Types of Cyber-attacks and Why Cybersecurity is Important

Reading Time: 6 minutes

Not so long ago, cyber-attacks were solely the problem of techies. However, things have changed, and no one can afford to ignore the importance of cybersecurity. Gadgets, phones, and anything that can be connected to a computer or the internet are susceptible to cyber-attacks from criminals. The possibility of data breaches, losing confidential information, and tarnishing the image of a business is heightened with these attacks. Therefore, it is crucial that you know the types of cyber threats and how to buff up your cybersecurity to prevent them.

Types of Cyber-attacks

A cyber-attack is an intentional activity that exploits computers, networks, and enterprises that rely heavily on technology. Malicious codes are used by cybercriminals to alter the data, logic, or code on the computer. The common types of cyber-attacks are:

cybersecurity attacks

  1. Phishing Attacks

Phishing is the technique used to steal a user’s data from the internet or computer-connected device. Login credentials, credit card numbers, and passwords are usually what such hackers obtain from their victims.

Such criminals use disguise, pretending to be someone their victims can trust, and then trick them into opening a message, email, or link. Usually, the victim’s system freezes shortly after clicking the link or message, and their sensitive information becomes accessible to the hacker.

For example, you probably receive spam in your email every day. It is very likely that a few of them would have links to buy a product, or read an article. Such spams can be a window for hackers to steal funds, make unauthorized purchases, or take over your entire computer.

Phishing is one security breach that can have disastrous, and long-lasting effects on a victim. There are several types of phishing attacks which include:

– Whale Phishing: Here, high-profiled employees like CEOs are targeted and tricked into making transfers to the attacker.

– Spear Attack: This is an email targeted threat to an individual or organization.

– Pharming: Pharming is a fraudulent act that directs users to a fake page that looks like the original, to steal from them. For example, an attacker can create a web page that looks exactly like that of the victim’s bank to trick them into entering their pin.

  1. Man-in-the-middle attack

The man-in-the-middle attack is a security breach where cybercriminals place themselves between the communication system of a client and the server. For example, you are on a call with your boss, and he has just given you some sensitive information over the phone. In man-in-the-middle attacks, a criminal will be listening to that conversation and obtain the information you spoke about.

Man-in-the-middle is by far the sneakiest attack by criminals. Vulnerable WiFi connections and communication lines are the easiest means to carry out this security breach. The three common types of man-in-the-middle attack are:

– Session Hijacking: In this cyber-attack, the hacker takes control of the session between the network server and the victim. For instance, the hacker can replace the user’s connection, or even create a fake server that the victim will be tricked into connecting to.

– IP spoofing: This security breach provides access to the hacker by tricking the user into communicating with a known entity. For instance, a packet of internet addresses, including that of a trusted site like google, can be sent to the victim.

– Replay: In this Man-in-the-middle threat, the hacker saves old messages and then uses it later to impersonate the user. For example, if a hacker gets hold of your Instagram page, he or she can use it to impersonate you.

  1. SQL Injection Treat

SQL is an acronym for Structured Query Language, and an SQL attack is one of the oldest cybersecurity breaches. In SQL, queries are made. Therefore, in the SQL injection threat, a malicious query is sent to the device (a computer, phone, etc.) or a server. Sensitive information is then forced to be exposed by the server.

For instance, a cybercriminal can create a query that disrupts and gets into the database of your webpage through SQL injection. All the data, like your customers’ details, amount paid, and other confidential information, can then be released by the query.

The daunting part of this cyber-attack is that the attacker can not only get hold of sensitive information but also alter or wipe them completely.

  1. Distributed Denial of Service (DDoS) Attack

This cyber-attack overwhelms a network, system, or computer with unwanted traffic. The system or server is bombarded with high-volume traffic that its bandwidth and resources cannot handle. Hence, they will not be able to respond to requests. For example, a gardening website that notices a sky-rocketed number of visits of unknown users in a day may be under a DDoS attack.

Distributed Denial of Service attacks does not usually result in identity theft or loss of vital information. However, it will cost a lot of money to get the server running again.

  1. Drive-by Attack

Drive-by attacks are security threats that download unwanted materials from a website. It is one of the most common ways of spreading malware as all the hacker has to do is to plant code on the page. You have probably seen a few pop-ups that do not relate in any way to what you are searching on the internet. Such pop-ups are drive-by attacks.

Unlike other cyber-attacks, a drive-by download does not need you to do anything to enable the attack on your computing device. The best way to protect yourself from such threats is to update your internet browsers frequently. Also, do not leave too many apps and programs on your devices open.

  1. Cross-Site Scripting (XSS)

Cross-site scripting is a cyber-attack where an attacker sends malicious code to a reputable website. It is an attack that is permitted only when a website allows code to be attached to its own. The two scripts are then bundled together and sent to the victim. As soon as the script is executed, a cookie is sent to the attacker. With this type of cyber-attack, hackers can collect sensitive data and monitor the activities of the victim.

For example, if you see a funny-looking code on your government’s page, then an attacker is probably trying to get access to your device through Cross-Site Scripting.

  1. Password Attack

As its name implies, password attack is an attempt to steal passwords from a user. Since passwords are the most common authentication means, attackers are always on the lookout for ways to use this cyber-attack. Two common techniques they use to get a user’s password are;

– Brute-force guessing: This entails using different random words, hoping that one of them would be the correct password. If the hacker knows his or her victim, they can apply logic while guessing and try the person’s title, name, job, or hobbies as the password.

– Dictionary Attack: In this case, the hacker uses some of the common passwords to gain access to the user’s device. For instance, 1234 or ‘abcde’ are passwords that a lot of people use on their devices. These two are at the top of the list of common ones an attacker will try out.

To protect yourself from either of these two types of password attacks, implement a lockout policy to your cybersecurity.

  1. Ransomware Attack

One cyber threat with scary consequences is the ransomware attack. In this type of security breach, the malware prevents users from accessing the data they stored on a server or database. The hacker then sends out a threat demanding a ransom unless the data will be exposed or deleted.

  1. Eavesdropping Attack

Eavesdropping attack is also known as snooping, network security threat, or sniffing. It is very similar to the man-in-the-middle attack, but here a secured connection between the user and a server is not allowed. Data and information are stolen after they have been sent, so they do not get across to the server.

Unsecured and weak network transmissions allow this security breach to thrive. Any device within the network is susceptible to an eavesdropping attack from hackers.

  1. AI-Powered attacks

Artificial intelligence (AI) has been making ground-breaking success in recent years. Almost every gadget has some application of AI in it, which heightens the scare of an AI-powered cyber-attack. Such security threats will have the most devastating effects as autonomous cars, drones, and computer systems can be hacked by artificial intelligence. As they are made but not controlled by humans, AI can also be used to shut down power supplies, national security systems, and hospitals.

Conclusion

Listed above are some of the cyber-attacks that you can face as a business owner or user of technological devices. The data, accounts, passwords, and sensitive information that can be lost deleted, or made public by cyber-attacks is alarming. Tech companies are also not exempted from the scare. Facebook had a security breach where $439 million to recover from a cyber breach, and Equifax spent an estimated $439 million to recover from a cyber breach.

Cyber threats are attacks that you should stand up to and protect yourself and the company from the harm that comes with it.

How to Secure Your Company Website from Hackers

Reading Time: 5 minutes

It’s surprising how business owners invest heavily into all aspects of their business except for their website security. It’s especially surprising, given how cyber crime is increasing at an alarming rate today. Most businesses don’t do enough about securing their websites because they labour under the misconception that their websites do not host anything that could be of any value to the attackers or that cyber crimes are limited to just theft. Truth is, if you leave your website unsecured, it will become exposed to a number of cyber crimes ranging from theft, manhandling, destruction, deletion and much more. It is almost like leaving the doors of your home open for strangers. Hence, it becomes extremely important to protect websites from becoming vulnerable and falling prey to malicious hackers. Follow the steps listed below to ensure that your website is well protected.

Keep Your Website Platform and Software Updated

Keeping all the website software updated is the first step towards securing your website. Un-updated software is one of the biggest reasons for websites getting hacked. The moment hackers find a security hole in the software, they will be quick to abuse it. Joomla, WordPress, Umbraco and other CMS providers keep releasing new patches and updates to plug any security holes in their software. Update your software whenever a new version is released. For managed hosting solutions, the hassles are less as the hosting companies ensure that their systems are up-to-date. It is also essential to clean your website of old and unused plugins since those are the weak spots which hackers target.

You can also use tools like RubyGems, Composer or npm to manage software dependencies. Often, developers tend to overlook the security vulnerabilities of a package while working on them. An easy way to solve this issue is by installing tools like Gemnasium which will notify you every time your software faces vulnerability and requires your attention. 

Keep Out SQL Injection

SQL injection attackers use URL parameters or a web form field to gain access and control over website database. It is easy for hackers to insert rogue codes in your query if you are using standard Transact SQL. Once the attackers have control over your database they can manipulate it to extract information, or even delete the data. The best way to prevent these attacks is by using queries that have multiple parameters. Parameterised queries are part of almost all web languages where you can choose and implement values of your own. 

Use HTTPS

While working on the website, it is important to ensure that the content is well protected even when it is in transit. Web hackers often intercept and manipulate data in transit before it reaches the server. Attacks can start with simple breaches – when attackers posing as website users steal cookie authentication requests and use that to take over login sessions. HTTPS is a proven method to avert these kinds of attacks. HTTPS ensures encryption of private or sensitive data so that it doesn’t land in the wrong hands. You can use automated frameworks and platforms to set up HTTPS easily without spending a fortune on it. SSL certificate, for example, is used to ensure safe transfer of data between websites and servers. Google has recently started notifying websites if they don’t use HTTPS and takes it a step further by boosting your SEO ranking if it does. These certificates are inexpensive but secure ways of protecting your website information.

 

Install a Web Application Firewall

Installing a web application firewall is like putting a protective shield over your website. WAF or web application firewall can be both software or hardware based. There are several cloud based security providers who are making safety applications available in the market today. These applications contain enterprise level security measures but at much reduced prices. These solutions monitor the quality of incoming traffic to your website to ensure that no malpractioners are targeting your website. WAF is that defence line which protects your website against a range of attacks including SQL injections, cross site scripting, SPAM, brute force attacks and more. With cloud based plug-and-play web application firewall, you won’t even need security experts to look over the process – the applications are quite self-functioning. 

Hide Your Admin Directories

Hackers often target website sources and admin directories to hack into a system. Admin directories contain all kinds of crucial information- from the data that ensures a smooth running of your website to the permissions and conditions that rule how users interact with your website. Needless to say, if hackers gain access to this file, they can cause serious damage to your business. Hackers can use really simple tricks like running a script through your web directories to scan files with ‘admin’ or ‘login’ written on it. Locating these files make it easier for them to hack into it. As a counter trick, what you can do is – rename these files cleverly so that hackers won’t identify them as the admin directory. Pick inconspicuous names that dont give themselves away. As an extra precautionary step, make sure only your webmasters know the location and details of this file.

Prevent Cross-Site Scripting

Cross site scripting attacks your website by injecting malicious javascript into your site and infecting visitors who are exposed to that code. Similar to SQL injection, cross site scripting can be prevented by using parameterised queries. Use these parameters to define the inputs clearly so that no foreign codes can slip in. Front-end frameworks like Angular and Ember provide XSS protection. Tools like content security policy can also protect your site from cross site scripting. 

Secure File Uploads

If you are allowing your website users to upload files (whether to change the avatar or more), you are essentially making your website susceptible to hacking. Even if you use security systems to check through your website regularly, file uploads can cause serious damage by giving hackers complete access to your site data. Of course, the best way to deal with this is by blocking access to uploaded files but alternately, you can also store these files outside your root directory. This way you can access them through scripts and limit access for users. 

Always check the file extensions but don’t just count on that as there are ways for the threat files to get through.

Conclusion

Securing your website is not just a moral obligation but a legal requirement sometimes, especially if it has sensitive user data. Attacks can happen anytime and if it happens it will be fast, leaving you no room for preparation – so prepare in advance. Adding even small, inexpensive security measures can go a long way in preventing attacks. Website owners must take cyber security as seriously as they take sales or customer relationship management (if not more). Include these aforementioned steps in your security process to ensure that your website is not an easy target for hackers.

15 Most Important Cybersecurity Interview Questions

Reading Time: 5 minutes

Cybersecurity is a vast domain and there are a wide variety of questions that could be asked during an interview. Recruiters mostly focus on the technical aspects and knowledge of tools and techniques to ensure a secure framework. Here are a few commonly asked cybersecurity interview questions that you might face while seeking jobs in the cybersecurity domain.

 

  1. What is data leakage and what causes it?

The unauthorized transmission of data from within an organization to an external entity or destination is known as data leakage.

The many factors that contribute to data leakage are: 

– Weak passwords

– Theft of company assets 

– The exploitation of vulnerabilities by Hackers

– Accidental e-mails 

– Malicious attacks

– Loss of paperwork

– Phishing

– System errors or misconfiguration

– Inadequate security features for shared drives and documents

– Unsecured back-up

 

  1. How can data be safeguarded?

     

    – Data Loss Prevention Software

    – Email Encryption

    – Training employees on password implementation

    – Two-Factor Authentication

    – Using Virtual Private Networks

    – Monitor and regularize usage of physical devices

    – Periodic Reviews of IT Infrastructure

    – Regularly update cyber-security policies

    – Wipe the old devices clean before disposing them

The most common data loss prevention techniques are:

– Encryption

– Cryptographic hashing

– Encoding

– Data fingerprinting (read, hash and store)

 

  1. Explain the threat, vulnerability, and risk?

Vulnerability is the gap or weakness in a security program that could be exploited to acquire unauthorized access to a company’s asset.

Threat is anything that can intentionally or accidentally exploit a vulnerability to damage or destroy an asset.

Risk is the potential of a threat to exploit a vulnerability and destroy or damage an asset. If a system is not secure enough and has the chances of data loss or damage, it’s under high risk.

 

  1. What are the different types of web server vulnerabilities?

Some of the web server vulnerabilities are:

– Misconfiguration

– Default Settings

– Bugs in Operating System or web server

 

5. What is SSL? Is it enough when it comes to encryption?

SSL is not hard data encryption. It is an identity verification technique to understand that the person one is conversing with is in fact who they say they are. SSL and TLS are used almost everywhere and by everyone, and because of this popularity, it faces the risk of being attacked via its implementation and its very known methodology (eg.: The Heartbleed bug). Additional security is required for data-in-transit and data-at-rest, as SSL can be easily stripped in certain circumstances. 

 

  1. Describe the 3 major first steps for securing your Linux server.

The three broad steps to secure a Linux Server are:

Auditing – A server audit is performed to find our obscure issues that can challenge the server security or stability. The system is scanned or audited for security issues using a tool called Lynis. Each category is separately scanned and a hardening index is subsequently provided to the auditor to take further actions. 

Hardening: Once the audit is complete, the system needs to be hardened based on the security level it requires. This process mainly involves taking the right steps against the security issues identified while auditing.

Compliance: Sticking to the policy outline and the technical baseline is an important aspect of security to maintain a common standard for the same.

 

  1. What are the techniques used in preventing a brute force login attack?

There are three techniques to prevent Brute force login attack:

Account Lockout Policy: After a set number of failed attempts the account is locked out until the administrator unlocks it.

Progressive Delays: After three failed login attempts, the account will be locked for a certain time period. With each failed login attempt after this, the lock-out period will keep increasing, hence making it impractical for the automated tools to attempt forced login.

Challenge-response test: This is primarily to prevent automatic submissions on the login page. Tools like free reCaptcha can be used to ask the user to manually input some text or solve a simple problem to ensure that a user is an actual person. 

 

  1. What is Phishing and how can it be prevented?

Phishing is a social engineering attack intended to steal data from users. The data attacked is usually the login credentials, credit card numbers, and bank account details with an intention to deceit or scam users. The social engineer impersonates genuine web pages and asks for login and other details. 

Some of the ways to prevent phishing are: 

– Two-factor Authentication involving two identity confirmation methods

– Filters to flag high-risk e-mails

– Augmented password logins using identity cues

– Train your employees to beware of certain tell-tail e-mails, and on information sharing tactics

– Have a guard against Spam

 

  1. What is a CIA triad?

It is a standard for implementing Information Security and is common across various types of systems and/or across organizations.

cybersecurity interview questions

Confidentiality: Only the concerned audience can access the data.

Integrity: Ensures that data is kept intact without any foul play in the middle

Availability: Of data and computers to authorized parties, as needed

 

  1. Explain SSL encryption

Secured Sockets Layer is the standard to establish an encrypted link between a browser and a web server. It secures the data exchanged between the web server and the browser, and keeps it private and integral. SSL is the industry standard to protect online transactions between businesses and their respective customers and is used by millions of websites. 

 

  1. What are salted hashes?

A password is protected in a system by creating a hash value of that password. A ‘salt’ is a random number which is added to this hash value and stored in the system. This helps against the dictionary attacks.

 

  1. What are some common cyber-attacks?

Some of the most common cyber-attacks are:

– Phishing

– Malware

– Password Attacks

– DDoS

– Man in the Middle

– Drive-By Downloads

– Malvertising

– Rogue Software

 

  1. How does tracert or tracerout work?

These are used to determine the route from the host computer to a remote machine. They also identify how packets are redirected, if they take too long to traverse, and the number of hops used to send traffic to a host. 

 

  1. What is the difference between symmetric and asymmetric encryption?

In symmetric encryption, a single key is used for both encryption and decryption. While asymmetric encryption uses different keys. Also, symmetric is much faster but is more difficult to implement as compared to asymmetric. 

 

  1. Is it possible to login to Active Directory from Linux or Mac box?

Yes, it is possible to access the active directory from a Linux or a Mac box system by using the Samba program for implementing the SMB protocol. Depending on the version, this allows for share access, printing, or even Active Directory membership. 

 

Stay tuned to this page for more such information on cybersecurity interview questions and career assistance. If you are not confident enough yet and want to prepare more to grab your dream job in the field of Cyber-Security, upskill with Advanced Computer Security Program: A program by Stanford Center for Professional Development, delivered and supported by Great Learning.