With the development and expansion of network and web services, cybercrime has also risen to pose a dangerous – and potentially fatal – threat to businesses everywhere. Cybersecurity Ventures has predicted cybercrime to cost the world $6 trillion by 2021, an unprecedented transfer of wealth that will exceed global profits of the illegal narcotics industry. Businesses of all sizes are at risk, and 43 percent of data breaches target small enterprises. The figures clearly show cyber security is an issue that needs to be taken seriously.
Fortunately, there are those committed to fighting against the continued and advanced threats. A list of cyber security companies in London shows experts in the field are on hand to deliver the necessary protection.
Denial of service (DoS)
A denial-of-service attack is when systems, networks or servers are overwhelmed by an attack so that they cannot respond to legitimate requests. This does not directly benefit the attacker, though it could be beneficial to the victim’s competitors, or cause the system to be taken offline so another attack can be launched. A similar type of attack is distributed denial-of-service (DDoS), which originates from a larger number of host computers infected by malicious software. The different types of DoS and DDoS attacks can include Ping of Death, Smurf, Teardrop, TCP SYN Flood attack, or those caused by bots or zombie systems.
Phishing attacks are a very common type of cyber attack, with 90 percent of all incidents and breaches involving a phishing element, according to the Verizon Data Breach Investigations Report. Phishing is the sending of emails with the objective of making the user respond in a certain way, usually clicking on an email attachment that downloads malware. Links in emails could also lead users to websites that cause them to download malware. Another common attack is spear phishing, in which attackers research their targets and create messages that are personalised, or appear to be from someone the user already knows.
Man in the Middle (MitM)
When hackers position themselves in two-party transactions, usually between a client and server, it is known as a man-in-the-middle attack, or eavesdropping attack. Interrupting traffic enables hackers to filter and steal data. These attacks may be possible on unsecure public Wi-Fi, coming between the network and client devices, and once a device has been breached, they can install software to process the victim’s data. The different types of MitM attack include: IP spoofing, whereby the hacker pretends to be a trusted host; a replay attack, in which the hacker impersonates a participant by using old messages; or session hijacking, in which a session between a trusted client and network server is taken over.
Attacks that spread malware through downloads are known as drive-by attacks. For this, hackers identify insecure sites and insert malicious script into the code of the web pages. This can mean that visitors to these web pages will have malware directly downloaded to their computers. These attacks can also take place by means of viewing email messages or pop-up windows, and they do not require the user to click to download or open any attachments to activate the malware. Drive-by attacks target vulnerable areas of security, such as where frequent updates have not been applied.
Malware is any kind of unwanted or malicious software that can be installed on a system without permission. It can include ransomware, spyware, viruses or worms. It can be found in various places: it can be attached to legitimate code, useful applications or found throughout the internet. It is designed to seek out vulnerabilities and it may install harmful programmes, block access to components, obtain sensitive information, or disrupt and shut down the system. Other common types of malware are stealth viruses, macro viruses, file infectors, polymorphic viruses, trojan horses, logic bombs or boot record infectors.
An increasingly common attack for data-driven websites, SQL injection is when attackers send SQL queries to the database through client-to-server input data. Commands are submitted using the data-plane input to run predefined SQL commands, and SQL makes no distinction between control and data planes. This means that SQL injection hackers are potentially able to read sensitive data, modify or shutdown the database, or even issue commands to the operating system. These attacks target sites with dynamic SQL, and applications that use PHP and ASP.
When a vulnerability or flaw in software, hardware or firmware is known to an organisation it is known as zero-day. These may be announced before a patch or solution is implemented, and the term zero-day may refer to the vulnerability or the time between the weakness being discovered and the first attack. After it has been made public it is known as an n-day, or one-day, vulnerability. When security issues are discovered usually the organisation is informed, but sometimes it is made public and hackers have a limited time to exploit the vulnerability before a fix is found.
Cross-site scripting (XSS)
By using third-party web resources, attackers are able to run scripts in the web browsers or scriptable applications of victims in an injection attack. The attacker uses the web application to send malicious code, usually in the form of browser-side script to the end user. This means the user may only need to load a webpage for the malicious script to be executed in their browser. It might send a cookie to the attacker’s server, which can then be used for session hijacking. In addition to cookies, the attacker may also be able to extract key strokes, collect network information, capture screenshots or remotely access the victim’s computer.
With such a wide range of cyber attacks that have the potential to upset IT operations, find access to sensitive data or cause harm in other ways, organisations have more than enough reason to ensure their systems are protected to the highest degree. The damage done by attacks is often irreparable, and 60 percent of small businesses close down within six months. Cybercrime is a very real threat, and it represents an aspect of business for which it is always better to be safe than sorry.