Cybercrime will cost $10.5 trillion annually by 2025, according to Cybersecurity Ventures. Individuals, governments and businesses alike are more and more at risk of cyberattacks.
According to ITGovernance, there have been 73 publicly disclosed security incidents just in August 2023, which resulted in the loss of 79 million records.
It’s bad. Really bad.
But don’t despair yet. I’m here to educate you on what cybercrime is, types of cyberattacks, and ways you can protect yourself.
Here are the main types of cyberattacks observable today:
And here are a few examples of cybercrimes committed through these cyberattacks:
And the list goes on with countless new victims appearing every day. Hackers are getting smarter, their tools are getting more advanced, and there will be victims.
But we at PrivacyAffairs want to even the odds for the little guy.
Below, I’ll go through every cyberattack type, explain how it works, and how to protect against it.
Let’s get started!
The malware is the most common cyber-threat and also the most versatile due to its many forms.
In short, a malware is a program or software that infects your device without your permission.
Once it enters a system, it will begin following its programming to achieve its goal, whether that is to steal data, encrypt data, display ads, etc.
Since malware can come in so many different forms, it’s not easy to defend against it. But it’s not impossible.
Malware is an insidious piece of software that often slips through the cracks of a security system. Its favorite victim is the unprepared, inattentive, and oblivious individual with low cybersecurity awareness.
As such, the best protection against malware is to become unforgiving to security mistakes, impose airtight security policies, and become hyperaware of the slightest issues with your network and servers.
Phishing relies on social engineering to convince you to divulge sensitive information. There are multiple types of phishing attacks:
Phishing attacks are some of the most insidious cyberattacks on this list. They’re very common and use social engineering to deceive unsuspecting users into disclosing their personal information.
The infamous attack on Colonial Pipeline in May 2021, which resulted in the payment of $4.4 million and the loss of €3.4 billion, started through an email phishing attack.
According to the same site, email was the “primary delivery method for high-profile infrastructure attacks”.
Phishing relies only on social engineering, negligence, inattentiveness, and gullibility. To avoid this, cybersecurity awareness is a must.
Your employees should be able to reasonably identify suspicious emails, attachments, SMS messages, websites, and so on.
They should not download information or files from unknown or untrusted sites either.
An antimalware software will automatically identify phishing sites and warn you not to access them.
I cannot overstate the importance of cybersecurity and threat awareness regarding phishing, though. Phishing attacks succeed only because someone:
Solve these four problems and you’re well-defended against phishing attacks.
DoS and DDoS attacks aim to disrupt a system’s service and force it to shut down completely.
The difference between the two is that:
In both of these cases, the end-goal is service disruption. The simple inactivity of the company and incurred losses is a win for the hackers in some cases.
In other cases, the system becomes vulnerable to other attacks once it goes through a DoS or DDoS attack.
Most DDoS attacks will target online retailers, government websites, gambling companies, financial and fintech companies, and IT service providers.
A botnet is usually used to launch the DDoS attack due to the sheer number of requests that the hackers can send simultaneously from multiple devices.
There are seven steps you can take to prevent and/or respond better to a DDoS attack:
DDoS attacks are becoming more common in 2023. According to Kaspersky’s quarterly report, over 57,116 DDoS attacks were reported in 2023 so far. And Cloudflare says that there’s been an increase of 67% in ransom DDoS attacks in 2022. If you want to read more about them, check out this guide I did!
Identity theft happens when a criminal uses your stolen personal data to:
It’s a case of impersonation, in other words. The criminal gets ahold of your personal data through phishing or other methods. Then, they use that information to impersonate you and obtain benefits.
The hacker can also sell your information to the highest bidder on the dark web. The buyer will then pretend to be you, effectively stealing your identity.
Identity theft often happens because you’re unaware of the way hackers operate or you don’t pay attention to phishing links or attachments. Or you overshare online.
Cherish your privacy, adopt a healthy password policy, and you’ should be safe from identity theft!
Website spoofing replicates the design and interface of a legitimate site to trick users into providing their personal data.
The appear legitimate, the hackers replicate the:
Once they trick you into believing the legitimacy of the site, they’ll either steal your data or install malware into your system.
The way website spoofing often works is by sending you an “urgent” email, asking you to change your credentials because there may be a data breach going on.
Crypto spoofing is especially insidious because the hackers will ask you to send your crypto into another account to keep it safe.
Website spoofing is another cyberattack that relies entirely on social engineering. It’s devised to use your expectations against you.
So, always expect your emails to come from a bad actor and double-check or triple-check their authenticity.
Better safe than sorry, after all.
Cyberstalking happens when a criminal stalks you online, on social media or other communication channels. They’ll gather information about you, harass or even threaten you.
They may install spyware on your device, gain access to your phone camera, and try to blackmail you with the stolen data.
They may use photos or videos against you in an attempt to extort certain things from you (money or sex).
Doxxing is not out of the question either, if the stalker wants to push you to the edge.
Cyberstalking is very common on social media, forums, and other chatting platforms these days. It affects many people, especially those who aren’t experienced in the more mature side of the internet.
The biggest risk to cyberstalking is doxxing, where the hacker publishes your private information online to make fun of you or put you in a tough situation.
A man-in-the-middle attack, MITM for short, occurs when a hacker hijacks the communication between two parties with malicious intent.
The goal of a MITM attack could be:
The attacker effectively inserts itself in the “middle” of the data transfer or communication between the two parties.
A notable example of this is Equifax, a credit score company. In 2017, they removed all their apps from Google and Apple following a data breach that resulted in leaked personal data.
Apparently, their app did not always impose the HTTPS protocol, which allowed hackers to launch MITM attacks when users were accessing their accounts in the app.
MITM attacks are less common in 2023 because end-to-end encryption has become the norm for most chat platforms and email providers.
Even if the network itself is not secure, the end-to-end encryption ensures the data transmitted is safe from prying eyes.
SQL injections are very common hacking techniques used by criminals to attack websites. Here’s how they work:
Since SQL lies at the basis of most databases today, you can see how SQL Injection can be a problem.
When successful, an SQL Injection provides hackers with free reign over a company’s databases.
SQL Injections are one of the most common infiltration methods used by hackers today. They’re also quite complicated and require some technical skills to prevent.
But there are many web development technologies today that include automatic SQL Injection defense layers. It’s already a common element of the programming environment in 2023.
URL Interpretation, also known as URL Poisoning, refers to the act of URL manipulation by hackers. They alter its parameters to try and access potentially private information from the web server.
For instance, the “preview=true” parameter added at the end of the URL may show an unpublished version of the page that may contain sensitive information.
Here’s what hackers can do with URL Interpretation:
In very simple terms, a URL is used to access different resources from a website. Change the URL – access a different resource.
If the web developers are inattentive, they may forget to remove public access to certain resources through the URL.
The only solution to URL Interpretation is to ensure that your URL does not lead to any unwanted sections of your database.
This requires a web developer to analyze the database and patch any vulnerabilities coming from URL accessibility.
It’s not a complicated process. In fact, URL Interpretation only works when web developers have been inattentive.
A DNS is the “domain name system”, which connects web browsers to websites, in short.
DNS Spoofing happens when a hacker alters a DNS server to redirect a user to an unwanted and malicious website that is likely controlled by the hacker.
This usually happens when users connect to public Wi-Fi networks but that’s not necessary. If the hacker has access to the Address Resolution Protocol tables and alter them, they can change the DNS.
This way, they can create a phishing website that resembles the one the user was trying to access.
Here’s how DNS Spoofing is done:
It’s one of the more common attack methods used by hackers due to the vulnerability of public Wi-Fi networks.
DNS Spoofing is less common on regular networks because many internet providers have started adopting DNSSEC (DNS Security). It specifically protects against DNS Spoofing.
In a Password Attack, the criminal is trying to find out your password for an account. This process is also known as “cracking a password”.
Here are the different techniques used by hackers to crack your password:
Password attacks are incredibly common and a big cause of cyberattacks worldwide. If people took greater care in creating their passwords, cybercrime wouldn’t nearly be as profitable as it is.
I cannot overstate the importance of having a strong and complex password for your online security. Your password is the number one credential you don’t want to be found out or leaked.
Protect it at all costs!
Often, the threat isn’t external but internal. Internal actors like former disgruntled employees present a much bigger risk to companies.
These insider threats know the layout of the security system, they know fallback plans, access procedures, validation processes, where IP assets are located, and more.
Basically, they have all the information to bleed your company dry if they ever turn sides and hack you.
There are three types of insider threats:
Negligence is the number one cause of cybersecurity failures in history. It’s what leads to most data breaches no matter where you look.
Once you employ strong cybersecurity measures, security awareness education, and address employee grievances, insider threats are a non-issue, more or less.
A zero-day exploit happens when hackers discover a previously-unknown vulnerability in an operating system or software application.
The vulnerability either hasn’t been discovered at all or has just been discovered and security patches haven’t been applied yet.
The hackers will attack companies exhibiting this zero-day vulnerability and exploit it before the patch becomes available.
Here’s the timeline of a zero-day exploit attack:
Zero-day exploits are extremely tricky because there’s effectively no defense against them before a patch comes out.
There’s no current solution against zero-day exploits due to their very nature. Before a security patch comes out, these exploits can be used by hackers if they learn about them.
Next-Generation Antivirus software might be useful because they stop hackers from installing unknown hackers on a device.
You should also have an incident response plan ready for when an attack happens. You need to be able to recover fast and keep your most essential systems running.
Cryptojacking uses a user’s device to mine cryptocurrency for the hackers without the user’s knowledge. This type of attack should remain invisible from the victim at all times.
Here’s how cryptojacking works:
Usually, a user may see higher electricity costs, performance issues, a higher CPU usage, or overheating. These are all potential follow-ups of cryptojacking.
Watch out for your PC or laptop fan running faster than before for no apparent reason. Overheating is a direct cause of cryptojacking software due to how intensive it is.
Your CPU will also be overused for performing complex mathematical equations in order to mine the cryptocurrency. So, it will have a higher usage, which will also impact performance.
There have been several known cases of cryptojacking like the Los Angeles Times’ Homicidal Reports case in 2018 or the CoinHive case in the same year.
Eventually, they’re found out by eagle-eyed security researchers or users. However, cryptojacking software is innately harder to find because it works in the shadow at all times.
Cryptojacking isn’t as dangerous as other forms of attack but it’s unpleasant nonetheless. In extreme cases, it can even damage your computer parts due to overheating.
A watering hole attack works by infecting a well-known and reputable site in order to target its users.
This usually means installing infected HTML code into the site to redirect users to malicious websites, which will then install the malicious software on the users’ devices.
This attack is specifically devised to target professional individuals in the hope of gaining access to their corporate network.
By infecting an industry professional and gaining access to their device, the hackers may discover access credentials, information on the user’s corporate ties, and more.
Watering hole attacks aren’t as well-known due to their specific nature. But there have been several infamous attacks (Forbes in 2015).
As we’ve seen with previous cases of Watering Hole Attacks, the hackers either used backdoors to infiltrate known software or created fake versions of known known website features.
This all led to information theft and data breaches that were soon reported by users and discovered by the vendors.
DNS Tunneling exploits the DNS protocol (queries and responses) to insert malware software into the DNS queries (requests sent to the server from the client).
The malware employed has a special function, and that is to create a constant communication channel between the hacker and the victim’s device. Most firewalls will not be able to detect this “tunnel”.
Here’s how DNS Tunneling happens:
It’s a pretty complex process that often goes unnoticed until it’s too late. It’s not impossible to track down or prevent, though.
It’s important to educate your security staff in the best practices for identifying threats and malicious activities. With DNS tunneling, it’s a matter of negligence that leads to the installation of malware on a company device, or a phishing attack gone wrong.
Business Email Compromise relies fully on social engineering to convince a company employee to transfer funds into the attacker’s account.
This type of attack usually takes months to implement because research and planning are key. The hackers need to understand:
Because of this, Business Email Compromises attacks aren’t as common. However, they’re among the most catastrophic cyberattacks for a company to go through.
The financial losses, if the attack succeeds, could be in the millions of dollars. That’s something no company wants to go through.
Business email compromises are responsible for some of the biggest cyberattacks in recent years.
The Norfund heist in March 2020 is the most sophisticated and well-planned BEC attack in cybersecurity history, for instance.
Eavesdropping attacks are similar to Man-in-the-Middle attacks with one difference – the former are more passive rather than active.
Eavesdropping attacks allow for the monitorization of a victim through an unsecure network (Wi-Fi network). This is also known as “snooping” in hacker terms.
The hacker intercepts the data coming through the unsecured communication channel and is able to access it.
By comparison, man-in-the-middle attacks allow for a more active approach, where the hacker can install malware on the victim’s device or gain control of it.
Whereas eavesdropping attacks only allow for a passive infiltration of a user’s device. The hacker can only see the data passively.
Eavesdropping attacks are very similar to MITM attacks in how they manifest. Adopt the same protection methods for both and you’ll limit the attach chance significantly.
Cybercrime is at an all-time high not only because the technology is evolving but because the victims are taken by surprise.
They’re negligent with their data, oblivious about the risks, and inattentive about their actions online.
Even within companies, not all employees are trained the same. Some receive a superficial cybersecurity training. Others don’t receive it at all.
This lapse in cybersecurity awareness is the number one reason why cyberattacks are so common these days.
Knowledge is power, and this is true for preventing cyberattacks too. Know your enemy to know their tactics and how to defend against them!
Cybersecurity Ventures – Cybercrime to Cost the World $10.5 Trillion Annually By 2025
ITGovernance – List of Data Breaches and Cyber Attacks in 2023
Privacy Affairs – Why Is Phishing so Common and How to Protect Against It?
Privacy Affairs – The State of Cyberbullying in 2023
Lepide – 15 Common Types of Cyber Attacks and Threats
Privacy Affairs – Cybersecurity Deep Dive: What Is the Principle of Least Privilege?
PrivacyAffairs – The Art of Cyber Deception: Social Engineering in Cybersecurity
DNI Gov. – Spear Phishing and Common Cyber Attacks
Abnormal Security – Colonial Pipeline Attack: Phishing Email Likely the Culprit
Phoenix Nap – How to Prevent DDoS Attacks: 7 Tried-and-Tested Methods
Privacy Affairs – Cybersecurity Deep Dive: Everything About DDoS Attacks
GetAstra – 45 Global DDOS Attack Statistics 2023
ProofPoint – What Is DNS Spoofing?
BeyondIdentity – Rainbow Table Attack
Cynet – Zero-Day Attack Prevention
Kaspersky – What Is Cryptojacking and How Does It Work?
Fortinet – Watering Hole Attack
SecurityWeek – Chinese Attackers Hacked Forbes Website in Watering Hole Attack: Security Firms
PaloAltoNetworks – What Is DNS Tunneling?
WestStarBank – BEC Attacks: What They Are and How to Protect Yourself?
Privacy Affairs – Top 20 Largest-Ever Cyberattacks in Europe