Aug 24 5 min read
What are the 3 Main Types of Cyber Attacks?
In this blog, we’re going to explore the protections a dedicated IT provider like Bluecube can offer businesses against the 3 main types of cyber attacks. As well as the defence benefits of a security operations centre (SOC). But, let’s explore what a cyber attack actually is:
What is a Cyber Attack?
As technology becomes more embedded as a part of businesses across the world, cyber attacks become more commonplace. But what are cyber attacks? The term is often confused. This is how we define a cyber attack:
We view a cyber attack as an offensive launched by cyber criminals against a computer or network. This could be a targeted attack against one individual or a multi-national corporation’s network. The purpose of a cyber attack is to gain unauthorised access to a company's systems through the exploitation of technical or human weaknesses, extract and steal data or cause malicious damage. A lesser-known purpose of cyber criminals is to hack a computer system to use for attacks on other systems.
Now you can see the importance for all types of business to protect themselves. A dedicated IT provider can help protect against and disrupt cyber criminal activity.
As well as providing protective controls, your company’s computers and network should be monitored for signs of cyber attacks in progress. This is the purpose of a security operations centre, manned by a specialist team that is available 24-hours a day, 7 days a week all year round.
Here are 3 of the main types of cyber attacks and how Bluecube can safeguard you against these threats:
Phishing Cyber Attack
What is a Phishing attack?
Phishing is when a hacker poses as a trusted organisation to trick a person into responding, clicking a link onto a fake website or opening an attachment. The fake communication link or attachment is the bait that aims to lure victims into revealing sensitive company or personal data such as intellectual property or bank account details.
But how exactly does a phishing attack occur?
Phishing, whilst a cyber attack, is also a psychological attack. The hacker will send out an email, text message, or instant message to several targets, this could be thousands of people at once. A cyber-attacker may also want to trick the recipient into opening a link that may cause the computer to download malicious software.
Simple Ways to Prevent Phishing Attacks
When this tactic is used on businesses, it’s often as a precursor to a more vicious attack. With the support of your SOC and specialist IT consultants, we can offer safety provisions in two ways. The first is to educate all members of staff on what a phishing attack may look like. Secondly, we can safeguard your computer network to protect your business if a phishing email is inadvertently opened.
One of the quickest ways to spot a phishing attack is to validate the sender is legitimate via a phone call or looking their details up separately online. Often, phishing emails are sent from misspelled domains, public email systems such as gmail.com or contain poor grammar.
Denial of Service Attack (DDoS)
What is a DDoS?
The purpose of a DDoS attack is always the same; to make a website slow or unresponsive. A DDoS attack will attempt to overwhelm the volume of web traffic to a site or server, the objective being to prevent it from responding to service requests and possibly take the site or server offline completely. This form of cyber attack is launched from a large number of host machines (called a botnet) that are infected with malicious software.
Types of DDoS Attacks
There are three main types of DDoS attacks. Each has unique qualities and causes different types of damage to a computer system or IT network.
- The most common form of DDoS attack is a volume-based attack. This attack overloads the website or server with a massive amount of fake traffic measured in bits per second (bps); it’s also known as a flood attack.
- A protocol or network-layer DDoS attack is slightly different but focuses on sending a large number of packets, which are a small amount of data grouped together, to a switch.
- The final most common DDoS attack is an application-layer attack. Again, this method focuses on overloading the server or website but this time with malicious requests. This attack overloads the system by targeting specific weaknesses within the website application’s configuration.
Why is a DDoS Carried out?
A DDoS attack will not provide a direct benefit for the attacker but can be used as a threat to extort the recipient organisation. Alternatively, a competitor may launch a DDoS attack on a rival to prevent them from being able to work. Unlike other cyber attack techniques, this form is often preferred when attacking or destroying an organisation, rather than stealing its resources.
According to Kaspersky, a significant increase in the quality and quantity of DDoS attacks were seen in Q1 2020, doubling against the previous reporting period, and up by 80% against Q1 2019. Rises in both the average and maximum duration of attacks were also observed. Whilst the first quarter of every year does typically have a DDoS spike, this kind of increase is unexpected. This highlights the importance of having a detailed defence against the wide range of malicious DDoS attacks.
At Bluecube, our team has put in place a range of technology solutions to provide you with the very best defence against DDoS attacks. Our team can put in place additional processes alongside your business operations that will protect your system from this form of cyber attack. This will allow you to avoid downtime that could cost you potentially thousands of pounds.
Man-in-the-Middle Attack (MitM)
What is a MitM Attack?
A MitM attack happens when the attacker plants themselves in the communications chain of a client/customer and server. There are several types of man-in-the-middle attacks. The general purpose is to try and intercept communications between a business and its customers. It’s crucial not to overlook the importance of ensuring your business is protected against MitM attacks, especially as the IBM X-Force Threat Intelligence 2018 Index showed 35% of exploitation activity involved MitM attacks.
How to Prevent MitM Attacks
A MitM attack presents a lot of risks as they’re very difficult to notice and detect. This is why a dedicated Security Team manned by expert IT specialists can help spot malicious activity by monitoring your communications channels. One of the preventative measures available for your web services involves installing SSL certificates. At the network level, using an Intrusion Detection System (IDS) is also a must. Another safeguarding procedure is to set-up a VPN, adding multiple layers of protection to your system.
Our team will also work with you to help your organisation to be able to detect and stop MitM attacks. For businesses, MitM attacks present a unique threat because if a hacker can impersonate someone in your company it can be extremely damaging for your business and reputation.
Popular Type of MitM Attack
One of the most common types of MitM attacks aims to intercept the communications your business has. If your system is compromised, every communication from you to trusted third parties could be compromised. One form of MitM attack is called Business Email Compromise.
Business Email Compromise
The Business Email Compromise attack technique is one of the most successful ways for cyber criminals to commit fraud. Through the use of phishing lures and other methods, they can fool you into providing your login O365 account credentials. Armed with these, the fraudsters will access your account and set up an email forwarder. This means that any emails that are sent to you are also automatically forwarded to the fraudsters. They will then scan every email for keywords or phrases such as ‘invoice’, ‘sort code’, ‘payment’, etc.
Passwords are still the primary method by which we prove who we are online. Being able to compromise this ability to prove who we are so they can impersonate us to make money is something that cyber criminals value highly. Because passwords have both human and technological weaknesses, it’s important to use a blend of guidance combined with different technology features to keep them secure.
Passwords can be obtained by methods such as social engineering, password spraying attacks and installing keyloggers.
The biggest defence against a password compromise attack is a combination of methods. Consider disabling password expiry and complexity, increasing password length to 10 characters and sharing some up to date guidance around creating and managing secure passwords (such as using three random words) with your company employees.
Our team can help with technical controls around passwords and implementing them, we can also offer advice on preventative measures your employees can take against hackers trying to steal your passwords. We will also ensure your passwords are encrypted at rest and in transit to add a further layer of protection for your business.
Contact Us Today
If you have any concerns about your organisations security or wish to speak to one of our team, please call 0845 257 8010 or fill in the enquiry form on our contact page today.