A board director’s guide to cyberattacks
As a company director and member of the board, you don’t have to be an IT expert to understand that cyberattacks pose one of the most significant risks to your organisation. Here is a director’s guide to cyberattacks.
Cyberattacks are happening more frequently and are evolving in terms of their sophistication. Here are 13 types of cyberattacks that boards should consider.
Cyberattacks can happen for a variety of reasons and in a variety of ways. Cybercriminals are often attracted to organisations due to the weaknesses in their security policies, practices, or technology. If you sit on a board, you should know your organisation’s cyber strengths and weaknesses.
What is a cyberattack?
In a cyberattack, a criminal attempts to exploit an IT system to perform theft, extortion, disruption, or any other unlawful activity.
Cyberattacks can come from people within an organisation, but in the main, they are performed by criminals outside an organisation.
A guide to cyberattacks – 13 of the most common types
A computer system can be infiltrated in many different ways, but most cyberattacks follow pretty similar techniques. Following are 13 examples.
- An application that maliciously performs a wide range of tasks is called malware.
- There are some malware strains designed to create persistent network access.
- There are those that spy on the user to obtain valuable credentials, while others simply disrupt their work.
- Various forms of malware aim to extort money or other goods from their victims.
- Ransomware is one of the most common forms of malware, which encrypts all of the victim’s files and then those responsible demand payment for the decryption key.
- A Phishing attack occurs when the attacker tries to trick an unsuspecting victim into sharing valuable information such as bank account details.
- It is often the case that phishing attacks come in the form of emails pretending to be from a legitimate organisation, such as the taxman or your bank.
- The most common cyber-attack is probably phishing, as it is easy and surprisingly effective to carry out.
Man-in-the-middle attack (MITM)
- In MITM attacks, the attacker intercepts communication between two parties, eavesdropping on them in a bid to steal their personal information.
- Today, MIM attacks are less common since most email systems and chat systems use end-to-end encryption, ensuring no third parties can read your emails or chats.
Distributed denial-of-service (DDoS) attack
- An attempt to bring down a server by flooding it with traffic is known as a DDoS attack.
- The primary difference between a DDoS attack and a traditional denial-of-service attack is that multiple compromised devices overload the target with traffic.
- Most firewalls are equipped to detect and respond to DDoS attacks.
Business email compromise (BEC)
- By using a BEC attack, the attacker targets individuals with the ability to authorise financial transactions to trick them into transferring funds into the attacker’s account.
- By knowing information about their executives, employees, clients, business partners and potential business partners, the attacker will better convince the employee to hand over the funds.
- Among the most costly types of cyber-attacks are BEC attacks.
- In a drive-by-download attack, the victim is infected via a website that they visited unknowingly.
- This website may have been compromised or owned directly by the attacker.
- There are instances when malware is served in advertisements and banners.
- ‘Exploit kits’ are available today, which provide novice hackers with the ability to set up malicious websites or distribute malware quickly.
- Password attacks are cyber-attacks in which an attacker tries to guess or crack the user’s password.
- Examples of such attacks include Brute-Force, Dictionary, Rainbow Table, Password Spraying, Credential Stuffing, and Keylogger.
- Phishing is another method hackers employ to obtain a user’s password.
- The purpose of an eavesdropping attack sometimes called snooping or sniffing, is to intercept and access data that is being sent over unsecured network communications.
- Employees are requested to use VPNs when accessing the company network from a public Wi-Fi hotspot to prevent this.
Zero-day exploits are caused when cyber-criminals discover a vulnerability in a widely-used software application or operating system, and they use it to attack their targets.
- SQL injection is a specific type of attack against SQL databases.
- To query SQL databases, SQL statements are executed via a web form.
- In cases where the database permissions have not been set correctly, an attacker could exploit the HTML form to run queries that alter, create, read or delete data on the database.
- A DNS tunnel is a sophisticated attack vector that provides attackers with persistent access to specific targets.
- Attackers can insert malware into DNS queries since many organisations fail to monitor DNS traffic for malicious activity.
- The malware creates a continuous communication channel that is nearly impossible to detect by most firewalls.
- It is a daunting prospect to think that AI will be used to launch sophisticated cyber-attacks, as we do not yet know what these attacks can accomplish.
- AI can learn which attack methods work best and modify them accordingly.
- Software vulnerabilities can be rapidly identified using intelligence feeds.
- An AI-powered attack can operate 24 hours a day. They’re fast, cheap, efficient, and flexible.
- The security of IoT devices is generally inferior to that of most modern operating systems, and hackers are diligent in exploiting their vulnerabilities.
- We have yet to see what methods cyber-criminals will use to exploit IoT devices and for what purposes since the internet-of-things is still a relatively new concept.
- Perhaps hackers will target IoT devices such as traffic systems, medical systems, or smart buildings to launch large-scale DDoS attacks.