Cyber security professionals continually defend computer systems against different types of cyberthreats. Cyberattacks hit businesses and private systems every day, and the variety of attacks has increased quickly. According to former Cisco CEO John Chambers, “There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.”
The motives for cyberattacks are many. One is money. Cyber attackers may take a system offline and demand payment to restore its functionality. Ransomware, an attack that requires payment to restore services, is now more sophisticated than ever.
According to Secureworks, their CTU researchers “observed no less than 257 new and distinct ransomware families in 12 months.” In cases where attackers are looking for ransom, “53% of cyberattacks resulted in damages of $500,000 or more,” Cisco reports.
Other hackers look to effect social change or make a political statement – an attack sometimes called “hactivism.”
Corporations are vulnerable to cyberattacks, but individuals are targets too, often because they store personal information on their mobile phones and use insecure public networks.
Tracking evolving and increasing cyberattacks is key to better cyber security. As cyber security professionals work to increase their knowledge of threats and cyber security information, recognizing most prevalent dangers is invaluable to those who seek an online cyber security master’s degree. Graduates of University of North Dakota’s Master of Science in Cyber Security online program can expect to gain a deep and nuanced understanding of cyberattack methods.
Top Types of Cyberattacks
Cyber security threats that do the most damage to business systems and personal devices include:
- Malware, a malicious type of software such as spyware, ransomware, viruses and worms. Malware is activated when a user clicks on a dangerous link or an attachment. The click leads to the installation of dangerous software. Cisco reports that malware, once activated, can:
- Block access to key components of the network (ransomware)
- Install malware or additional harmful software
- Covertly obtain information by transmitting data from the hard drive (spyware)
- Disrupt individual parts, making the system inoperable
- Emotet. The Cybersecurity and Infrastructure Security Agency (CISA) described it as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware.”
- Denial of Service (DoS) cyberattacks, which flood a computer or network so that it cannot respond to requests. A Distributed DoS does the same thing, but the attack originates from a network of computers. Cyber attackers often use a flood attack to disrupt the handshake process and carry out a DoS. Several other techniques might be used, and some cyber attackers use the time that a network is disabled to launch other attacks.A type of DDoS attack uses botnets. In this case, millions of systems can be infected with malware and controlled by a hacker, according to Jeff Melnick of netwrix, an IT security software company. Botnets, sometimes called zombie systems, target and overwhelm a target’s processing capabilities. Botnets are in different geographic locations and hard to trace.
- Man-in-the-Middle (MitM) attacks, which occur when attackers insert themselves into a two-party transaction. After interrupting the traffic, they can filter and steal data, according to Cisco. MitM attacks often occur when a visitor uses an unsecured public Wi-Fi network. Attackers insert themselves between the visitor and the network, then use malware to install software and use data maliciously.
- Phishing attacks, which use fake communication such as an email to trick the receiver into opening it and carrying out the instructions inside, like providing a credit card number. “The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine,” Cisco reports.
- Structured Query Language (SQL) injection attacks, which result from the insertion of malicious code into a server that uses SQL. When infected, the server releases information. Submitting the malicious code can be as simple as entering it into a vulnerable website search box.
- Password attacks. With the right password, a cyber attacker has access to a wealth of information. Social engineering is one technique, defined by Data Insider as “a strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices.” Other methods include accessing a password database or outright guessing.
Cyber security practices continue to evolve as the internet and digitally dependent operations develop and change. According to Secureworks, people who study cyber security are turning more focus on these areas:
- The internet of things. Individual devices that connect to the internet or other networks offer an access point for hackers.
- The explosion of data. Data storage on devices such as laptops and cell phones makes it easier for cyber attackers to find an entry point into a network through a personal device.
All companies and government agencies need maximum cyber security to protect their data and operations. Understanding how to address the latest evolving cyberthreats is essential for cyber security professionals.
University of North Dakota’s Master of Science in Cyber Security Program
Choosing the right online cyber security master’s program is crucial. The best programs offer courses that stay current with today’s cyber security issues and concerns.
UND’s online cyber security master’s degree program is accredited by the Higher Learning Commission and ranked by U.S. News & World Report as one of the Top 25 Most Innovative Schools (2018), alongside such prestigious institutions as Stanford, Harvard and MIT.
UND prepares students for careers in cyber security with concentrations in Autonomous Systems Cyber Security, Cyber Security and Behavior, Data Security, and General Cyber Security. For more information on UND’s M.S.C.S. online program, visit the program’s website.
What are the Most Common Cyber Attacks? Cisco
SecureWorks State of Cybercrime Report 2018 SecureWorks
Defending Against Today’s Critical Threats Cisco
Top 10 Most Common Types of Cyber Attacks netwrix blog
What is Social Engineering? Defining and Avoiding Common Social Engineering Threats Data Insider
Cyber Threat Basics, Types of Threats, Intelligence & Best Practices SecureWorks