When Will It Happen to You? Top Cybersecurity Attacks You Could Face

by Sarah Harvey / August 28th, 2018

In the 2017 Internet Crime Report, an estimated $1.4 billion was lost due to different types of cybersecurity attacks. So, what does that mean for your industry? Simply put: no organization is safe these days. Data breaches have been occurring much more frequently, and malicious hackers are looking for any weak link in your organization to compromise your security posture. You must learn how to protect yourself, your clients, and your data from malicious hackers by ensuring that your security posture is up-to-date, in place, and functioning properly. Let’s take a look at the common types of cybersecurity attacks, how organizations have been affected by them, and what you could be paying in the event that an attack happens to you.

Types of Social Engineering

Social engineering attacks occur every day and can put your organization, your employees, and your clients at risk. Social engineering is a type of cybersecurity attack that leverages and manipulates human interactions in order to gain unauthorized access to your organization. Social engineering targets your employees, from entry-level to C-level, in hopes that they will unintentionally compromise your organization. Types of social engineering attacks include:

  • Phishing: Involves some type of deceptive, false communication, usually intended to compromise credentials or inject malware. I’m guessing that in the last year, you’ve gotten at least one phishing email. These emails attempt to look legitimate, but when you click the embedded link or download the PDF, you compromise your systems.
  • Spear-Phishing: A more targeted, customized attack than phishing. In a spear-phishing attack, the target will see their name, position, office number, or some other piece of personalized information in an email, which tricks them into thinking the email is legitimate.
  • Whaling: When a spear-phisher makes a conscious decision to target C-level employees, this is considered whaling. The logic behind whaling is to attack the most senior-level employees because of their authority and amount of access. It’s not uncommon for whaling attacks to work, because so many executives do not participate in the same security training as other employees.

In 2017 alone, the Internet Crime Report attributes $29.7 million lost due to social engineering attacks. Organizations such as LifeLock, SnapChat, and Seagate have been notable victims of social engineering attacks. Each of these organizations lost critical data such as employees’ social security numbers, W-2 tax information, email addresses, phone numbers, and dates of birth.

Can every single employee at your organization quickly identify a social engineering attack? Social engineering specifically counts on employees’ lack of awareness, inadequate security training, and informal usage policies. With the amount of phishing, spear-phishing, and whaling that occurs every day, employee awareness is crucial to the security of your organization.

Cybersecurity and Malware

Malware is a type of cybersecurity attack that compromise systems through external software that’s specifically been written to harm. Ransomware, a type of sophisticated malware, is the attack method that you’ve seen over and over again in the headlines. Ransomware essentially holds data hostage using encryption keys until the target pays the ransom. This type of malware attack exploits both human and technical weaknesses, and the result is usually a lose-lose scenario. Your organization could pay the ransom and recover the data, but then your ransom is funding other cybersecurity attacks. You pay the ransom but never recover your data, plus have to pay the costs of repair. Or you could choose to not pay and not recover, but then you’ve lost your data and now have to pay the costs of repair. Think about the City of Atlanta – the Ransomware attack by SamSam cost the city over $2.6 million in recovery efforts and took down major department. The financial, reputational, and operational implications are exactly the reason why malware prevention is so important.

Ransomware attacks that have made headlines recently include:

  • WannaCry: Resulted in more than 200,000 infections across 100 countries within days, using leaked vulnerabilities found by the NSA. Britain’s National Health Service and Germany’s Deutsche Bahn were among the hardest hit. Ironically, the critical patch needed to prevent WannaCry was available before the attack began.
  • Petya: Global attack using the EternalBlue vulnerability in Microsoft Windows.
  • NotPetya: Suspected as a state-sponsored attack that represents a weaponization of ransomware; traditional recovery vectors outside of backups and business continuity planning were largely ineffective.

It’s worth noting that no type of malware completely fades away. Every threat that has ever been classified remains at large. The very first worms and malware ever written still exist and are capable of system infection. Black Energy, Storm, Cornficker, and Duqu remain actively developed, maintained, and deployed by proficient black hat hackers. Other older viruses just persist, allowed to continue by poorly maintained systems, old distribution networks, and user complacency. Even when not actively used for data destruction, malware can remain a threat to system stability and continuity.

Denial of Service Attacks

A Denial of Service (DoS) attack is a type of an external intrusion used by malicious hackers to shut down the web servers of organizations – banking, commerce, government, and trade companies – by flooding or crashing them and exploiting vulnerabilities in their systems. Similarly, a Distributed Denial of Service (DDoS) attack is a more extreme, complex form of DoS because hackers infiltrate a system from more than one location, increasing the volume of machines flooding a system and making it more difficult to track and shut down.

These types of cybersecurity attacks prevent employees and other network users from using an organization’s systems, causing organizations to lose both time and money while trying to get their systems back up and running. Although DoS/DDoS attacks don’t often result in the loss of sensitive information, hackers frequently request a ransom. Cryptocurrencies have recently become large targets of Dos/DDoS attacks, with an attack against the cryptocurrency Verge resulting in around $1.7 million being stolen.

What do each of these types of cybersecurity attacks have in common? They each pose major financial, organizational, and reputational risks to all industries, regardless of the size or type of a business. Are you prepared for when, not if, one of these attacks happens to you? Contact us today for information on how we can support you and ensure that you have a strong security posture in place.

More Resources

5 Best Practices for Preventing Ransomware

Defend Yourself Against WannaCrypt

PCI Requirement 5: Protect All Systems Against Malware

Using the NIST Cybersecurity Framework to Protect PHI

SOC for Cybersecurity FAQs