Cyber
Understanding Common Types of Cyberattacks
July 20, 2023
As businesses and individuals become more dependent on technology, cybercriminals are developing major cyberattacks that steal important data, disrupt operations or even paralyze the user’s ability to conduct activities online. It’s important to understand the types of cyber threats that are common these days so you can arrange adequate protection.
What Is a Cyberattack?
In simple terms, cyberattacks occur when someone attempts to access digital devices or an entire IT system without authorization. The purpose of these cybersecurity attacks is to either steal data, perform extortion by preventing access to an organization’s data, disrupt business operations either as a nuisance or a deliberate attempt to damage a company, conduct espionage or perform other illegal activities.
While there are different types of cyberattacks, all involve efforts to identify and exploit vulnerabilities in your company’s technology, operating practices or even your security policies. And although people who haven’t dealt with a cybersecurity attack may think of them as more of a nuisance than a real danger, they can be remarkably costly. Statista reports that the average cost of data breaches in the U.S. reached $9.44 million in 2022.
Potential Impacts of Common Cybersecurity Threats
Data breaches are only one example of what happens during a cyberattack. Hackers can also disrupt a company’s operations, tap into connections with key customers and suppliers, or access personal information about employees. One of the greatest risks is reputational harm, as customers may be less like to trust a company that’s been a victim of cybersecurity threats.
Cyberattack Target Sizes
Many owners of small and mid-size businesses underestimate the likelihood they’ll fall victim to cybersecurity threats. After all, they reason, hackers are more interested in catching bigger fish. But hackers recognize that smaller companies lack many controls and processes that larger companies use to protect themselves, making them an easier target for most common cyberattacks. Some hackers will get into a smaller company’s systems to gain access to their larger customers’ networks.
Cyberattack Industry Targets
Cyberattack examples can be found in all sorts of industries. However, some sectors make especially rich targets for cybercriminals, primarily because of the nature of the data they maintain. Healthcare and education providers keep extensive personal data on the people they serve, retail and hospitality businesses handle huge volumes of debit and credit card transactions, and manufacturers often store valuable trade secrets and similar information digitally.
Common Types of Cybersecurity Attacks
Companies worldwide have dealt with a growing list of cyberattacks, and the people and organizations (including some governments) behind those attacks have become increasingly sophisticated and effective. Today’s businesses may face several cyberattack types:
Ransomware Attack and Double Extortion Ransomware Attack
Recently, ransomware has drawn attention in the media as large companies, hospitals and municipalities have had their systems and critical data held hostage. Typically, attackers load malware on a system, often through a phishing attack that gets a user to unwittingly click on an automatic download. The malware spreads through a network (and across data backups) before encrypting the data and locking the system. Usually, the attackers then demand a hefty ransom to be paid in cryptocurrency. If the targeted company has saved its data backups offline and refuses to pay the ransom, the attacker then threatens to release the data publicly, known as the “double extortion” attack.
Social Engineering Attacks
Social engineering involves psychological manipulation of people to trick them into performing actions or divulging confidential information that may allow fraud or other illegal activity to occur. Phishing is not the only type of social engineering fraud, but experts say it’s a leading cause of security breaches.
Phishing emails show up in our inboxes every day. Most use the approach of a legitimate-looking email that appears to come from a source we recognize or trust. Commonly, the attackers hope we’ll click a link in the email that either loads malware onto our computer or provides access to the company’s network.
Common phishing attacks include the following:
- Spear phishing involves sending emails ostensibly from a known or trusted source to induce individuals at a targeted organization to reveal confidential information.
- Whale phishing is similar to spear phishing but involves attacks focused on senior executives and other key targets.
- Vishing is an increasingly common technique using legitimate-sounding voice mails to provoke a response.
- Smishing is similar to vishing but is used with text (SMS) messaging.
Business Email Compromise Attack
Many network attacks begin when hackers send emails claiming to be from someone the victim knows and trusts, such as the company’s CEO or a longtime vendor. The emails ask the recipient to handle what appears to be a legitimate request, such as making a wire transfer or purchasing some gift cards. Interacting with the email gives the hacker access to account information or other data that can be used to steal or wreak havoc.
Man-in-the-Middle Attack
A man-in-the-middle cyberattack refers to a cybercriminal intercepting a digital interaction or exchange between individuals, systems or an individual and a system. Suppose you’re traveling, and while waiting for your flight, you use the airport’s free Wi-Fi to check your bank account. A hacker can intercept your data traffic, capturing your login information and password to allow later access to your account.
Jackware Attack
Jackware incidents consist of cybercriminals hijacking victims’ embedded systems via malware. The code allows the attacker to take control of the user’s session, substituting the attacker’s IP address for the user’s, which fools the system into believing it’s communicating with an employee or other authorized user. This may allow the attacker to access data and other vulnerable contents without the system’s knowledge.
Credential Stuffing Attack
Credential stuffing incidents entail cybercriminals leveraging stolen usernames and passwords to gain access to additional accounts and systems. For example, a cybercriminal may obtain a target’s username and password for a social media account and use those same login credentials to try and access the victim’s other systems (e.g., email accounts, banking applications or workplace networks). From there, the cybercriminal could steal sensitive data stored on these systems and use this information to engage in other nefarious acts, such as illegal fund transfers.
SQL Injection Attack
If your company’s website stores sensitive data such as account details and login credentials in an SQL database, hackers may use what’s known as an SQL injection attack to fool that database into allowing access to that information. Once they have those credentials, they can dig deeper into your site to steal more information or cause the system to shut down.
Zero-day Exploit Attack
Sometimes hackers find a software vulnerability or flaw before the developers notice it, then use it to access data or damage systems. They’re called “zero-day” exploits because the vulnerability exists, giving the company “zero days” to solve the problem.
DDoS Attacks
A distributed denial-of-service (DDoS) cyberattack occurs when a cybercriminal attempts to interrupt an online service by flooding it with fake traffic. DDoS attacks overwhelm targeted networks or other systems, so they shut down and disrupt normal operations.
Internet of Things Attack
The growing number of Internet of Things (IoT) devices (everything from drones, to smart speakers and appliances, to toys) has created new targets for cyberattacks. These connected devices are targeted for the data they access or, in some cases, to create remotely controlled “bot armies” that can be used to distribute malware or conduct DDoS attacks. Few IoT devices are equipped with anti-virus software that protects computers and phones.
Password Attacks
There’s an old theory that if you placed enough monkeys behind typewriters, one would completely by accident write one of Shakespeare’s plays. Password attacks are built on a similar premise: if you randomly generate enough combinations of usernames and passwords, you’ll eventually manage to get into someone’s system. Password spraying is an example in which hackers test a single password across many accounts. Far too many users have easy-to-guess passwords like “12345678” or “password,” allowing hackers to gain access to their accounts.
Insider Threats
While business owners generally consider most types of security attacks to come from external sources, the reality is that some attacks are carried out by disgruntled employees who have access to sensitive information. The high-profile arrest of the Air National Guardsman alleged to have shared national defense documents on social media is a big example, but a quick Google search will provide long lists of companies that suffered significant losses or operational issues after an employee stole data or corrupted systems to “get back at” their employers. Limiting employee access to only the systems they need to perform their work can prevent some of these types of hacking attacks.
Supply Chain Attacks
Concerns about the integrity of your own company’s system and its ability to withstand cyberattacks are one thing. Just as concerning is the idea that security flaws at companies you work with could also expose your company to attacks. What’s known as a data supply chain attack—sometimes called a value chain attack or third-party attack—occurs when a bad actor infiltrates a company’s information technology system through a third party. For example, the massive 2014 breach affecting retailer Target began when a hacker stole login credentials from a local contractor that provided repair services to several stores.
Be Prepared for Cyberattacks
The number of cyberattacks and their impact on businesses grow each year. Experts estimate that more than 2,300 cybercrimes occur daily and that the number of cyberattacks and data breaches jumped by 15.1 percent during 2021. A report from ThoughtLab suggests that two in five corporate security officers worry their companies aren’t effectively prepared for the rapid growth in cyberattacks. Read Cybersecurity Statistics and Trends Impacting Businesses to learn more.
White House Recommendations
The federal government has urged businesses to take concrete steps to protect against different types of hacking:
- Mandate the use of multifactor authentication on your systems to make it harder for attackers to get onto your system.
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats.
- Make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors.
- Back up your data and ensure you have offline backups beyond the reach of malicious actors.
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack. Learn more about developing your incident response plan here.
- Encrypt your data so it cannot be used if stolen.
- Educate your employees on common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly.
- Engage proactively with your local FBI field office or CISA regional office to establish relationships in advance of any cyber incidents. Encourage your IT and security leadership to visit the websites of CISA and the FBI, where they will find technical information and other useful resources.
Secure the Proper Cyber Insurance Coverages
Cyber liability insurance, sometimes called cyber risk insurance, cyberattack insurance or cybersecurity insurance coverage, helps companies respond to and recover from the financial impacts of cyber-related events. Learn more about cyber insurance here.
How Hylant Can Help You
Cyber risk management is complex, and the consequences of a weak plan or poorly written insurance policy can be severe and far-reaching. It pays to work with experts.
Hylant’s dedicated cyber risk and insurance experts work with organizations to help their leadership teams, boards of directors, risk managers and IT teams understand their cyber risks from an insurance perspective. We provide risk profiling, exposure quantification, insurance procurement and negotiation, risk readiness and incident response planning services. Working with our clients, we minimize the potential financial and reputational impacts of cyber events on their organizations. Learn more here.
The above information does not constitute advice. Always contact your insurance broker or trusted advisor for insurance-related questions.
Related Insights
Understanding the Impact of NIST CSF 2.0: Key Updates and Their Significance
October 3, 2024
Insurance Considerations for Riots, Vandalism and Civil Unrest
October 1, 2024
Why Some Homes Are Harder to Insure
September 24, 2024