A board director’s guide to cyberattacks

Malware

• An application that maliciously performs a wide range of tasks is called malware.
• There are some malware strains designed to create persistent network access.
• There are those that spy on the user to obtain valuable credentials, while others simply disrupt their work.
• Various forms of malware aim to extort money or other goods from their victims.
• Ransomware is one of the most common forms of malware, which encrypts all of the victim’s files and then those responsible demand payment for the decryption key.

Phishing

• A Phishing attack occurs when the attacker tries to trick an unsuspecting victim into sharing valuable information such as bank account details.
• It is often the case that phishing attacks come in the form of emails pretending to be from a legitimate organisation, such as the taxman or your bank.
• The most common cyber-attack is probably phishing, as it is easy and surprisingly effective to carry out.

Man-in-the-middle attack (MITM)

• In MITM attacks, the attacker intercepts communication between two parties, eavesdropping on them in a bid to steal their personal information.
• Today, MIM attacks are less common since most email systems and chat systems use end-to-end encryption, ensuring no third parties can read your emails or chats.

Distributed denial-of-service (DDoS) attack

• An attempt to bring down a server by flooding it with traffic is known as a DDoS attack.
• The primary difference between a DDoS attack and a traditional denial-of-service attack is that multiple compromised devices overload the target with traffic.
• Most firewalls are equipped to detect and respond to DDoS attacks.

Business email compromise (BEC)

• By using a BEC attack, the attacker targets individuals with the ability to authorise financial transactions to trick them into transferring funds into the attacker’s account.
• By knowing information about their executives, employees, clients, business partners and potential business partners, the attacker will better convince the employee to hand over the funds.
• Among the most costly types of cyber-attacks are BEC attacks.

Drive-by-download attack

• In a drive-by-download attack, the victim is infected via a website that they visited unknowingly.
• This website may have been compromised or owned directly by the attacker.
• There are instances when malware is served in advertisements and banners.
• ‘Exploit kits’ are available today, which provide novice hackers with the ability to set up malicious websites or distribute malware quickly.

Password attack

• Password attacks are cyber-attacks in which an attacker tries to guess or crack the user’s password.
• Examples of such attacks include Brute-Force, Dictionary, Rainbow Table, Password Spraying, Credential Stuffing, and Keylogger.
• Phishing is another method hackers employ to obtain a user’s password.

Eavesdropping attack

• The purpose of an eavesdropping attack sometimes called snooping or sniffing, is to intercept and access data that is being sent over unsecured network communications.
• Employees are requested to use VPNs when accessing the company network from a public Wi-Fi hotspot to prevent this.

Zero-day exploit

• Zero-day exploits are caused when cyber-criminals discover a vulnerability in a widely-used software application or operating system, and they use it to attack their targets.

SQL injection

• SQL injection is a specific type of attack against SQL databases.
• To query SQL databases, SQL statements are executed via a web form.
• In cases where the database permissions have not been set correctly, an attacker could exploit the HTML form to run queries that alter, create, read or delete data on the database.

DNS tunnelling

• A DNS tunnel is a sophisticated attack vector that provides attackers with persistent access to specific targets.
• Attackers can insert malware into DNS queries since many organisations fail to monitor DNS traffic for malicious activity.
• The malware creates a continuous communication channel that is nearly impossible to detect by most firewalls.

AI-powered attacks

• It is a daunting prospect to think that AI will be used to launch sophisticated cyber-attacks, as we do not yet know what these attacks can accomplish.
• AI can learn which attack methods work best and modify them accordingly.
• Software vulnerabilities can be rapidly identified using intelligence feeds.
• An AI-powered attack can operate 24 hours a day. They’re fast, cheap, efficient, and flexible.

IoT-based attacks

• The security of IoT devices is generally inferior to that of most modern operating systems, and hackers are diligent in exploiting their vulnerabilities.
• We have yet to see what methods cyber-criminals will use to exploit IoT devices and for what purposes since the internet-of-things is still a relatively new concept.
• Perhaps hackers will target IoT devices such as traffic systems, medical systems, or smart buildings to launch large-scale DDoS attacks.