Cyber security is the application of technologies, processes, and controls to protect systems, networks, programs, devices, and data from Cyber Security Threats. It aims to reduce the risk of cyber-attacks and protect against unauthorized exploitation of systems, networks, and technologies.
Cyber security practices continue to evolve as the Internet, and digitally dependent operations evolve and change. According to SecureWorks, people studying cyber security are focusing most of their attention on the following two areas:
The main area of Cyber Security Study
- The Internet of Things
- The Explosion of Data
The Internet of Things
Individual devices that connect to the Internet or other networks provide an access point for hackers. Cytelligence reports that in 2019, hackers increasingly targeted smart home and Internet of Things (IoT) devices, such as smart TVs, voice assistants, connected baby monitors, and cellphones.
Hackers who successfully compromise a connected home gain access to users’ Wi-Fi credentials and their data, such as medical records, bank statements, and website login information.
The Explosion of Data
Data storage on laptops and cellphones makes it easier for cyber attackers to find entry points into networks through personal devices.
For example, in the May 2019 book Exploding Data: Reclaiming Our Cybersecurity in the Digital Age, former US Secretary of Homeland Security Michael Chertoff warns of the widespread exposure to personal information of individuals who are increasingly vulnerable to Cyber Security Threats.
There are major 7 types of Cyber Security Threats
- SQL Injection
- Password Attacks
- Man in the Middle
- Denial of Service (DoS)
SQL injection is a web security vulnerability and cyber security threat that allows an attacker to interfere with an application’s queries to its database.
A Structured Query Language (SQL) injection is a type of cyber attack that results from inserting malicious code into a server that uses SQL. When infected, the server issues information. Submitting malicious code can be as simple as entering it into a sensitive website search box.
Some common SQL injection examples include: Fetching hidden data, where you can modify the SQL query to return additional results. Breaking down application logic, where you can alter the query to interfere with the sense of the application. Union attacks, where you can retrieve data from different database tables.
Blind SQL (Structured Query Language) injection is a type of SQL injection cyber security threat attack that asks the database true or false questions and determines the answer based on the application response.
Malware is malicious software such as spyware, ransomware, viruses, and worms. Malware is activated when a user clicks on a malicious link or attachment, installing harmful software.
Malware is intrusive software designed to damage and destroys computers and computer systems. Malware is a contraction for “malicious software.” Common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware.
Cisco reports that malware, once activated, can:
- Block access to significant network components (ransomware)
- Install additional harmful software
- Obtain information secretly by transmitting data from hard drive (spyware)
- Disrupt individual parts, causing the system to become inoperable
A password attack refers to various methods to authenticate into password-protected accounts maliciously. These attacks are usually facilitated through software that accelerates cracking or guessing passwords.
With the correct password, the cyber attacker has a wealth of information. Social engineering is a type of password attack that Data Insider defines as a “tactic cyber attackers use that relies heavily on human interaction and often involves people breaking standard security practices.” Other types of password attacks include access to password databases or outright guessing.
For example, a hacker might use a man-in-the-middle attack called SSL hijacking. SSL hijacking occurs when someone tries to connect to a secure website. The attacker creates a bridge of sorts between the user and the intended destination and intercepts any information, such as passwords, passing between the two.
Phishing is a social engineering Cyber Security Threat attack often used to steal user data, including credentials and credit card numbers. This occurs when an attacker, posing as a trusted entity, tricks a victim into opening an email, instant, or text message.
Phishing attacks use fake communication, such as an email, to trick the receiver into opening it and carrying out instructions inside, such as providing a credit card number.
“The goal is to steal sensitive data such as credit card and login information or to install malware on the victim’s machine,” reports Cisco.
Examples of actions requested in a phishing email include:
- Click on Attachment.
- Enabling Macros in a Word Document.
- Updating a password.
- Responding to social media connection requests.
- Using a new Wi-Fi hot spot.
Emotet is a Trojan mainly spread through spam emails (malspam). Infection can come through malicious scripts, macro-enabled document files, or malicious links.
First identified in 2014, Emotet still infects systems and hurts users today, which is why we’re still talking about it, unlike other 2014 trends (Ice Bucket Challenge, anyone?).
Cyber Security threat Protection agency – The Cyber Security and Infrastructure Security Agency (CISA) have described Emotet as “an advanced, modular banking Trojan that acts primarily as a downloader or dropper of other banking Trojans. Emotet remains the most expensive and destructive malware.” Has happened.”
Emote email may have familiar branding designed to make it look like a legitimate email. Emotet may try to persuade users to click on malicious files by using flashy language about “your invoice,” “payment details,” or possibly incoming shipments from well-known parcel companies.
Emotet uses many tricks to try and prevent detection and analysis. Specifically, Emotet knows whether it is running inside a virtual machine (VM) and will deactivate if it detects a sandbox environment, a tool cyber security researchers use within a secure, controlled location. Use to inspect malware.
Man in the Middle
A man in the middle (MITM) attack is a general term for when a criminal places himself in a conversation between a user and an application—either to disguise or impersonate one of the parties, to make it appear. It is as if the usual exchange of information is going on.
A man-in-the-middle (MITM) attack is a form of cyber attack where critical data is intercepted by an attacker using a technique to block himself in the communication process.
Generally, MITM attacks fall into two categories: passive MITM, which is completely eavesdropping, and active MITM, a more advanced attack where a person can capture everything transmitted between two devices and capture data—May change in transit.
SSL prevents man-in-the-middle attacks from doing their job because SSL has based on the PKI (Public Key Infrastructure) framework and its asymmetric cryptography. It is called asymmetric cryptography because it uses public/private key pair encryption.
Denial of Service (DoS)
A Denial-of-Service (DoS) attack is designed to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by either filling the target with traffic or sending information that triggered the accident.
Victims of DoS attacks often target the web servers of high-profile organizations such as banking, commerce, and media companies or government and business organizations. Although DoS attacks do not typically result in theft or loss of important information or other assets, they can cost the victim a great deal of time and money to handle.
Denial of Service (DoS) is a type of cyber attack that floods a computer or network to not respond to requests. A distributed DoS (DDoS) does the same thing, but the episode is from a computer network.
Cyber attackers often use flood attacks to disrupt the “handshake” process and carry out a DoS. Many other techniques can be used, and some cyber attackers use those when a network is incapacitated to launch further attacks.
According to Jeff Melnick of Netvix, an information technology security software company, a botnet is a type of DDoS. Millions of systems can be infected with malware and controlled by a hacker.
Botnets, sometimes called zombie systems, target and overwhelm the target’s processing capabilities. Botnets are in different geographic locations and are difficult to detect.