Definition: A cyber attack is a deliberate attempt by a hacker to deliberately disrupt a computer network or system, usually, but not always, for some kind of personal gain or benefit.
According to findings from the 2019 Cost of Data Breach Study:
- The lifecycle of a data breach was longer in 2019 than in previous years.
- There was a 130% increase in breaches from 2006 to 2019.
- Malicious attacks were the most common cause of the data breaches.
There are several different types of cyber attacks out there, however some hit the headlines far more than others. We’ve put together a short snippet about the most popular, to explain a bit more about what they do. You can also download a brief description of each in poster format to raise awareness around your organisation.
The Most Common Types of Cyber Attacks
Malware is a catch-all term for malicious software: spyware, ransomware, viruses, worms. Malware makes its way into a network or system through a vulnerability. Typically, a user may click a link or download an email attachment. Once it’s infiltrated the system, the malware can:
- Block access to parts of the network (often in exchange for a fee to unblock – ransomware)
- Install additional harmful software
- Secretly transmit data from the hard drives (spyware)
- Make the system unusable by disabling or disrupting certain components
Phishing is a cybercrime whereby individuals are targeted via email by someone fraudulently posing as a legitimate business to encourage them to reveal personally identifiable information, including passwords and bank details. Phishing is incredibly common and on the increase.
See our Top Tips for Spotting a Phishing Email blog post and downloadable resources.
These are also known as ‘eavesdropping attacks’. The attacker inserts themselves into a two-party transaction to filter and steal data. Common entry points include:
- When using non-secured public WiFi and attacker can sit between the guest devices and the network, seeing all information passing between the two.
- After malware has breached a device or system, the attacker can install software to access all of the information within this.
This type of attack obliterates resources and bandwidth by flooding the system, server or networks with traffic. The system therefore is unable to process legitimate requests. When multiple compromised devices are used in an attack this is known as a DDoS (distributed-denial-of-service) attack.
An Structured Query Language (SQL) injection is an attacker inserting malicious code into a server that uses SQL. This forces the server to reveal information it shouldn’t. SQL injections can be carried out as simply as inputting malicious code into an insecure website search box.
This occurs when a network vulnerability is announced, but a patch or fix hasn’t yet been implemented. Attackers go after the vulnerability during the time between announcement and solution.
Protect Your Organisation from Cyber Attacks
You might have the best locks on your doors and CCTV to keep watch, but are your IT systems protected?
At M-Tech we’re huge advocates of cybersecurity, it’s far better to protect your business than try to recover it. Aside from the cost of downtime, consider the loss of data, damage to reputation, potential fines/legal repercussions.
The world of cyber security is vast and growing. There’s a lot to think about, including:
- Anti-hacking (penetration) testing
- Firewall protection
It’s not all doom and gloom, at M-Tech we want to make managing your IT as stress-free as possible. We’re experts in cybersecurity and can give you the confidence that your IT is secure, compliant and fit for purpose.
Don’t wait until it’s too late, talk to us about the security of your business today.