What types of cyberattacks exist?
With the internet and artificial intelligence in full swing, our entire daily life is computerized. Smartphones, connected watches, applications, everything pushes us towards a digital transformation, and this is true for all generations! Digital devices today are a comfort that we would find hard to do without. But precisely, with all our information gathered in this kind of dematerialized “magic” that is the Internet, how can we know if it is safe? How can we be sure that our precious data, which cannot be touched, felt , or even really seen, will not be stolen? What are cyber attacks and how do they work?
What is a cyberattack?
To put it simply, it is an attack on the Internet.
It is when people, called hackers, try to steal information stored on computers. To achieve this, they use several techniques: cracking passwords, sending booby-trapped emails or creating malicious websites. Normally, the computer is protected by a firewall, which filters everything that comes from the outside, as well as an anti-virus program that detects intruders. But the firewall is not infallible and hackers know it. They will therefore try to find a flaw in order to infiltrate it. Once they have succeeded, the hackers will be able to access all the confidential information stored on it, but also send “infected” emails, take control…
Here is a list of some types of cyber attacks:
Malware comes from the contraction of the English words “malicious” and “software”, which means “malicious software”. Its purpose is to harm any computer system (computers, phones, various connected objects). Most of the time, malware needs the user’s action to work. It can be an email with a link, an attachment or a text message or a USB key.
Here are some examples of malware:
The virus is a program designed to reproduce itself by infecting other programs and thus spread from device to device. It will alter, damage or delete data.
It is a form of virus, as it will also self-replicate by infecting other programs, but its purpose is to overload the space on the hard disk and thus cause slowdowns or crashes of your computer system.
The Trojan or Trojan Horse
The trojan masquerades as a legitimate program. Therefore, it will introduce malicious subroutines without the user’s knowledge. So when the user opens the program, the malicious subprogram is launched. The latter can be a virus, a worm or other malicious software.
The spyware will collect information about you, it can be passwords, payment information, personal messages… You can imagine the damage caused if your payment details are hacked. In general, spyware is quite difficult to detect because it is extremely discreet, and it is only when the damage is done that you realize it. While it is at work and steals your confidential data, you do not suspect anything and continue using your computer or phone without any problems.
This consists of the hackers encrypting or decrypting the data in the computer system, and then demanding a ransom for the decryption or non-disclosure of the data. Their goal is to attack entities that have a strong capacity to pay ransom (such as companies, government institutions…). The hackers will encrypt the data in such a way as to make it unusable (e-mails, internal messaging, or even factory machine orders). Once the computer system is taken hostage, the ransom is demanded.
There are of course other malwares, all the above are the most used ones.
How can you tell if your device is infected with malware?
If you observe strange actions such as, windows that open by themselves, slowdowns, crashes, pop-up ads, or altered data, then you may be a victim of malware…
DDoS (distributed denial of service)
DDoS is an attack that is carried out by a network of machines. These machines were first hacked by the hacker via the propagation of malware, and he then took control of them. This network of infected machines is called a Botnet. The hacker will then send simultaneous requests using his Botnet. The goal is that the target (a server, a website, an application…) becomes unavailable, out of order, due to the numerous requests sent continuously by the Botnet.
There is also another variant of DDoS attack which is based on reflection and amplification.
In this case, the cybercriminal uses reflectors, which are machines that are accessible on the Internet and not corrupted. Reflectors are made to respond to requests from any source. The hacker will send requests to the reflectors using the IP address of his victim. The victim will be overwhelmed with “responses” that will quickly saturate his network bandwidth and prevent him from using his device.
The motives behind a DDoS attack are quite varied. It goes from the gamer who wants to slow down or deprive his opponent from playing, all the way activists who will block a website for example, to defend their convictions.
Phishing is a very common technique. It consists of the hacker pretending to be someone else, in order to steal confidential information (passwords, means of payment…). The most popular case is that of email. The cybercriminal pretends to be an entity that he is not (Spotify, Amazon, Facebook, telephone operator…), communicates to you by email, an irregularity (risk of hacked passwords, payment not accepted) and strongly invites you to restore this “error” via a link present in this same email. By clicking on this link, you will be taken to an interface that is identical to the original one, and you will be asked to enter your login and password, or your payment information, which will be sent directly to the hacker. Being a user of this platform or service, you could easily fall into this trap. Phishing can also be done via a website, by phone, sms or even on social networks.
However, there is a simple trick to avoid falling for it. Look carefully at the spelling of the sender and/or the IP address. A small “typo” will tell you that it is not the entity in question.
Passionate and expert in web development for business since 2013, our teams design and develop your web and mobile projects.
But the list doesn’t end there! Unfortunately, cybercrime is on the rise due to the omnipresence of the Internet in our daily lives. Drive by download, password cracking, sql injection, MitM and cross-site scripting, are among the many cyber-attack techniques used today.
To protect yourself, there are a few simple actions that can help you to avoid falling into the trap. Avoid opening suspicious emails, regularly update your firewall and antivirus software in order to correct vulnerabilities, make secure copies of your data and finally, use security software that includes anti-virus software.