Cyber attacks: what are the main ones and how to protect yourself from them?
In a digital world, the number of cyber-attacks is on the rise. In fact, according to Kaspersky, a leading cybersecurity company, during the pandemic they increased by 25 %. As a consequence, so does concern and investment in protection systems. These attacks can compromise all kinds of information, putting companies and individuals at risk. Below, we review some of them and how to protect yourself against them.
IS THE DIGITAL ERA ALSO THE ERA OF CYBERATTACKS?
Would you like someone to tell you about it? Listen to this article. For those who want to change the world.
The 21st century is the century of digitalisation. The constant technological evolution of artificial intelligence and big data, among other tools, and the development of the Fourth Industrial Revolution have many pros, but also cons. This totally digitalised world is vulnerable. Cyberattacks are increasingly becoming the order of the day, and can expose sensitive information on individuals, companies and governments.
DEFINITION OF CYBERATTACK
A cyberattack is a set of actions directed against information systems, such as databases or computer networks, with the aim of harming people, institutions or companies. This type of action can target both the equipment and systems that operate on the network, cancelling their services, and the databases that store information, which can be spied on, stolen or even used for extortion.
Today, cyberwarfare is more likely to occur than traditional warfare, as experts Alec Ross and Keren Elazari noted in the March 2021 Shapes. In fact, more and more criminal organisations are turning to cyberattacks. This is because they are highly cost-effective and require a less complex infrastructure, as well as being extremely difficult to track and therefore to detect.
"These evolutions in cybercrime have spectacular costs. In 2021 is projected to hit $6 Trillion USD. That number will grow to more than $10 Trillion by 2025, making cybercrime one of the defining issues and challenges for business and society in the years to come", says Ross. For Elazari, "states and corporations alike have redrawn the battle lines, which are now virtual".
TYPES OF CYBERATTACKS
Not all cyberattacks are the same. There are several types depending on how they are executed, their purpose, their victim, etc. Here, from Kaspersky, a leading cybersecurity company, we summarise the most common ones:
Phishing is the sending of fraudulent messages, usually via email, that appear to come from trusted and secure sources. The main objective of this type of cyberattack is to steal highly sensitive personal data, such as login information or credit card details, among others.
This refers to malicious software that includes viruses and worms. Basically, it exploits vulnerabilities to breach networks and typically attacks when a user clicks on a link or email attachment. Its impact ranges from installing malicious software to blocking access to key network components (ransomware) or stealing information (spyware).
A Structured Query Language (SQL) injection occurs when a hacker inserts malicious code into a server that uses SQL, forcing it to reveal information that is protected or that it would not normally reveal. The hacker can do this by simply submitting malicious code into a search box from a vulnerable website.
Denial of Service attack
This cyberattack results in the saturation of systems, servers and even networks with traffic in order to exhaust resources and bandwidth. Hackers often use a variety of devices specifically prepared to launch the attack and the consequences result in the inability to complete legitimate requests.
These are some of the best known and most widely used cyberattacks, but there are others, such as man-in-the-middle attacks, zero-day attacks, DNS tunneling, etc.
HOW TO PROTECT YOURSELF FROM A CYBERATTACK
Cyberattacks pose a serious threat to our current way of life. Therefore, here are some keys to protect ourselves from cyberattacks:
Electronic devices at home and in the office should always be kept up to date, as updates fix security flaws in older versions. In addition, we should also install the latest generation of antivirus software.
Use of long and complex passwords
It is essential to use numbers, symbols and upper and lower case letters, and you should not always use the same passwords. Under no circumstances should we use the name of a loved one, a pet or our favourite singer.
Check authenticity of links and profiles
Phishing and malware, two of the most common cyber-attacks, use fraudulent links to access sensitive information. On social networks, it is common to find fake profiles whose aim is to steal data by posing as companies.
Do not provide personal data
Especially on unknown or unreliable social networks and websites. In fact, we should only give personal data in essential cases and in safe spaces, and be aware of the texts or images we send to unknown people.
Reporting to the authorities
When you come across a website of dubious origin or inappropriate content, and which therefore poses a risk to the user, one of the most sensible options is to report it to the competent authorities.
EXAMPLES OF CYBERATTACKS (FAMOUS CASES)
Since the beginning of the 21st century, there have been many cyber-attacks that have left their mark in different ways, such as their scope, their economic impact and even the panic they have generated:
In 2017, a large number of computers across Europe had their systems compromised, their files encrypted and all user access blocked. Thousands of companies were paralysed in a matter of minutes by ransomware distributed on the network (WannaCryptor). This attack is remembered for the enormous economic losses it caused.
In 2008, a complex worm infiltrated vulnerable Windows systems (2000, XP, Vista, Server 2003 and Server 2008). The attack had a massive reach - 10 million infected computers in 190 countries - and its sheer complexity set off alarm bells. The speed at which it spread led to it being classified as a military threat.
In the summer of 2010, one of the most sophisticated cyber spies emerged. Its aim was to attack critical infrastructures and industrial environments, including nuclear power plants, for example in Iran, and panic ensued. This virus would hack into systems, steal sensitive information and then order their self-destruction.
In 2016, a ransomware appeared with the ability to infect computers and encrypt their data, making it totally impossible for the user to use them. This virus basically affected Windows systems through an executable PDF that the victim opened himself. The most sinister aspect of this cyber-attack was that the computer screens displayed a skull.