Top 5 Common Cybersecurity Threats

Swastik Pareek July 23, 2020

Top 5 Common Cybersecurity Threats 

Top 5 Common Cybersecurity Threats

Top 5 Common Cybersecurity Threats: As there is an exponential growth in IoT(Internet of Things) also increases the number of cyberattacks. 
There are various vulnerabilities that are founds and hackers are always are ready to exploit them. Hello, folks today we are going to discuss some common cyber threats. We discuss the Top 5 Common Cybersecurity Threats, how they work and some cyber attack prevention. So let's begin...


Content

  1. Malware
  2. Phishing
  3. Password Attack
  4. DDoS (Distributed Denial of Service)
  5. Man in the Middle (MITM)
  6. Conclusion


Types of attacks in cyber security


1. Malware

Malware is defined as a malicious code that can have the ability to destroy or steal data from someone computer The malware itself holds a various variety of cyberattacks including trojan, virus, worm, adware, and etc. These kinds of cyberattacks also come under internet threats. Different type of malware has a different way to damage so let's see how they work...


Working:-

So first of all viruses, as its biological name suggest viruses attach themself to clean file and also infect other clean file and they can spread uncontrollably damaging a system core functionality and deleting of corrupting files. They usually appear on your PC by downloading any file from the internet. Now Trojans, this kind of malware pretend as a legal software or we can also say it is attached with the legal software it's intent to create backdoors in the security system. Then we have Worm, they damage the entire network either local or remote(through the internet) of any device and then we have botnets, these are the network of infected machines that are connected to each other to work together. These are mainly used to doing attacks like DDoS(Distributed denial of Service).


Prevention:-

OK so now how to prevent these different kinds of malware. Well, Different type of malware has a different way to damage so each kind of malware required a different kind of method to remove malware. The best way to prevent malware is by avoiding to clinking on the and unknown link or avoid to download unknown attachments. Sometimes it also is done by an updated firewall which prevents the transfer of large data files over the network in the hope to weed out attachments that may contain malware. It is also important to make sure your computer is run on the latest security update and programmers should update programs frequently to remove any hole or weak point if it can have.


2. Phishing

While Phishing is a process of stealing data from the user by sending fake emails and ask the user to open the link and fill their personal details. A phishing email is increasing exponentially in recent years and it makes it difficult for people to distinguish between legal email or any false one and phishing emails are often falling into spam mails but they are more harmful to any ad. Let's see how phishing works


Working:-

Most of the phishing attack is done bu using email phishing. An attacker sends a fake email of a bank, credit card companies or other businesses like Amazon, eBay, and Facebook. These messages are look similar to an authentic and attempt to get a victim to enter their personal information. But email messages are a small part of phishing scams. The whole process behind it looks like, the first attacker decided which business have to target and determine how to get an email of the customer of that business. Then there is a setup phase in this step attacker set up a method fo delivering the messages and collecting the data. Then they execute the attack, an attacker sends a phony message that looks like from any reputable source. Next, the attacker records the data that the victim enters and redirects to another page and the last step is an identity theft that is attacker use the collected in purchasing something illegally.


Prevention:-

Now how to prevent phishing, basically phishing emails have a common property. Like they are written in a very generalized way, and they are not from any reputable source. Things you should have to check are:-
  1. Check the sender's email address.
  2. It contains a generalized form of content.
  3. Always hover the link to check the redirect link and the link may look like a fake domain address of any reputed site.

3Password Attack

This is one of the common cyber security attacks. In this type of attack, the attacker obtains or decrypts the victim's password for doing any illegal attack. Hackers use password cracking tools, dictionary attack and some password sniffers to establish this attack. Password Cracking means, the different number of ways to discover a computer password. 


Working:-

It is done by using any password recovering tools by recovering the password from the data store and transport from one computer to another. It is done by guessing the password again and again by using any computer program. In which computers try a number of combinations until it successfully discovered. Today there are three common ways of gaining the password. First is the Brute Force attack, In this attack, attackers use any computer program or any script to try to login with possible password combinations which is mention in the password list. Second is the Dictionary attack, in this attack, the attacker uses a computer program or any script to try to login by cycling through the combinations of common words which are commonly mentioned in the dictionary. The last attack is a keylogger attack, an attacker uses a program to track the user's keystroke. So at last hackers gain all the information that a victim entered.


Prevention:-

Now the only way to stop yourself from getting killed in the whole password attack conundrum is by actually practicing the best practices that are being discussed in the whole industry about passwords so basically, 
  1. You should update your password regularly.
  2. You should use alphanumerics (using both letters and numerals) in your password.
  3. You should never use words that are actually in the dictionary it's always advisable to use garbage words that make no sense for passwords as they just increase your security.


    4. DDoS (Distributed Denial of service)

    Well, DDoS basically stands for Distributed Denial of Service. DoS attack focusing on disrupting the service to the network. Attackers send a high amount of data at a time until the system is overloaded and stop functioning. This kind of threat comes under network threats.


    Working:-

    There are common attacks in which an attacker can achieve the DoS attack but the most common way is DDoS attack. In this type of attacker use a number of computers to send the data to a specific network to overload it. These group of computer is known as Botnets and even the people he or she has no idea about his/her contributing DDoS. There are multiple reasons for DDoS attacks like any kind of protest toward the government.


    Prevention:-

    If your company is not huge, there are very fewer chances for the DoS attack by an attacker. Now the best way to protect these kinds of attack are:-
    1. Keep your system secure with regular software updates.
    2. Monitoring of your data flow to identify nay spikes in traffic so you can take any action as soon as possible.
    3. There is one more way to prevent DDoS attacks by simply cut the cable which connects you with the internet.


    5. Man-in-the-middle

    This is the one of the types of cyber attacks. In this type of attack, the attacker obtains the information form the end-user and he or she communicates with. Let's take an example to suppose there are two-person A and B communicate with each other and there is an attacker in the middle.  So a man in the middle attack works like the man in the middle would communicating with A  by impersonating you as B and communicating with B impersonating A. The man in the middle will receive all the information which is transferred between A and B.


    Working:-

    Normally an attacker as a man in the middle gain access through any nonencrypted wireless point which doesn't use any kind of security measures like WEP or WPA or WPA2 or any other security measures. Then they would have to access all the data that are transferred between the victim these all are done by using a technique called address resolution protocols(ARP) this is a protocol that is actually used when we connect to your gateway.


    Prevention:-

    Now there are some points that are used to protect you against the man in the middle attack and they are:-
    1. Use encrypted wireless access points like WPA or WPA2 for network security.
    2. Always check the security of your connection(HTTPS/HSTS).
    3. Always use a good virtual private network (VPN) that spoofs your IP and helps you to do safe browsing. 


    Conclusion:

    So, guys, this was a brief discussion about the Top 5 Common Cybersecurity Threats, their working and how can we prevent them, from mine side. You can do more research on this topic. Also, you can take the help of the cybersecurity section on our blog. Feel free to comment in our comment section, if you come with any doubt. That's it for today, see you soon... 
    Tags

    Post a Comment

    0 Comments