The Most Common Cyberattacks Used Today

Hackers are in overdrive these days causing chaos around the globe. Not only are large organizations at risk, but so are local governments, small businesses, and individuals – essentially anyone regularly connecting to the Internet. Understanding how cyberattacks work is the first step towards defending against them. Below you’ll find Recovery Point’s list of the most common cyberattacks used today:

Phishing

Phishing attacks make up a third of all cyberattacks. An imposter attempts to extract sensitive information from the recipient via email, phone call, or text. Phishing attacks are broken down into these subsets:

• Spear phishing targets individuals using personal information found on the dark web or social media.
• Angler phishing attacks occur when an imposter finds a target on social media and attempts to steal credentials outside a corporate network.
• Whale phishing goes after C-suite employees looking for a big payout.

Malware-Based Attacks

Malware is short for malicious software which is intrusive and designed to damage or destroy computer systems. Examples include viruses, worms, Trojan viruses, spyware, adware, and ransomware. To become active, malware must install on a target device after which a malicious script moves past the security measures and performs one (or more) of the following actions: restricting access, stealing files, damaging critical files, spying on user activity, or hijacking control of a device.

Password Attacks

Obtaining a compromised credential is the gateway for password attacks. Criminals rely on a variety of methods to discover passphrases. The most popular methods include using social engineering, hacking, spying on unencrypted network transmissions, using a bot for random guessing, or paying an employee for a password.

Brute-Force Attacks

This pursuit is time intensive, and most cybercriminals use bots to work through all possible combinations of a potential password to guess login info, encryption keys, or discover a hidden web page. Signals that you’re experiencing a brute-force attack include:

• Several failed login attempts from the same IP address
• Logins with multiple username attempts from the same IP address
• Logins for a single account from many different IP addresses

Dictionary Attacks

Many people select easy to remember passwords, but that practice makes cracking into an account simple for hackers. Popular passwords are available for purchase in a bundle on the dark web. Bad actors also try common passwords like “abc123” or “987654.”

Insider Threats

Disgruntled employees can be a serious threat to organizations. Employees who are in debt often disclose credentials for money. Unfortunately, insider threats are difficult to predict.

Password Spraying

Password spraying pays homage to lady luck and Vegas odds by attempting to use the same password across as many accounts as possible. For example, a bot might crawl across the Internet, trying to log into every profile with a “123456” credential (which over 3.5 million Americans use as a password.)

Man-in-the-Middle Attacks

We’ve been told time and again not to use unsecured public Wi-Fi and preventing man-in-the-middle (MITM) attacks is a big reason why. A hacker can easily intercept in-transit data moving between two network points without detection. Pre-installed malware that works in the background of the sender’s or the recipient’s system (or the network as a whole) also is used for MITM attacks. Session hijacking is an advanced MITM attack where an imposter takes over a session between a client and the server. MITM will continue to evolve.

SQL Injections

Even amateur hackers can perform successful SQL injections. Predefined SQL commands are injected into a database which exploits a weakness permitting system entry. Once in, criminals can read sensitive data, modify or permanently delete stored files, or trigger executive functions (system shutdown or altering user permissions.)

DOS & DDoS Attacks

Denial of Service (DOS) and Distributed Denial of Service (DDoS) attacks slow down operations by trying to overwhelm a system, server, or network with a barrage of fake requests. A target is spammed until bandwidth is exhausted and legitimate requests can’t be completed. Sometimes, these attacks are used as a diversion while hackers perform other malicious activities.

Advanced Persistent Threat (APT)

APT is a very complex operation where bad actors often assemble a full-time team who silently wait in the background within the target system to maintain a long-term presence. They can take over a website completely, steal large amounts of data, perform corporate espionage, and promote a long-term outage.

Zero Day Exploits

Zero day exploits occur when hackers enter a system through a software security flaw that exists without the internal IT team’s knowledge.

Watering Hole Attacks

Watering hole attacks target a particular group of end users. Hackers gain entry into a website or set up a malicious copy of popular page. Once the target interacts with the malware-infested website, a variety of cybercrimes can take place.

URL Changes

URL rewriting involves an attacker changing the parameters in a URL address to redirect the victim to a different website infected with malware.

Rootkits

These malicious programs give an intruder unauthorized admin-level access to a computer or other software.

Trojan Horse

Trojan horse approach uses a malicious program that is hidden inside a seemingly legitimate one. When the user executes the presumably innocent program, out comes the malware inside the trojan which opens a backdoor into the system for hackers.

The complexity of cyberattacks continues to evolve. Staying informed in addition to promoting strong security and IT protocols are good practices to enforce throughout your organization.

Our experts can help you prepare and manage a cyber resilience strategy. Contact Recovery Point to learn more about our security offerings.