The various types of cyber attacks
With ever increasing reliance on the internet, especially in business-related environments, internet fraud has risen exponentially over the past few years.
Nowadays most of our information is online, accessible and visible to everyone, almost every business has a webpage introducing their employees and their roles, and these employees themselves use at least one social network, on which they share information about their personal life; family, holidays, pets…
For a criminal it has therefore become very easy to find all the information they need to scam both the employee and the company, and they don’t have to search too far, having all the information they need served on the silver platter that is the internet!
The types of scams (at least, the most popular and frequent) used nowadays mostly rely on the information that employees and companies divulge and on the lack of cyber culture in the workplace.
The primary aim of criminals is to gain sensitive information about both staff and the business, which in turn will help provide access to the network, data and possible company funds.
The main way in which cyber criminals gain this precious information is via a technique known as social engineering, manipulating the victims into taking actions that will benefit the criminal, a prime example being phishing attacks. However as we will see in later articles in this series, phishing is just one of many social engineering techniques the criminals employ.
Other cyberattack methods used by hackers include:
- Drive by downloads: a download to a device without the users’ consent which could be spyware, adware, malware or even a legitimate but unwanted programme.
- Malvertising: the use of online advertising to spread malware into a device
- DDoS: a distributed denial of service attack which is an attack in which multiple compromised devices attack a target such as a server or a website.
All the above attacks can not only put your infrastructure at risk but cause financial loss and increase the risks of a data breach together with consequential reputational damage.
We will take a closer look at the above attacks in following articles, but it is important to note that although each one represents a different threat, and often have a different objective, you can make your business more secure by implementing a strong cyber awareness culture. Your employees are one of your strongest resources to help spot and avoid certain attacks and it is important to invest in your team to help keep your company secure.