If you’re familiar with the Secure360 blog, you know that we like to dig deep into the many cogs of the security machine. We like to dissect complicated topics like threat hunting and penetration testing and tear them down to bite-sized pieces of valuable information that everyone can understand. Today however, we’re going to take a step back from all of that (in-depth analysis can be exhausting, after all) in order to examine some of the most common attacks that seem obvious but are often overlooked (and how scary is that?).
So, on today’s Halloween edition of Secure360: Trick… or threat?
Phishing is a great place to start in any threat analysis because it is easily the most common form of cyber attack, and also the easiest to understand. The word “phishing” comes from a play on the act of fishing; luring prey in with the use of unsuspecting and tantalizing bait. In other words, phishing attacks involve hackers and malignant actors that try to trick you via email into giving them your personal information which they will use to steal your identity, or money, etc. The scary part about phishing though is that it isn’t as obvious as you may think; most often, phishing emails are designed to look nearly identical to those from organizations you might otherwise already trust. For example, you may receive an email that appears to be from your bank. In the email, you are told that there has been a security breach on your account and therefore you must change your password immediately. You click the link, enter your current password, and the attacker has everything they need to access your funds and sensitive information. One of the easiest ways to help protect yourself against phishing attempts is to change your passwords regularly and use diligent, safe online practices.
Most people are guilty of using the same login credentials (aka, your username and password) across various online accounts. However, doing so can set you up for serious risk of cyber-attack; the first thing most attackers do once a password has been intercepted is try the same password across other channels. Do yourself a favor and change up your passwords across all of your gated accounts. If you find that it is hard to keep all of them straight (which, we don’t blame you) using a password manager can make all the difference.
Denial-of-service (DoS) attacks are attempts made by hackers to exhaust resources available to a network to prevent access of the user. These are usually done by flooding the machine in question with requests in order to overload the system. Distributed denial-of-service attacks, on the other hand, are launched from multiple origination points at the same time, which creates overwhelming levels of traffic on the system. A very simple way to help prevent DoS attacks is to limit the number of allowed responses (such as form submissions) from any given IP address.
Malware is, in alignment with its name, malicious computer software that intentionally impedes or adversely affects the normal functionality of a computer, server or network. Viruses and other forms of malware are transmitted in the same way that human viruses are and spread just like any other disease. It is often attached to an email sent by a black hat hacker to numerous members of an organization. As soon as one person opens the file, it spreads to other computers in the network. The best line of defense against malware is to invest in malware prevention software, and to always be on the alert when receiving emails from unknown senders.
Picture this: You’re standing in line at your favorite coffee shop, when you suddenly realize that your coffee is going to run you $8 more than what you have in your checking account. You connect to the shop’s public Wi-Fi network, login to your phone’s mobile banking portal to transfer some funds and depart a few minutes later with your extra hot double-shot pumpkin spice foamy goodness.
Man-in-the-Middle attacks are a shockingly common risk associated with connecting to public Wi-Fi networks (or, networks that do not require a password, like those often found in airports, coffee shops and other high-traffic public places.) This kind of online attack is when an attacker virtually gets in between you and the place you are trying to send your data. These attackers thereby steal your credentials and personal information. In these instances, hackers scan routers looking for vulnerabilities such as weak passwords and unencrypted networks and take your information without you being any the wiser. Once doing so, they can login to your banking portals and funnel your money anywhere they like.
Many would argue that these are the hardest to detect, and therefore, the most dangerous. Increasingly so, imposter schemes are running rampant through businesses and across email addresses. In these situations, hackers will have obtained the name and/or email address of an individual who has a certain level of authority within a business (“the boss”). They will then email others in the network acting as that person, requesting sensitive information, various out-of-ordinary tasks, “temporary” financial assistance, and more.
For example, you may receive an email from what you believe to be your boss with “important” as the subject line that reads, “Let me know if you’re available. I need to run something by you real quick. I’m running into a meeting now – just respond to this email instead. Thanks.” For most people, this sounds like any other communication from your boss. After responding with your readiness to help, you receive an email telling you to go buy iTunes gift cards “for clients” amounting to $2,000, and to scratch out the codes from each card and email them back. The lesson to be learned: always pay attention to the people that are emailing you and watch for anything that doesn’t seem normal to you.
Halloween is not a time for monsters, and especially cyber attackers, to take a rest. Be sure you know about the scariest, common cybersecurity tricks to protect yourself and your data. If you’re interested in learning more about the monsters that creep in the world of cybersecurity, check out the rest of the Secure360 blog!