Cyber attacks are on the rise. Names like WannaCry and Petya/NotPetya have practically become household names. Cryptojacking, where a device is unwittingly used to mine cryptocurrency, is now a thing. And who could forget the Equifax breach of 2017 where the records of more than 145.5 million consumers were compromised?
Cyber attacks can be especially devastating to a small business. Seventy-five percent of small businesses have experienced a data breach in the last 12 months. Sixty percent were unable to recover in the wake of a cyber attack.
If you’re a business owner, the signs are clear: cybersecurity is becoming a mandatory part of running any business. Education is a good first step toward protecting your business. In this post, we’ll cover the major types of cyber attacks that are out there and how to defend against them.
1. Injection attacks
Injection occurs when data entered into an application tricks it into executing a malicious command, often to access protected data. The most common example of this is SQL injection (SQLi) in which a hacker inputs a malicious SQL command into a form or field on a website, giving the attacker back-end access. However, SQL isn’t the only language that can be exploited; injection attacks can be conducted in similar ways using a number of languages, including XPath, LDAP, NoSQL, and XML.
The biggest way to prevent injection attacks is to use proper data validation and data sanitization techniques on external inputs from end users and third-party applications.
- Data sanitization involves filtering data from a user, API, or webservice by stripping tags, removing line breaks, and otherwise ensuring the interpreter receives data as intended.
- Data validation takes things a step further, analyzing input data against a predefined pattern and returning valid or invalid for any given input. If you’ve ever encountered a phone number field that only lets you input numbers 0-9, you were dealing with data validation.
Malware is malicious software that is intended to damage, disable, manipulate or otherwise corrupt a device, computer, or system. There are lots of different types of malware, including adware, ransomware, worms, trojans, viruses, and other software designed to compromise a system.
Once installed, malware can do anything from displaying unwanted pop-up ads to stealing data and locking you out of your own PC. We’ll cover some of the more interesting forms of malware later in this article.
The best defense against malware is to not install it. Avoid clicking risky links in comments sections of websites, visiting unscrupulous websites, clicking ads, and downloading attachments from spam emails. We’ll cover phishing in more depth in the next section.
3. Denial-of-service (DoS)
A denial-of-service attack involves overloading networks, servers, and other systems with enough traffic to exhaust resources, deplete bandwidth, and render a service unusable.
In recent years, the DDoS or distributed denial-of-service attack has become more popular, due to the ease with which one can set up a botnet (i.e. a network of infected devices that can be used for an attack).
ISPs offer “clean pipe” services for businesses that commit to a guaranteed bandwidth of legitimate traffic. There are a number of cloud service provides that can filter incoming traffic for DoS attacks for you. Finally, you can install specialized DoS hardware at all the physical “entrances” to your network and effectively filter all the incoming traffic.
When it comes to absorption—your system’s ability to withstand an attack—increasing the natural capacity of your network to handle larger volumes of traffic can help you mitigate smaller DoS attacks and help you deal with the sudden surge of traffic that can come from a media release.
Remember that “Nigerian prince?” They finally caught him. He was actually a man from Louisiana. His emails would claim you were named as a beneficiary in a will left behind by Nigerian royalty, and they just needed a deposit and some personal information to legitimize the claim.
Most phishing scams are more subtle, but the essence is the same. A criminal sends an email, text, or other messages to an unwitting user, in the hopes that they’ll respond with personal information, send money or download malware.
Your best defense is to never respond to spammers. Ignore them and, if one does catch your attention, fact check any claims with a simple Google search.
Ransomware is a type of malware that locks a user out of their computer system until a ransom is paid. Once installed—typically through a phishing email or text—the ransomware encrypts some or all of a user’s files, leaving behind a note that explains how a user can get their data back, usually by making a payment to an anonymous wallet address through Bitcoin.
The best defense against ransomware is to backup your data. While it’s usually enough to defend against phishing attempts, there are more sophisticated ransomware, such as 2017’s NotPetya, that are able to spread on their own by using vulnerabilities in the Windows operating system.
There’s nothing safer than storing your important files on a server or hard drive isolated from the rest of your network and the internet. But simply backing files up on a cloud service or on a hard drive can also help.
In November 2017, Adguard reported a 31 percent increase in browser-based cryptojacking. Cryptojacking may use malware to turn your device into an unwitting participant in a botnet for mining cryptocurrency.
Alternatively, the attack could hijack your browser as an infected ad pop-up and mine cryptocurrency without storing any code on your computer. If this was to happen to you, the most you might notice is a lag in performance and latency issues at certain times of the day.
You can guard against cryptojacking the same way you avoid any malware, by learning to recognize phishing attempts and avoiding sketchy websites. Consistently monitoring your memory usage statistics and internet performance can also help you notice when something is off.
A man-in-the-middle (MITM) attack involves a criminal secretly intercepting communication between two parties and “eavesdropping” on the transaction. The attacker can also interfere with the transaction by swapping the data payload from one party with malicious code. The attacker must impersonate each endpoint of the transaction. For example, if John were trying to send Jane bitcoins over an MITM compromised network, the attacker could impersonate Jane’s endpoint and substitute Jane’s wallet address for their own. John would send bitcoins to the attacker’s address thinking he was paying Jane.
Besides avoiding untrusted Wifi hotspots, MITM can also be avoided by using authentication and secure channels. Certificate-based authentication can be used to harden internal networks from outside attacks by making it more difficult to impersonate an endpoint.
How to take cybersecurity to the next level
This list only covers the types of cyber attacks you’re likely to see in the headlines of mainstream news outlets. The Open Web Application Security Project (OWASP) is a community of cybersecurity professionals actively seeking to make the web a safer place. For a more indepth look at cybersecurity threats, I encourage you to familiarize yourself with the OWASP Top 10.
Staying up to date on the latest exploits, vulnerabilities, and cybersecurity threats is hard work. From performing a security audit to vulnerability testing, a cybersecurity expert can help you secure the future of your next app.