to perform better than a human mind’s thinking capabilities in many other games. At this pace, AI will continue to develop and learn to a point that some fear will be beyond human control.
There are quite a lot of other cyber attack types but the above listed have arguably caused more havoc than any other. It’s quite unfortunate that cyber terrorism is wrecking the world today but what can we do than to find ways of handling and avoiding them. Learn more about cyber terrorism.
Don’t forget to drop a comment below, we will to get feedbacks from you