What is a cyber attack and how is it done?
A cybercrime is a crime with some kind of computer or cyber aspect to it. It can take shape in a variety of formats, and from individuals or groups with different motivating factors. Cyber threats are fundamentally asymmetrical risks in that small groups of individuals can cause disproportionately large amounts of damage.
Categories of Cybercriminals
Financially motivated organized crime groups: Most of these groups are located in Eastern Europe
Nation-state actors: People working directly or indirectly for their government to steal sensitive information and disrupt enemies’ capabilities. They are generally the most sophisticated cyber attackers, with 30% originating in China.
Activist groups, or “hacktivists”: Are not usually out to steal the money. They’re out to promote their religion, politics or cause; to impact reputations or to impact clients.
Insiders: These are the “disillusioned, blackmailed, or even over-helpful” employees operating from within a company. However, they may not engage in cybercriminal activities intentionally; some might simply take a contact list or design document without realizing the harm it could cause.
Distributed Denial of Service (DDoS)
A DDoS attack attempts to disrupt a network’s service. Attackers send high volumes of data or traffic through the network until it becomes overloaded and stops functioning. The incoming traffic flooding the victim originates from many different sources. This makes it impossible to stop the attack by blocking a single IP address, and makes it difficult to distinguish legitimate traffic from attack traffic.
Often posing as a request for data from a trusted third party, phishing attacks are sent via email and ask users to click on a link and enter their personal data. It often involves psychological manipulation, invoking urgency or fear, fooling unsuspecting individuals into handing over confidential information. Phishing technology is now being licensed out to cybercriminals, including on-demand phishing services and off-the-shelf phishing kits. Perhaps most concerning is the fact that dark web services have enabled cybercriminals to refine their campaigns and skills.
Malware, short for “malicious software,” is designed to gain access or damage a computer. Malware is an umbrella term for a host of cyber threats including Trojans, viruses, and worms. It is often introduced to a system through email attachments, software downloads, or operating system vulnerabilities.
Internal Privilege Misuse
While the malicious insiders who leak information to WikiLeaks receive all the press and glory, a more common scenario is that an average but opportunistic employee or end-user secretly takes confidential data hoping to cash out somewhere down the line (60% of the time). Sometimes, employees get a little too curious and do some snooping (17%). Personal information and medical records (71%) are targeted for financial crimes, such as identity theft or tax-return fraud, but sometimes it’s simply for gossip.
Physical Card Skimmers
These attacks include physically implanting on an asset that reads the magnetic stripe data from a payment card (e.g., ATMs, gas pumps, POS terminals). It’s relatively quick and easy to carry out an attack like this, with the potential for relatively high yield—and so is a popular action type (8%).