Types of Cyber Attacks: Critical Threats
A few months ago, in a post on the most common cyber attacks, we covered the what, how, and why of website-based Trojans, application patch intrusions, and phishing attacks. While these three types of malicious Internet activities are considered highly common, we thought that this week we’d like to cover types of cyber attacks which are less common, harder to detect, and more malicious in nature.
- APT APT, or Advanced Persistent Threat, is a highly evolved, very duplicitous variation of phishing attacks. Whereas a phishing attack will land in an email box disguised as a nicely developed email, an APT acts as a spearphishing tactic wherein malicious parties will send phishing emails to only certain users on your network to avoid being caught in a spam trap. The hope of the hacker, like the hope with phishing emails, is for one of the users to open the email and download whatever application is asked for.By gaining a foothold in a single user within the network, hacking parties gain the login credentials of that user, the IP range of the devices on your network, and the security regulations controlling your network.How to Fight It: The truth is, while BACS offers great networking monitoring platforms and excellent managed IT services, detecting and vanquishing an APT attack is much easier said than done. While all the common advice for detecting and eliminating malicious traffic applies, you also must fully understand the totality of your incoming and outgoing network traffic patterns. To fight against an APT attack, you have to take the time to monitor for normal traffic patterns and out of the ordinary traffic spikes.Your IT department knows the normal traffic patterns of your network. An APT attacker does not.
Another reason APT is hard to fight? It’s based on the persistance of your attacker. While an attacker might not find success on the first 10 attempts, they might find success on the 25th.
- Man-in-the-Middle AttacksHave you ever had the feeling someone is listening in on your conversations yet you didn’t know how? A Man-in-the-Middle (sometimes simply called MitM) functions on the same level of paranoia.The Man-in-the-Middle attack takes place when a hacker finds his/her way into your network, but instead of revealing themselves, they establish a third-party traffic router on your network to siphon off incoming and outgoing traffic to a server of their choosing. As more and more traffic routes to their chosen server, the hacking party shifts through that traffic looking for an juicy information — financial data, network passwords, social security numbers — to use for their benefit. The reason a Man-in-the-Middle attack is so hard to prevent is because, unlike most other attacks where the issue is instantly recognized, this type of attack aims to stay silent and leach off critical data from your network.A common avenue for this type of attack to occur is the lack of routine user login credentials.How to Fight: Much like APT, a MitM attack is hard to fend against because it requires you to monitor and understand the full traffic map of your network. The only way you can confidently locate and kill a MitM attack is to route out outgoing network traffic to servers you don’t control. Once outgoing traffic is determined, you need to route through servers that maintain newer IP ranges or malicious domains. Again, much like an APT attack, you can utilize common network monitoring solutions to fight against MitM attacks; however, they aren’t always successful. The only full way to route out a Man-in-the-Middle Attack is to know your network traffic topology.
- The Attacks We Don’t Yet Know About
This one is important. The truth is, we simply can’t predict every type of cyber attack that may exist in the future. We don’t know what the next Trojan or next malicious worm will be, but we do know there will be one. For every new “unhackable” program or piece of technology, there are would-be hackers all over the world working on how to break in and exploit it. While Ransomware, Point-of-Sale and Espionageware continue to annoy, you’ll see more innovations pop up as security experts shut these cyber attacks down.How to Fight: Be diligent, maintain daily data backups, and ensure that you are working with an IT support company that provides 24/7 monitoring in order to locate small problems before they turn into an avalanche.
At BACS, it’s our business to ensure that your business can succeed and grow. For that to happen, you need the right network infrastructure and support. We aren’t just your average “IT guy” — instead, we act as your business partner, growing right alongside you. For more information on our security services, or to learn more about what we do, contact us by phone at (650) 887-4601 or contact us online today.