Code Red

The world is increasingly going digital, with the internet reaching even the most remote places on our planet. While expanded access has helped improve the lives of millions, with the good comes the bad. There are individuals, organizations, and even nations that use the power of the internet with bad intentions, so it should come as no surprise that the cyber security industry is growing at a remarkable rate to try to defend against these bad actors. The global cyber security industry was estimated to be worth $153 billion in 2020, with expected growth to $366 billion in 2028. Talk about booming! With that in mind, I thought it would be appropriate to cover some of the most common types of cyber attacks. Afterwards, we’ll spend some time looking at an attack known as WannaCry, which I hope didn’t impact any of you reading this blog!

Types of Cyber Attacks

The terms ‘hack’ and ‘virus’ and ‘cyber attack’ are all pretty vague. The general public knows they mean something bad happened on a computer, but what does each of these types of attacks consist of? Let’s dive into 6 of the most common types to learn more about them.

Malware

Malware is short for malicious software, and it covers a whole host of attacks. In general though, it all has one intent: damage and destroy computers and computer systems. Some common types of malware include viruses, spyware, ransomware, and worms.

Phishing

Phishing is another form of a cyber security attack – one that you may have seen your IT department at work warn you about. It is the practice of bad actors sending out emails, typically with links in them, that look like they’re coming from a reputable source. Once you click the link and provide the information requested, your data may be toast, or you may be infected with a virus. Make sure you know exactly who that email came from before you open it!

SQL Injection

SQL injection attacks are a little tougher to understand unless you’re familiar with databases and the querying languages associated with them. Put simply, SQL queries do exactly what they’re told to do. Most commonly, that task is to retrieve data from the database, but it could also be to add, modify, or delete data. Remember when I said queries execute exactly as they’re told to? Well what if a bad actor was able to inject their own commands into the SQL statement? This could lead to unauthorized access of data, data modification and deletion, and many other issues. This is exactly what happens, oftentimes with major consequences, in a SQL injection attack. Bad news bears!

Denial of Service

Unlike other forms of cyber attacks mentioned above, denial of service attacks do not attempt to gain access to restricted data. Instead, their intention is to shut down a computer, or even an entire network. They typically do this by flooding the system with traffic beyond what it can handle, effectively rendering it useless. It leaves actual users helpless, and can cost organizations a lot of time and big money.

Man in the Middle

Man in the middle attacks occur when there is a transfer of data, typically between client and server, and the perpetrator has infiltrated this communication. They will act as though they are the legitimate sender/receiver of data, but will typically insert malicious content in the midst of the legitimate data transfer. The result can be data loss, financial loss, and a multitude of other issues.

Credential Stuffing

Credential stuffing is an interesting type of attack because it typically occurs after a data breach where the bad actor has gained access to a number of username/password combos. In essence, one cyber attack ends up leading to another. What happens is the bad actor will take the credential combo and run them through dozens of other sites to try to gain unauthorized access to data and systems. This typically works because users will reuse their username/password combos across many applications. The consequences of the attack will depend on the systems and data that are able to be accessed, but the potential for a costly attack is high.

WannaCry

Enough talk about what could go wrong… Let’s look at an actual example! To start, we have to travel back to 2017. Americans were busy watching the solar eclipse, hurricane Harvey was battering the shores of Texas, and WannaCry ransomware was on the loose.

Before we dig into it, what exactly is ransomware? It’s a form of malware (see above) that locks up a user’s or organization’s computers and demands payment to restore access. The less evil attacks don’t encrypt your data and can usually be resolved without payment. If data has been encrypted though… well, good luck.

This is exactly what happened to those computers infected by the WannaCry ransomware. The user’s data was encrypted, and a pop-up message demanded payment in bitcoin of $300 – $600. What made WannaCry especially dangerous was that the user didn’t have to actively engage in harmful activity, such as clicking on an email link from a bad actor. WannaCry had the ability to search for vulnerable computers and infect them automatically.

There was a Windows weakness known as EternalBlue that was used to gain entry into a user’s system. Controversially, the NSA had already discovered this weakness but chose not to report it to Microsoft, instead choosing to use it for offensive purposes. It was stolen (most likely from the NSA) by a group known as The Shadow Brokers, and WannaCry was the result.

It’s believed The Shadow Brokers organization is based out North Korea, which has been officially deemed responsible for the attack by the United States. Ultimately, machines in over 100 countries were affected, and total economic damages were estimated to be around $4 billion.

There’s a lot that can go wrong with a computer because they’re so darn dumb. They just do exactly what you tell them to do each and every time, and this makes them vulnerable to bad actors who have knowledge of flaws within human behavior and the systems themselves. The takeaway for me is to always stay educated, and never ignore those annoying Windows updates! Thanks for reading.

WannaCry Sources
  • https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
  • https://www.youtube.com/watch?v=shDgBHUXnr8
  • https://www.youtube.com/watch?v=agFgibQydzg
  • https://www.youtube.com/watch?v=OYrdVMY3wSc
  • https://www.youtube.com/watch?v=cZ543_0bjbw
  • https://securityintelligence.com/articles/what-has-changed-since-wannacry-ransomware-attack/
  • https://www.history.com/topics/21st-century/2017-events
Print Friendly, PDF & Email

Leave a comment

Your email address will not be published. Required fields are marked *