With the phrase “ cyber attacks ” being used more and more in the media, they can be hard to understand.
Cyber attacks like physical infections come in many different forms and can cause a variety of issues to the afflicted computers and/or networks. Here are the most common types of Cyber attacks occurring toward online users in business and personal spaces.
Ransomware: Ransomware is a type of malware that infects your machine and will demand a ransom. It typically locks you out of your system, encrypts all of your files and stops you from performing any activity, they say that only their software can decrypt the files and until the ransom is paid, you will be locked out (Payment is often asked for in Bitcoin.) Some businesses have been threatened to publish private information if they don’t pay a specified amount. Ransomware is one of the fastest growing types of security breaches.
APT: Advanced Persistent Threats, or APTs, are targeted attacks that are typically long term and are aimed at breaking into a network at different times and sections of the network in order to avoid being detected by the system. These types of attacks are carried out to steal data, not to cause damage to the network infrastructure.
Phishing: Perhaps the most common form of cyber theft utilised by cyber criminals, phishing involves collecting sensitive information like login credentials and credit-card information through a legitimate-looking (but ultimately fake) website or file, often sent to unsuspecting individuals in an email.
DDoS: A Distributed Denial of Service attack is a server based attack that uses a large number of malware-infected PC’s to intentionally overload a server with requests for access to attempt to shut down the website of a person, business or organisation.
Malware: Malicious software, or “Malware”, describes any program that is put onto the system with the intent to damage or gain unauthorised access. This can be installed like software, via data scripts in a website or e-mail, and or even placed onto the PC via physically means. (USB/CD/DVD) The WannaCry virus that attacked the NHS and Petya virus that attacked the Ukraine are both types of malware.
Password attacks: There are three main types of password attacks: a brute-force attack, which involves guessing the user passwords until they are successful, a dictionary attack which utilises a combination of dictionary words to find a successful password, and finally keylogging, which once installed tracks all of a user’s keystrokes, which does include login IDs and passwords. This is the most common of password attacks due to limits on password entry being common for logins.
Inside attack: If a member of staff has administrative privileges they can access to and damage a company from within, or gain access to confidential company information. Former employees of an organisation in particular can be a threat if they have left the business on bad terms, so you should install a “revoke all access” feature to company data immediately upon an employee’s termination.
These can affect all business types, no matter the size and no matter the protection in place. Black And White Insurance can offer insurance to mitigate these potential risks. Contact us for a quote to stay protected, so you don’t miss a beat when operating your business.