What Is a Cyber Attack? How to Stay Safe from Cyber Threats
Cyber Threats Are as Varied as the People and Businesses They Target. Here, We Address Today’s Most Common Cyber Threats, and Discuss How You Can Protect Your Network from Becoming Their Latest Victim.
The very first computer virus (named Creeper) was created by BBN Technologies programmer Bob Thomas back in 1971. And by today’s standards, it was fairly rudimentary. Released directly into the closed ARPANET computer network (which would eventually serve as the basis for the internet), the virus was programmed to display a message, print a file and move to the next computer in line to start the process over again.
On the surface, Creeper was basically a harmless prank. But what it accomplished would have widespread, malevolent repercussions for the emergent digital age. It demonstrated that it was indeed possible to build software capable of being automatically transmitted between computers and run without user authorization. Now, nearly 50 years later, we live in a world where malicious cyber attacks are an ongoing threat to individuals, national governments and businesses large and small.
But what is a cyber attack? And what kind of danger do cyber attacks pose to your business?
Protect your network with complete visibility. Click here to learn how.
What Is a Cyber Attack?
When someone says the word “cyber attack,” people often think about malware — viruses and other malicious software programs designed to infiltrate digital systems and cause harm (by stealing data, spying on user actions, installing unwanted software and so on). But while malware and viruses are certainly a big part of the problem, they don’t actually define “cyber attack.” The term cyber attack encompasses a wider definition.
Cyber attacks (sometimes called “computer attacks”) are basically any illegal or unauthorized attempt to infiltrate computers or computer networks, with the intent to steal, destroy, share or otherwise use existing digital assets.
What Are the Most Common Cyber Threats?
There are different types of cyber attacks, and an individual cyber attack can be anything from a simple email scam to a complex, coordinated attack that consists of multiple threats targeting multiple fronts all at once. Here are some types of common cyber threat to be aware of:
- Malware
As previously mentioned, malware is probably the most widely known type of cyber attack. The term malware is a portmanteau of two different words: “malicious” and “software.” And that’s essentially what it is — software that is surreptitiously uploaded into a victim’s computer system where it can then proceed to cause harm. - Phishing
A modern version of traditional cons, phishing uses social engineering and computer programming to create fraudulent websites designed to lure visitors into leaving valuable personal information. These attacks generally start by tricking the end user to open a deceptive email, text or IM, and then asking them to click on a hyperlink. The end goal is to bring users to fraudulent sites and convince them to share personal information. Credit cards and passwords are often the target of phishing schemes, but even things like names, phone numbers and addresses can be captured and put to illegal use. - Man-in-the-middle attacks
Cyber criminals are sometimes able to eavesdrop on sensitive communications between systems. When this happens, it’s referred to as a man-in-the-middle (MITM) attack. You can think of these attacks as the digital equivalent of someone intercepting a letter and reading it (or even rewriting it) before sending it along to the intended recipient. The difference is that MITM attacks often eavesdrop on encrypted communications (HTTPS). And while the “S” in HTTPS is supposed to stand for “secure,” the unfortunate truth is that not every site that claims to use the HTTPS protocol is legitimate. - Denial-of-service attacks
Often, simply slowing or shutting down a system to prevent others from using it can end up costing the target business just as much as (or even more than) a traditional data breach. Denial-of-service attacks are designed to do just that. These attacks generally consist of an attacker sending a large number of requests or queries to a server, keeping it busy and preventing it from operating at normal efficiency. - SQL injection
Not all attacks occur on the surface. SQL injections are a kind of cyber attack where malicious code is actually embedded in an application, causing that application to function differently than intended. - Zero-day exploit
When an attack takes advantage of a previously unknown security vulnerability, it’s called a zero-day exploit. These can be particularly difficult to deal with, as they are new cyber threats without any existing security fixes.
And just as there are many different orders, types and methodologies associated with cyber attacks, there are nearly as many motivations behind them. Most often, cyber attackers are in it for the money — attempting to steal credentials for identity theft schemes, holding data or even entire systems for ransom, or perpetuating fraud within the business itself. But occasionally, cyber criminals will rely on cyber attack strategies to pursue other agendas.
So-called hacktivists may infiltrate computer systems to steal information with the intent to discredit an individual or organization. They may also employ denial-of-service attacks to disrupt the computer systems of political groups (such as government agencies) from being able to function normally. Cyber threats can even target the infrastructure of entire countries, and may be used as a form of digital warfare between nation-states. And then there are those hackers who attack for personal reasons — revenge against former employers, as an intellectual challenge or just to entertain themselves by causing mischief.
Your Business in the Crosshairs
Whether from a money-driven cyber criminal, a politically motivated hacktivist, a spiteful former employee or just a hacker out to test your security, if your business hasn’t already experienced some form of cyber attack, count yourself lucky.
A 2018 IDC report indicates that 77 percent of businesses experienced at least one cybersecurity attack between 2017 and 2018. And of those businesses, 89 percent succumbed to the attack, and 39 percent suffered 5 or more data-corrupting events. Perhaps even more disconcerting is that many businesses don’t even know that they’ve been hacked. And as technology marches on and businesses become ever more dependent on digital systems, cyber threats are becoming increasingly more common — and more difficult to pinpoint.
With so many potential dangers, the role of cyber security is expanding beyond simply preventing threats to networks, to quickly identifying and responding to threats that have made it past initial network security defenses. And that means for optimal security, businesses need access to optimal network traffic visibility and control.
Gigamon: Enhancing Security Across All Infrastructures
Gigamon gives your business the power to put your web traffic under a microscope. The GigaSECURE® Security Delivery Platform, built on the Gigamon Defender Lifecycle Model, is a network packet broker that focuses on threat prevention, detection, prediction and containment. With GigaSECURE, malicious traffic is identified and sent to the right security tools quickly, cutting your risk while also helping reduce tool sprawl. Additionally, Gigamon Insight™ is a cloud-based threat detection and response solution that gives users even more control over threat response and priority, all in real time.
Whether you’re operating infrastructures in the cloud, on premises or virtually, Gigamon empowers your business to approach even the most innovative threats effectively.
After all, cyber threats have evolved since the Creeper first made its debut. It’s time that cyber security evolved as well. With Gigamon, you’ll have the advanced tools and the insight you need to identify threats before they can harm your business.
Further Reading:
- “How Do You Run Cryptography Faster and Stay Secure Without Tripping Over Hackers?“
- “Three Key Driving Techniques That Apply to Your Network“
- “The 5 C’s of Visibility“
CONTINUE THE DISCUSSION
People are talking about this in the Gigamon Community’s Security group.
Share your thoughts today