Everything You Always Wanted to Know About Cybersecurity* (*But Were Afraid to Ask)

Uncategorized

26 November 2020


Share :

| |

A brief overview of the most notorious and widespread cyber attacks. Malware, Phishing, Trojans, Data Breach, Ransomware. Are you sure you know what they are?

The cybersecurity landscape is insanely broad and the cyber attacks are constantly evolving and growing. You may know about the must known cyberattacks, but probably you have never really had the chance to understand what they truly consist of. So, we have decided to give an overview of the main cyber attacks, aiming to inform and help people to prevent them.

Sometimes cyber attacks are aimed at stealing and selling data, credentials, or money, but often cybercriminals hit the person to attack the company, so he, or she, becomes a vehicle to carry out attacks aimed to harm the company, steal data, money, ask for ransoms or much more.

Ready to get started? Here we go! 

Malware

The term Malware is an abbreviation of malicious software, and refers to any computer program used to disrupt a computer user’s operations, access confidential information, steal data or compromise the system. Malware is mainly spread via e-mail through phishing emails containing malicious attachments, links, programs or apps downloaded from unsecure websites. A malware could also be spread within the company via infected USBs, intrusions into the local network or the vulnerable operating systems.

One of the most known and widespread types of Malware is the Trojan, surely you have heard about it countless times! 

A Trojan is a masked malicious file, which usually aims to infect the victim’s computer to delete, steal, or modify files. Using a Trojan is one of the most used methods for attacking a computer system. it is necessary to know how to avoid them, especially if you have access to devices that contain sensitive data.

The first advice to prevent a Trojan attack is to download files only from official and reliable websites or sources, avoiding running files from unknown sources and always paying special attention to the file extension, especially on operating systems as Windows, that often hide it. A file named “image.jpg.exe” in fact can appear simply “image.jpg” misleading the user who runs it.

Losing control of your personal phone, tablet or PC is an experience that no one wants to live and when the entire IT infrastructure of a company is attacked it becomes a nightmare, remember that sometimes taking small precautions can help us to avoid major disasters.

Another widespread type of Malware for example is spyware, a malware developed to spy on you. At best, spyware will be used to show you targeted advertising, at worst to steal sensitive data, business secrets, or steal money.

How does it work? The main vectors are, as always, links or attachments, so we recommend that you pay attention to the websites you visit and the emails you open. In addition to these we find apps for smartphones, free programs, but also cookies from the websites you visit. Spyware can be designed to obtain bank’s credentials or to steal information such as username, password, email account, or to record and store a user’s activities on his devices (messages, phones, website you visit). Pay attention, as always, to the emails you open, to what you download, to the sites you visit and to the pop-ups, and finally to the programs you install, including “fake” antivirus.

There are many methods Malware can be spread, but the most common is phishing. 

Phishing

Phishing is a technique that consists of sending emails or SMS that imitate known addresses and completely plausible content and invite you to download attachments, open links or provide your access credentials to certain sites and services. Cyber criminals can create websites or email clones that are almost identical to the real ones in order to deceive users. For example, in Italy in the last month many users have received emails with the National Social Welfare Institute  as sender, the email states that INPS has detected discrepancies in the payment of taxes and the user is entitled to a refund. Many users downloaded the attached link without thinking about it and probably they have therefore introduced a virus into their computer, but what if these people have downloaded it at work? 

Phishing is just one of the “Social Engineering” techniques. Let’s find out what it is.

Social Engineering

Social engineering is the study of a person’s individual behaviour in order to obtain useful information, a technique widely used by experienced hackers and spies, in many cases the victim remains completely unaware. Attacks proceed in different stages and by different means, from phone calls to phishing to baiting. To get around the victim, cyber criminals can use persuasive psychological techniques based on authority, guilt, panic, ignorance, desire, greed and compassion. You may have been a victim and not know it. Prevention and a proper corporate cyber security culture are the only way to defend yourself. 

Very often the most sophisticated social engineering attacks aim to inflict one of the most feared attacks, the infamous Data Breach. 

Data Breach

In the GDPR text a personal data breach is defined as a breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

The cost of repairing such a violation is very high, especially for companies.. The causes of a data breach could be multiple: hacker attacks, malware, human error, social engineering, or malfunctioning of the company’s web infrastructure. When cyber criminals take possession of all these data, very often before making them public or destroying them they ask for a ransom, and in this case we are talking about RANSOMWARE, a real digital blackmail. 

Ramsonware 

Ransomware is one of the most widespread cyber attacks in the world. Ransomware is a type of malware that restricts the access of the infected device by asking for a ransom to be paid to remove the restriction. Threats from cybercriminals can be multiple, they can make the device or your personal data inaccessible or threaten to make the data or “business secrets” public. Companies are the main target of Ransomware attacks, for example, in March this year the famous architecture firm Zaha Hadid was a victim and in September Luxottica. Even institutions could be victims: schools, universities and even municipalities, it happened more then one Us college were the victim of a Ransomware. 

Being a type of malware, it spreads mainly through spam e-mails whose objects push to download files related to the user’s work or personal life, such as invoices or documents. The advice is always the same:BE CAREFUL, make periodic backups and change passwords often. We remind you that a correct corporate culture on IT security can prevent damages of thousands or even millions of Euros/dollars for companies.

DDOS 

Until now, we have talked about attacks that hit the individual to hit the company, but now we are talking about an attack that directly affects the IT infrastructure, the famous DOS. 

DoS means Denial of Service, a DoS/DDoS attack is an attack that makes it impossible for users to access the site or services. Do you know the classic scene of the opening of a shopping mall on Black Friday in the United States? Lot of people piled on the doors and couldn’t even get in. 

That is a semi-realistic representation of a DDoS attack. What differentiates it is that in this case DDoS is an attack carried out deliberately, very often by ZOMBIE computers to exhaust the resources of a computer system that provides a service to clients, for example a website on a web server, until it is no longer able to provide the service to requesting clients. DDoS are difficult to stop because the traffic comes from different sources, attacks are usually carried out by sending many packets of requests, usually to a web, FTP or e-mail server saturating its resources and making this system “unstable” and not available to other users. However, the DoS is not always a cyber attack, sometimes there are too many simultaneous requests on a website that it becomes unavailable.

Brute Force

Why have you always been advised to choose a complex password? Why do many sites now demand that there be an alternation of uppercase, lowercase letters and numbers within it?

Because if your password is weak, even the best antivirus will not protect you. If the admin password of your website or application is weak, the risk you run is very high. 

But how does a cracker steal your password? A common way to do it is by implementing a BRUTE FORCE attack, which often uses a common software like THC Hydra: a password cracker that operates by performing a Brute Force attack, thus attempting in parallel many user/password combinations on a login form.

The most effective way to protect yourself from this type of attack is to choose a STRONG password, which is as complex as possible, made up of numbers, upper and lower case and special characters.

This is just the tip of the iceberg of what are the dangers in the great digital ocean, any of our behaviour, any of our connections, any of our choices can affect our security and it is good to always keep this in mind in order to protect yourself, your family and your company. 

The correlation between the economic well-being of a company and security has never been so close, which is why in recent years we have seen the IT security market grow exponentially. Image damage, economic damage, from whatever side you look at it the medal is always the same and will have a higher and higher value, even higher than you can afford. 

THE I has been operating in the cyber security sector for over 15 years, we deal with activities closely related to corporate security such as Security assessment, Vulnerability assessment, Penetration test, but also, above all, security oriented IT solutions, operations related to the Cloud and software development, applying the DevSecOps methodology with expertise.