First things first, you must understand the major difference between cybercrime and cyber threats. They both are related, but they have also diverged in some way. Cybercrime refers to criminal activities using computer devices, and the internet while Cyberthreats are malicious events that are designed to risk the confidentiality, integrity, or availability of computer systems, organizations, or data.
To protect computer systems, networks, and electronic devices from unauthorized access, theft, damage, or disruption, the term “Cyber Security” has been used.
What is Cyber Security?
In today’s interconnected world, cybersecurity plays a crucial role in preventing cyberattacks and ensuring the integrity and availability of programmed assets. This technology is specially designed to provide security to sensitive information. It also involves developing and implementing policies, procedures, and best practices for securing regular software updates, strong password management, and user training on safe computing practices.
When is it needed?
Whenever there is an indication that an unauthorized third party is trying to gain access to a specific system to breach sensitive information, there is a need for cybersecurity to act as a safeguard.
The before times:
In May 2017, a global cyberattack was known as the “WannaCry Attack”. This cyberattack was carried out by a ransomware crypto worm belonging to the group Shadow Brokers. This has made the Microsoft Windows operating system face the challenge as it has been encrypted and demanded to pay for the decryption key in order to unlock the sufferer’s files in Bitcoins.
In 2020, Pakistan also suffered from a ransomware cyberattack known as the “NetWalker Attack” to encrypt the computer system of Lahore Electric Supply Company (LESCO). They demanded a price for decryption, which was rejected by LESCO, resulting in a prolonged electric supply shortage. Later on, LESCO took measures to improve its cybersecurity defenses and to prevent similar attacks from happening in the future. The company also worked with law enforcement agencies to investigate the attack and identify the perpetrator.
If we talk about the term “Cyberbullying” or “Cyber harassment”, they both come under the same roof. Cyberbullying is typically determined as online abuse using social media to embarrass and intimidate someone. The hackers steal the identity and spread fake rumors that can have serious consequences for the victim’s mental health and well-being, and can even lead to suicide in extreme cases. Whereas cyber harassment has broader terms that involve criminal offenses involving violence and sexual threats.
Types of Cyberattacks
⦁ Malware Attack
This attack comprises venomous software designed to access the system through infected websites, downloads, and spoofing emails. The malware attack is developed to harm sensitive data.
In order to protect the system and data from this attack, you need to update your system on a regular basis and use anti-virus or anti-malware software instead.
Following are some anti-malware software that can help out:
⦁ Malwarebytes
⦁ Avast Free Antivirus
⦁ Ransomware Attack
This type of cyberattack encompasses encrypting the victim’s data, locking their device with an encrypted passcode, and demanding payment to unlock the device using a decryption key. The consequences of a ransomware attack can lead to significant financial and reputational damage for organizations and individuals.
It is indispensable to have vigorous cybersecurity measures in place to prevent and respond to ransomware attacks.
For instance:
⦁ regular backups of critical data
⦁ timely software updates,
⦁ user awareness training to identify and avoid scams.
Here are a few anti-ransomware tools that can be helpful:
⦁ Trend Micro Ransom Buster
⦁ Kaspersky Anti-Ransomware Tool
⦁ Phishing Attack
A phishing attack is a subcategory of social engineering attacks. In this type of cyberattack, a hacker attempts to trick a victim into revealing sensitive information. Phishing attacks are usually carried out by clicking on a malicious link or downloading a malware-infected file.
It can be done by way of:
⦁ Email Phishing:
The most common attack is email phishing, which is caused by an email that pretends to be sent from a confidential platform such as a bank or any kind of social media podium.
⦁ Spear phishing:
In this category, the hacker keeps an eye on the overall activities and behavior of a victim such as, what they do, where they study, and what they shop for. By doing so, the hacker can pretend to be a close friend, a customer, or any other person that appears to be legitimate.
⦁ Smishing:
This phishing attack sends a fraudulent SMS and tends to be a part of a legalized platform.
⦁ Denial-of-Service (DoS) Attack
A DoS attack triggers an outrageous amount of traffic in the network and system that is targeted by the attacker. This attack pointedly causes a rush in incoming flow and leads to a system crash or causes the application to stop responding. It exhausts the resources such as bandwidth, processing power, or memory.
There are three types of DoS attacks:
⦁ Distributed Denial-of-Service (DDoS) attack
⦁ Application-layer DoS attack
⦁ Network-layer DoS attack
To overcome these attacks:
⦁ Use a firewall: A firewall filters the congestion.
⦁ Use load balancing: Load balancing distributes traffic across multiple servers to prevent congestion.
⦁ Man-in-the-middle Attack
A man-in-the-middle (MITM) attack involves a third party between two people. When one person sends information or a message to another, the hacker does not allow that information or message to reach its destination. Instead, they steal vulnerable information and alter it according to their needs. The hacker can carry out this attack through email, instant messaging, and voice over IP (VoIP), but it is most commonly associated with Wi-Fi networks and web browsing. The main goal of the attacker is to steal personal information, credit card credentials, or any other information that can be used for malicious purposes.
There are the following ways to protect your system from (MITM) attacks:
⦁ Encryption:
This can be achieved through the use of a Secure Sockets Layer (SSL), Transport Layer Security (TLS), or other encryption protocols.
⦁ Two-factor authentication:
Two-factor authentication (2FA) can be used to add an extra layer of security to the authentication process, making it more difficult for attackers to steal login credentials.
⦁ Virtual Private Network (VPN):
A VPN can be used to create a secure, encrypted connection between two parties over the internet, preventing MITM attackers from intercepting or manipulating the communication.
⦁ SQL injection Attack
In this type of cyberattack, the attacker gains access to an application’s database so that he could alter, delete, update, or edit any query according to his requirements. This may lead to severe chaos and loss of victims’ private data. Attackers can then use this information for identity theft, fraud, or other illegal activities.
The solution to resolve SQL-injected database can be:
⦁ ORM (Object Relational Mapping):
This tool provides a library layer that automatically separates the SQL query code from input values. In this way, the attacker cannot inject the queries into the database.
⦁ WAFs (Web Application Firewall):
It is specifically designed to detect and prevent the SQL injections present in the database of any application.
It does its job as follows:
⦁ Behavior-based detection
⦁ Anomaly detection
⦁ Signature-based detection
⦁ Cross-site scripting (XSS) Attack
In this type of cyberattack, the hacker injects a crucial function into the website resulting in unsuspecting users in the browser. XSS attacks can result in the theft of sensitive information, such as login credentials or financial data.
Prevention of XSS attack:
CSP (Content Securing Policy) CSP is an encrypting measure that allows website owners to restrict the types of content that can be loaded on their website. This can help prevent XSS attacks by limiting the sources from which scripts can be loaded.
CSP has several directives that can be used to control the resources that a page can load. Some of these directives include:
⦁ default-src: specifies the default sources for all resource types.
⦁ script-src: specifies the sources from which scripts can be loaded.
⦁ style-src: specifies the sources from which stylesheets can be loaded.
⦁ img-src: specifies the sources from which images can be loaded.
Conclusion:
With the rapid growth of digital technology and the increasing reliance on interconnected systems, the risks of cyber threats have also grown exponentially. As we rely on modern technology, we also have to face some challenges. Cyber security is more important than ever in our increasingly digital world. As technology continues to advance, so do the threats and risks that come with it. Effective cyber security dictates a combination of technical tactics and human behavior, including regular software updates, strong passwords and authentication measures, regular backups, and user education and awareness. Organizations and individuals must work together to develop and implement systematic cybersecurity strategies that address the emerging risk landscape.
