A #cyberattack generally involves a threat actor or other digital adversary leveraging manipulative (or otherwise harmful) tactics to gain unauthorized access to a victim’s network or system, thus allowing them to steal large sums of money, expose sensitive data, disrupt critical functions or destroy valuable resources.
Cybercriminals may use a range of methods to deploy these attacks. Common types of attacks include the following:
Malware and ransomware attacks—Known as the most frequently utilized cyberattack method, a malware attack refers to the use of malicious code or programs—such as viruses, worms, bots and Trojans—to infiltrate and damage a victim’s network.
Phishing attacks—Phishing is a scamming method that utilizes deceptive emails or other forms of electronic communication to trick recipients into sharing sensitive information, clicking on malicious links or opening harmful attachments. Many significant cyberattacks have included phishing components. According to a recent report conducted by Verizon, phishing played a role in approximately one-third of all cyber incidents analyzed. Here are some key phishing techniques:
Deceptive phishing—Deceptive phishing is when a cybercriminal impersonates a recognized sender to steal personal data and login credentials. These emails often trick victims by asking them to verify account information, change a password or make a payment.
Spear-phishing—A spear-phishing scheme is typically aimed at specific individuals or companies and uses personalized information to convince victims to share their data. In these instances, cybercriminals will research a victim’s online behavior—such as where they shop or what they share on social media—to collect personal details that make them seem legitimate.
Whaling—Whaling aims to trick high-profile targets such as CEOs, chief financial officers and chief operating officers into revealing sensitive information, including payroll data or intellectual property. Since many executives fail to attend company security training, they are often vulnerable to whaling scams.
Vishing—Vishing, or “voice phishing,” occurs when a criminal calls a target’s phone to get them to share personal or financial information. These scammers often disguise themselves as trusted sources, such as a bank or the IRS, and rely on creating a sense of urgency or fear to trick a victim into giving up sensitive information.
Smishing—Smishing refers to “SMS phishing” and incorporates malicious links into text messages. These messages often appear to be from a trustworthy source and lure victims in by offering a coupon code or a chance to win a free prize.
IoT-based and distributed denial-of-service (DDoS) attacks—IoT-based attacks pertain to any incidents in which digital adversaries compromise internet-connected devices. Many IoT-based incidents serve as the first step in launching DDoS attacks, which occur when cybercriminals attempt to interrupt an online service by flooding it with fake traffic.
Identity-based attacks—These attacks entail cybercriminals compromising victims’ identities by way of stolen account credentials to access private networks and sensitive data. These attacks may utilize brute-force
techniques in which cybercriminals submit various combinations of account usernames and passwords until they come across the correct credentials, or they may rely on more advanced tactics, such as the following:
Credential stuffing—These incidents entail cybercriminals leveraging stolen usernames and passwords in attempts to gain access to additional accounts and systems.
Man-in-the-middle (MITM) attacks—Such an attack refers to a cybercriminal intercepting a digital interaction or exchange between individuals, systems or an individual and a system.
Spoofing attacks—These attacks involve cybercriminals impersonating known sources to engage with victims and manipulate them into providing access to their networks and systems.
Email spoofing—This tactic entails digital adversaries communicating with targets via fraudulent emails by using addresses that closely resemble those of legitimate senders, giving victims a false sense of trust and encouraging them to interact with the contents of these messages. Such emails usually contain malicious links or attachments that end up infecting victims’ technology.
Internet protocol (IP) spoofing—Any technology with a Wi-Fi connection has a designated IP address that allows for communication with other connected devices or networks.
HTTPS spoofing—HTTPS is an internet communication safeguard intended to preserve data confidentiality between an individual’s device and the websites they browse. Through HTTPS spoofing, however, a cybercriminal tricks their target’s browser into thinking a malicious website is safe and secure, thus allowing the victim to access it and unwittingly share their data.
Code injection attacks—Such attacks involve cybercriminals hacking into vulnerable systems and injecting applications found on this technology with malicious code. Upon opening these corrupted applications, victims will unknowingly process invalid data on their devices and change the technology’s typical course of action, paving the way for malware to steal, alter or destroy system components.
Supply chain attacks—These attacks entail cybercriminals exploiting vendors who provide essential services within organizations’ supply chains, thus affecting multiple parties in the process. Such incidents either target third-party software (e.g., launching malware in an application to compromise users’ systems) or hardware (e.g., injecting harmful code in a program to damage physical components of users’ technology).
Insider attacks—Such incidents involve internal threat actors—particularly current or former employees—taking advantage of their access to organizational networks, systems or data and knowledge of key business processes to help carry out cyberattacks against employers. These incidents often stem from malicious intentions, in which employees seek personal financial gain in exchange for system infiltration or
Domain Name System (DNS) tunneling attacks—This attack method entails a cybercriminal changing elements of a target’s DNS server as a way of redirecting the victim’s online traffic to fake websites that closely resemble intended domains. If the target logs in to any of these false websites, they will have unintentionally provided the cybercriminal with account credentials and associated data.
It’s essential for organizations to understand that they aren’t alone in managing their digital exposures and safeguarding against cyberattacks. There is an abundance of resources and guidance available from trusted experts and professionals. For more information, contact Menicucci Insurance Agency at (505) 883-3683.
Read more about how to create a Cyber Security - Preventative Measures & Incident Response Plan.