What is a Cyberattack and how to prevent it?

Cyber criminals tend to use the Internet to enrich themselves or harm others. Cyberattacks draw on different attack patterns that tend to be adapted to the motivation behind an attack. However, users aren’t entirely defenseless. With the right security strategies, you can secure and defend yourself.

A cyberattack, unlike malware works in a more targeted manner. While viruses, worms, and Trojans find their victims more or less randomly, cyberattacks target specific individuals, companies, organizations, or authorities. Each attack also has a motive. However, such motives can differ widely:

• Theft: As with most criminal acts, cybercrimes are often motivated by greed. Often cyberattacks are all about stealing data that can be resold or used to access individual bank accounts.
• Blackmail: Criminals may infect company or private user systems in such a way that these can no longer be used, at least not by those with limited IT knowledge. They can then extort considerable sums promising to release the IT infrastructure upon payment.
• Sabotage: Attacks aren’t always motivated by money. Some attacks are financed by competitors. For example, one company may want to damage a competitor to be more successful.
• Activism: Hacktivism continues to grow in popularity. Here, politically minded cybercriminals use their skills to damage the reputation of those they disagree with or to generate attention for political goals through attacks.
• Espionage: Industrial espionage and espionage of government continues to shift online. The focus of these attacks is on accessing knowledge.

Types of cyberattacks tend to vary as much as the motivation for them. In many cases, attack patterns are combined in order to inflict damage as effectively and broadly as possible.

In phishing people are tricked to disregard security concerns and download disguised malware through the help of social engineering. This is usually ransomware, which cripples the system. Subcategories of the method include smishing (using SMS) or vishing (by phone).

In man in the middle attacks, the attacker poses between two entities, for example, between a client and a server, and tries to obtain important data such as passwords. Attacks like these draw on malware or unsafe WiFi connections.

If the sole goal of an attack is to shut down a web service, denial-of-service attacks are usually the tool of choice. This involves flooding a server with so many requests that it becomes non-functional. Larger attacks are carried out via distributed denial of service attacks (DDoS). Here, attackers will have previously set up a botnet by infecting as many computers as possible with corresponding malware. Without the owners’ knowledge, the devices then participate in the cyberattack on the server.

In an SQL Injection attackers use insecure input fields on websites. Using comment functions or search masks, cybercriminals manage to manipulate the SQL database in such a way that they can grab sensitive data.

In recent years, big cyberattacks on companies and public authorities have become increasingly common. On the one hand, these are being facilitated by groups such as Anonymous to gain media attention. On the other hand, there are reports of widespread data theft that end up not only affecting the companies under attack, but also their customers or users.

One well-known cyberattack happened in 2017 using the WannaCry ransomware. Although the attacks were not targeted, they were orchestrated in such a way that hundreds of thousands of PCs got infected in a short time. The cybercriminals used a backdoor in older Windows systems to this end. This was originally discovered by the US intelligence agency NSA but not immediately disclosed. Computers not running an installation of a recently published security patch were affected.

The attackers used this exploit to inject malware, which encrypted all data. Users could no longer use their systems. Instead, they were shown a message asking them to pay $300 in bitcoin. Although numerous security experts advised against paying the ransom, the criminals managed to capture over $130,000 in cryptocurrency.

In recent years, hacker group “Anonymous” has repeatedly caused a stir. One attack by the group concerned Scientology. In 2007, the organization banned an interview with famous member Tom Cruise. Anonymous activists considered this a form of censorship and announced retaliatory strikes via video message.

Shortly thereafter, the hackers began overloading Scientology’s servers with DDoS attacks. This allowed the attackers to paralyze the website for a short time to disrupt the organization’s activities. They also sent countless faxes and made prank calls. After the initial illegal digital attacks on Scientology, activism shifted to legal protests outside the organization’s branches.

In 2013 and 2014, the Yahoo! group suffered several attacks on its databases. The attackers stole several billions of data records, including poorly encrypted passwords or completely unencrypted answers to security questions. These were offered on illegal marketplaces across the Dark Web. Buyers hoped passwords would be used across other platforms or for online banking.

In response to the attacks, Yahoo! asked users to create new passwords and set new answers to security questions for better encryption. Yahoo! paid $100 million in damages to affected users.

Hackers and other cybercriminals are uncovering more complex ways to crack systems and steal data. Even security experts are usually a small step behind attackers. But that doesn’t mean you’re defenseless against cyberattacks. With these tips on cybersecurity, you’ll be well prepared for attacks.

Attackers tend to exploit security vulnerabilities in outdated systems. One of the best preventative measures users can take is to regularly update their operating system and software. To find out about updates or patches, simply activate the automatic update function. This also applies to antivirus programs. Similarly, these should be regularly updated to help users stay informed about emerging threats.

Criminals don’t always use malware for cyberattacks. Password-protected areas tend to be attacked more directly. Brute Force attacks (trying out password combinations), Rainbow Tables (tables with hash values) or password dictionaries (collections of typical passwords) can be used to crack weak passwords. Secure passwords are therefore one of the best preventive measures against cyberattacks.

Many cyberattacks are successful because users do not recognize them as such. You should be extra vigilant about phishing, i.e., opening emails from unknown senders. Do not save or open attachments or click on links. A similar level of vigilance is required when surfing the web. Plenty of threats hide on supposedly harmless websites. Avoid downloading software from websites that you cannot trust. Missing SSL certificates are a good indicator to this end.

System administrators and webmasters draw on other methods to detect cyberattacks. Servers keep log files by default which track suspicious activities. For example, an increased number of unsuccessful password entries indicates a brute force attack.

In addition, you can monitor your IT infrastructure. Malware produces side effects such as a slowed network connection which may be a sign of a cyberattack. However, the reverse does not apply: even computers that run smoothly could still be infected with malware.

In the case of DDoS attacks, operators can actually keep their websites going despite an attack. If you use a Content Delivery Network (CDN), you make it almost impossible for attackers to paralyze a website. Even if your own server overloads, the website remains available via the network of mirrored content.

If in doubt, you can contact local cybercrime units to help. These tend to provide valuable tips to help defend against specific attacks. You can read more about cybercrime on the FBI’s website, for example.

It’s worth taking measures to prepare in case of cyberattacks, because you can never be 100 percent safe. This includes using effective encryption which ensures that sensitive data is unusable for attackers in case they get their hands on it.

A backup strategy is important too. Ransomware attacks aren’t as much of a threat if you store all important data in an external location. Use the 3-2-1-backup rule to keep your files safe at all times.