Awareness on various forms of cyberattacks, techniques adopted and prevention is essential for survival in the present era, in which data has become the most valuable asset. Any illegal attempt or access of data, unauthorized modification or copying of data or disruption of services or damages to information systems comes under cyberattack. Refer Cyberattack: Definition, Motives and Categorisation for details.
Techniques adopted in cyberattacks
Organizations across the world are facing several information technology related threats. Banking and financial institutions are major targets as they keep financial and identity records. Ransom attack, phishing, vishing, brute force attack and hacking are major categories such cyberattacks. A number of techniques are adopted in cyberattacks and the types of attacks can be broadly categories as two.
Syntactic attacks are direct and straight forward attacks through malicious software like viruses, worms and Trojan horses. A virus is a program with self-replicating capability that attaches itself to another program or file and get reproduced. It hides in safe location in a computer till it identfies a suitable file to carry out execution. Worm on the otherside has self-sustainable capability. It replicates using its own programme. Trojan horses perform legitimate tasks on one side and unwanted activity on other side. It often gets downloaded through useful applications or files. It does useful work for both the user and creator (attacker).
Semantic attack is aimed at modification and dissemination of correct and incorrect information to create confusion. Dissemination of wrong information is used to mislead someone from tracking.
Consequences of cyberattacks
A cyber security incident has severe adverse impact the on the image and financials of an organization. This is caused through increased business down time, escalated cost for protection of data and legal liability. Other negative impacts are
a. Fraud and extortion through identity theft
b. Damage to computer systems, programmes and data through malware, pharming, phishing, spamming, spoofing, spyware, Trojans and viruses
c. Denial-of-service through distributed denial-of-service attacks
d. Access denial for authorized users
e. Password stealing
f. Website defacement and negative propaganda through official sites
g. Utilization of official sources for dissemination of negative messaging and publicity
h. Breach of Intellectual Property rights.
Cyberattacks- Preventive measures
Cyber security preparedness and active role of Cyber Security Incident Response team will enable organizations to monitor and prevent cyberattacks. The vigilance of top management and equally aware and prepared work force are prerequisites to identify and diffuse cyberattacks. Skill upgradation, continuous awareness creation and coming together of various departments of business are essential to thwart cyberattack. Today, many institutions invest heavily in prevention of cyberattacks as the attack leads to heavy losses in terms of operational expenses, legal issues and regulatory requirements.
Updated browsers act as a strong prevention mechanism. Other two commonly adopted methods are application of firewalls and regular updation of antivirus programmes. Lack of updated version of antivirus is often a major vulnerability leading to cyberattacks. Large corporates employs full-fledged cyber security teams for continuous monitoring activities like IP tracing, data analysis, real-time interception, sharing of intelligence reports etc towards protection from attacks. They also restrict employees from using unapproved devices and laptops, down loading and sharing of classified data, USBs etc apart from real time monitoring of network traffic. Physical entry restriction and password policy are two other methods adopted for enhancing security against cyberattacks. Any strange behavior arising from employee computer is assessed properly. Having reliable back up, remote disaster centres, well drafted disaster recovery plans, application of different servers and utilization of services of ethical hackers are some other techniques adopted in identification and prevention of cyberattacks.
Cyberattack: Techniques, Consequences and Prevention
Awareness on various forms of cyberattacks, techniques adopted and prevention is essential for survival in the present era, in which data has become the most valuable asset