Newsletter
Latest articles

8 types of cyberattacks and how to protect yourself

by Kelvin Zimmer
September 9, 2020
6-minute read
BONUS: At the end of this article, we've provided an infographic with 8 types of cyberattacks, available for free download.

We live in the digital age, and we all know that technology doesn't wait for adaptations. Along with it, cybersecurity doesn't allow for any downtime. It's always good to reinforce that we must be very careful online.

remote work has become very favorable for cybercriminals .

If you, as a manager, business owner, or IT professional, want to keep your company free from any hacker threat, the first step is to understand how they operate and what the main types of attacks are today.

In the following lines, we mention some of the main attacks and some variations that have been improved in recent months.

1. DDoS Attack

The main objective of this attack, which translates to "Service-Assigned Browsing," is to overload server activities, causing system slowdowns and making websites and access unavailable.

Since many professionals are more connected due to social isolation, this type of attack, if well-distributed, can go unnoticed by security. A DDoS attack is one of the biggest threats to the full operation of a company's systems.

In February of this year, the company Bitfinex suffered a DDoS attack; see the news article for more information.

2. Port Scanning Attack

If there is any vulnerability in the company's system, this malware searches the server in an attempt to find it. If it manages to find the security breach on the company's server, it steals information and data in order to damage the system or hijack the data.

The SempreUpdate portal has released a study on the 3 most vulnerable doors in companies.

3. Ransomware

Widely known as "data kidnapping," ransomware blocks access to all files on the attacked server, and they are released after payment of a sum of money (usually bitcoins), with the amount of the "ransom" determined by the kidnapper.

With companies experiencing increased security vulnerabilities due to the rapid and necessary shift to remote work, the rise in this type of attack is evident.

A good example of a ransomware attack was the attack on Honda Motor. The multinational car company suspended production until the security issue was resolved.

4. Trojan Horse

Popular on the internet, this malware only works with the user's "permission." Simply put, the individual executes an email attachment from a suspicious or unknown sender, or performs a suspicious download containing the camouflaged virus.

There are numerous objectives in a Trojan horse attack. Among them are stealing personal information and disrupting computer functions.

The Computerworld website has listed some of the biggest Trojan horse viruses in history.

5. Brute force attacks

Imagine that to open a padlock with a numerical code, you would have to try all possible combinations. Sounds time-consuming, right? But in the digital world, this can be done very quickly. A brute-force attack steals accounts through numerous attempts at username and password combinations in a very short time.

With this information, the criminal can send numerous messages from sender known to the user, containing content such as phishing and spam, requesting deposits, transfers, access passwords, and many other sensitive details.

According to Kaspersky, a leading company in security software, the number of brute-force attacks on businesses has increased by 333% in two months.

6. Phishing

Phishing , usually carried out via email, is a cyberattack in which hackers trick users into revealing confidential information, including passwords, bank details, and social security numbers.

The attack is usually well-constructed and leads the user to a page identical to the real page, such as that of a bank branch.

As the name suggests, hackers "fish" for user data, throwing out "bait" to trick them.

It is one of the most common and successful types of attacks.

According to new research from the German security company HSB, published on our blog , almost half of the employees who received phishing emails (47%) responded by transferring company funds, causing losses in the range of US$50,000 to US$100,000, more than half a million reais at the current exchange rate .

7. Cryptojacking

This cybercrime uses a computer or any other device connected to the internet to mine cryptocurrency.

In general, the attack involves the spread of a type of malware that installs itself on victims' machines, exploiting the computer's capabilities and resources to generate in-game currency.

Usually, the average victim doesn't even notice, except in cases where the slow browsing speed and computer performance are truly noticeable.

UOL reported that in 2018, more than 4,000 websites worldwide, including government pages from the United States, the United Kingdom, and Australia, were affected by a malicious cryptocurrency mining program.

8. ZeroDay

Also known as "zero-day" attacks, these are attacks that seek out security flaws in newly released programs or applications, exploiting vulnerabilities and bugs before they are patched.

It's a somewhat less common type of attack, as it's specific to the release of new features in the digital realm, but for those who work in development, it's something quite commonplace.

A good example of this attack is Microsoft, which patched 113 security flaws this year in its latest operating system update, 14 of which were listed as critical, and three of which were actively exploited in recent attacks.

10 tips to protect yourself from any type of attack

cyberattacks

We can say that the main entry point for attacks is related to the users' own behavior when using computers. In this sense, basic security , such as user education and adequate training, strengthening the weakest point in data security within companies.

To help businesses, we've listed some tips below to protect against most cyberattacks:

  1. Emails with surprising and unrealistic offers should raise suspicion, as they may be disguised as malware.
  2. Install a good, basic antivirus program , preferably choosing a paid software that offers complete protection for your system, according to your needs.
  3. Keep operating systems and software always up to date. Remember that older versions are more vulnerable to cyberattacks.
  4. It is essential to keep a good firewall always active, avoiding attacks from several of the attacks mentioned above.
  5. Maintain strong and secure passwords . Change your passwords periodically and avoid saving them on computers with high user turnover.
  6. Make backups of your files. Always keeping an up-to-date copy of all your data is essential and will make things much easier if you suffer an attack.
  7. For teams working from home and accessing data remotely, using a VPN connection to ensure that all access to sensitive company data is secure and controlled.
  8. Block access to websites and applications outside the scope of work, preventing access to sites that typically carry a high risk of infection and cyberattacks.
  9. Perform a vulnerability test on your internet network. This will help you identify the weakest points in your protection against cyberattacks.
  10. Have solutions and tools that meet the company's needs, facilitating processes and identifying problems in the most automated way possible, optimizing the time of the responsible professional, eliminating low-importance tasks and prioritizing those of great importance, such as data security.

Infographic: 8 types of cyberattacks

To help you understand and identify the characteristics of each type of cyberattack, we've created an infographic that compiles relevant information about the 8 types of attacks mentioned in the article. Download it for free by clicking on the image below. You can share it with colleagues and friends and spread awareness of the importance of data protection.

Conclusion

Finally, it is worth highlighting that business owners and managers in all sectors should be aware that the most common tactic used by hackers is the lack of knowledge and carelessness of users, exploiting security loopholes and identifying vulnerabilities to steal company data and resources.

In this scenario, it is crucial to invest in preventative measures involving employees, technologies, and the proper management of actions to create a culture of information security within companies and prevent cyberattacks.

I hope I have helped you and your company identify the dangers on the internet and how to avoid some of these attacks in the easiest way possible.

Until next time!

Lumiun DNS Mikrotik
Lumiun DNS integration with pfSense software
Try Lumiun DNS for free
Author
Kelvin Zimmer
Cybersecurity columnist, productivity expert, and Marketing Analyst at Lumiun.
8 comments
  1. Pingback: Information Security Week - Edition No. 29 | Lumiun Blog
  2. Pingback: MDS Cloud Solutions – Pirated software in the company: beware, the “free” option might end up costing you too much!
  3. Pingback: Check out 7 basic data security items. Which ones does your company use?
  4. Pingback: 6 business segments that need more attention to data security
  5. Pingback: Pirated software in the company? Beware! | Lumiun Blog
  6. Pingback: How to protect yourself from a cyberattack: for small businesses
  7. Pingback: Cyberattacks: what they are and how to protect yourself from them - Activa Detective
  8. Pingback: Pirated software in the company: be careful that "free" doesn't end up costing you too much! – HD Mais

Comments closed

Related Posts