• SmallBiz CyberWiz
  • Posts
  • šŸ±ā€šŸ’» Most common cyberattacks šŸ±ā€šŸ’»

šŸ±ā€šŸ’» Most common cyberattacks šŸ±ā€šŸ’»

What most of you can expect from hackers.

Author

Sead Fadilpasic
December 19, 2024

Whenever someone mentions ā€œcyberattacksā€, most people imagine a guy in a hoodie, sitting in a basement somewhere, saying ā€œIā€™m inā€ in a sinister voice, while random numbers race across the screen.

Hollywood has completely distorted the image of a hacker, and with it - the image of a cyberattack. Did you notice that these hackers never press ā€œEnterā€ in the movies?

Cyberattacks are completely different in reality, and in most cases, theyā€™re just elaborate scams that trick people into installing a program, or sharing sensitive information. In fact, most of them fall into these three categories: Fraud, DDoS attacks, and Malware/Infostealer attacks. Chances are, you were probably targeted by at least two out of three in the last year, alone.

Below Iā€™ll break down these categories, and explain which attacks fall into which category. That way youā€™ll be able to spot them easier, and avoid getting ruined overnight. 

Here we go:

Fraud

Fraud is, by far, the most common form of cyberattack. 

Here is what it includes:

  • Phishing attacks (email messages pretending to come from businesses, or acquaintances, requring immediate reaction and threatening grave consequences)

  • Business Email Compromise (when a hacker breaks into your bossā€™ email, and tells you to do something in secret - like wire a bunch of money)

  • Social engineering (fake Facebook/Instagram/LinkedIn accounts trying to trick you into downloading a program, ā€œinvestingā€, or visiting a specific website).

Fraud is also one of the most dangerous forms of cyberattack, and one that yields the best results. This is because the victims are tricked into doing certain things. And when you talk people into doing things, no antivirus or security solution will help them. 

Here is an example: 

Letā€™s say youā€™re running an architecture firm. A person approaches you via LinkedIn, and is interested in building an office space. They claim to have the real estate, and a solid budget. They are across the country, and for starters, they would like to hop on a video call to discuss the potential opportunity. However, they have very little time and want to start as soon as possible. For the video call, they usually use a tool called Meetio. They share a link.

Being excited about the potential opportunity, you rush into things and just download the program. The app works, you talk to the prospect, but mid-way through the call, you conclude that itā€™s not going to work out. You hang up and go about your day.  The next day you come to see that youā€™ve been locked out of your accounts, that most of the money was wired out of your bank account, and that your computers are locked down, too. 

What happened? The Meetio tool you downloaded for the video call came with a piece of malware that exfiltrated all your sensitive data while you were talking. Before you were done with the call, the attackers already had all your data, and just waited for you to call it a day to say ā€œIā€™m inā€ and wreak havoc.

This actually happened, by the way.

The moral of the story is - never trust the links people share. Rather Google the thing theyā€™re offering, and find the appropriate link yourself. 

Distributed Denial of Service (DDoS) attacks

Hackers have a way of shutting your website down, essentially denying your service to your visitors, customers, and clients. Hereā€™s how they do it:

Your website is installed on a computer server. When someone wants to visit your website, they send a request to the server, and the server responds by loading it into the browser. 

Now, if hundreds of thousands of people (or devices) ask to visit the same website at the same time, the server wouldnā€™t be able to respond to everyone. As a result, many visitors will just see an error, saying the server isnā€™t responding. 

Imagine a restaurant constantly getting hundreds of phone orders. The restaurant staff canā€™t answer all the calls, and you just end up hungry (or calling another restaurant).

So, how do they do it? They find hundreds of thousands of computers, servers, smart home devices, and other internet-connected endpoints that arenā€™t properly protected, and they install a piece of malware. That malware grants them the ability to run certain commands from those endpoints, such as opening a website. Now they control a network of ā€˜botsā€™ - a botnet. 

By remotely controlling a botnet of tens of thousands of devices, they tell all of them to visit a single website, clogging the lines and denying legitimate visitors access. 

If your website runs ads, for every minute of downtime, you are losing significant money. If your website comes with a shop, every minute of downtime means fewer customers. If your website has a customer support form, every minute of downtime means more angry, dissatisfied customers. There are ways to defend against DDoS attacks,and the most common ones are either to buy hosting that offers DDoS protection, or to use a third-party protection service. 

You can find a list of great hosting services here, and some of the DDoS protection tools here.

Malware/Infostealers

The result of many fraud attacks is the deployment of malware. However, hackers have many different ways to get you to install a malicious program on your computer:

They can find routers with default admin credentials, access the device, and install the malware themselves

They can find WordPress websites with a poor password, install scripts which force your browser to download malware

They can compromise the developer of your software, and install malware through a poisoned software update (remember SolarWinds?)

The most common malware fall into three categories:

Remote Access Trojans (RAT) - These give crooks the ability to use your computer as their own (the usual result is wire fraud, business email compromise, botnet assimilation)

Infostealers - These steal your passwords, credit card data stored in browsers, session cookies, and other sensitive information (the usual result is social media accounts stolen, credit cards abused, emails used for spam)

Ransomware - This malware encrypts all of the files on your computer, so that you canā€™t use it at all. The crooks then ask for money in exchange for the decryption key. 

Iā€™ve already covered the usual tactics to defend against these attacks, so make sure to read that piece here.

At the end of this newsletter, I will leave you with this masterpiece: 

  • Sead from SmallBiz CyberWiz