From infiltrations on infrastructure, data breaching, to contagious malwares and firewall infringement. Online attacks are prevailing, typical on modern times and never discriminate on choosing a target nor have the ability to be restricted and contained.

You’ve likely heard of stories and news on cyber attacks and issues on media. But what are exactly cyber threats? Is it a matter of security? What are the different types of cyber issues and attacks? Can someone prevent a cyber attack? What are the best practices to prevent a cyber attack? To truly understand this concept, let’s dig deep into the background of cyber security.

Table of Contents

What is a Cyber attack?

As mass users of today’s information and communication technology, we are presented with a magnitude and multitude of innovated media and technology. These are well presented such as laptops, mobile gadgets and phones, digital library, tablets, and desktop computers which gives us the power to gain and have access in the world wide web and the internet. Making mundane and tedious archaic works on gaining information and access of a person in just a click. However as digital access is evolving, threats and attacks are coming as a consequences to these technological advancements.

Cyber attack and cyber issue are the two common notion often used in digital territory to inhabit and determine threats such as scam, phishing, DDoS attacks in various and diverse situations. Using accurate and precise definition, according to the dictionary, cyber attack is an attack in computers and computer networks in any attempt to expose, alter, disable, destroy, steal or gain unauthorized access to or make unauthorized used of an asset. On the other hand, cyber issue is defined on the cyberspace world as, a classification of cyber attack, one of which is harmful on the recipient’s experience by stealing or attacking a person’s digital representation. It may be on the form of theft identity, website hacking, credit card scams, phishing and such. These variables are the main working principle of cyber space in the modern times as modern times greatly depend and highly influence on the use of technology itself.

Invented in 1989, the world wide web is home to around 2 billion websites today. This unthinkable expansion of the digital has brought thousand and thousands of world geographical scale to be shrunk into bits and bits of smaller global village. Able to connect, transfer and communicate with the use and utilization of internet. As the world shifts from a physical into a digital landscape, security threats have also changed from physical to cyber.

Cyber crimes, attacks and issues are accounted for trillion and billions of dollars in losses. In a recent Juniper research the amount of loss in 2019 only rose up into $2 trillion. With such vulnerabilities, particularly on online scams it is estimated that by 2027, global spending on cyber security on some company will reach $10 billion. Statistics show that, half of all cyber attacks are targeted on small businesses. As small business owners do not pay attention to cyber security. This is an important concept to be understood. As cyber attacks mainly performs its attack on small – scale population may it be an organization, a group of people or a single person. As it successfully performed its attack, it replicates its actions, evolving, making the attack more oblique and harder to identify as well as prevented on competent authorities. This makes cyber threats and attacks a harder and difficult anomaly to be combat at due to its evolving nuances and practices. As per Forbes, an estimated amount of $6 trillion damages will be cost on cyber attacks only making much more damage than all of the natural disasters in a year.

Types of cyber security threats

There are several and different types of cyber attacks and threats varying from simple scam to website hacking to identify theft. Here are the common, cyber security threats on going in the digital world.

I. Denial-of-service (Dos) and distributed denial-of-service (DDoS) attack

A denial-of-service attack hijacks a system’s resources and network in order for the network of online machines and systems to be immobilize so that the network can no longer respond to any service requests. This type of attack is common among, websites, student and university portals, online platforms and online banking. The attack is launched from a large scale numerous machines that are infected by malware (malicious software) controlled by the attacker.

II. Man-in-the-middle (MitM) attack

A MitM attack only occurs when a hacker inserts itself between the communication of a client and a server. This type of attack seizes the communication and negotiation going through the server and the client. This type of attack is highly dangerous as the client never had the idea or isn’t aware of the “man in the middle” intercepting the server and the client. This attack is common among BPO industries, online banking, online marketing and workplaces and systems that require customer services.

III. Phishing and spear phishing attack

Phising attack is a type of attack that sends email to a recipient which the email appears to be from trusted sources with the goal of gaining personal information or influencing users to do something. This type of attack is the most common and dominant in fields as users today are mainly connected through the use of instant messaging apps, electronic mails (e-mails) and online social media accounts. The email sent by the attack to the receiver involves an attachment of a malware that directly loads on to your computer or gadget you’re using, a link to a illegitimate website that automatically downloads malware or handling personal information such as credit card and banking information, personal identity and such.

IV. Drive-by attack

Drive by attack is a type of attack that are common among websites which are of low to medium security in an attempt to spread malware. Hackers (persons who launch these attacks) look for an insecure area of a website and plant a malicious script on to the directory of the websites. Websites are mainly compromised of computer languages such as HTML, Java and etc. into the HTTP or PHP code of one of the pages. The inserted script (identified as a malware) may download a malicious file on the gadget you are using, re-direct a victim on to a site controlled by hackers or steal personal information. This type of attack is common among, advertisements on websites, marketing websites, digital libraries, and accounting and market generating-profit websites.

V. Password attack

Password attack is a type of attack that uses network (internet take in for example) to infiltrate a person’s account. As password are the common mechanism to authenticate an information system, hackers deliberately “sniff” the connection of a user to a server using a network to acquire unencrypted passwords, credit card information and banking information with the use of social engineering and/or outright guessing. This type of attack is common on i connected networks such as low-quality vpns, banking and marketing websites and online social media platforms.

Best practices for cyber defense and protection

We now have learned the definition of cyber attack and issue and its effect to the digital landscape of the world. As threats are getting far more serious, dangerous, cyber security should be our topmost priority when dealing in the cyberspace being a netizen of that imaginary landscape. In a recent statistical analysis of business world, the Philippines moved up to fifth place from ninth year earlier in Kaspersky Lab’s global list of countries with most online threats detected in the second quarter of 2019 only. It is then essential for us especially Filipinos and with utmost significance and importance to protect ourselves from these cyber threats.

It can be scary for business owners ranging from micro-small and medium enterprises to huge industrial business owners who are susceptible about cyber threats, attacks and issues. Without proper manifestation of maintaining quality controlled security system, threats on these fields are increasingly potent and frequent. As a business owner or an aspiring business owner, enterprises or businesses best practice for defense for cyber threats include basic but extremely countermeasures like patching system, systems security officer, and or a competent information and communication technology individual. Worry not as a host of new technologies and services are coming onto the market that make it easier to mount a robust defense against these cyber threats. These include: outsourced security services, collaborative systems between security team members, continual attack simulation tools and point solutions for anti-phishing and secure browsing. Maintaining these principles and quickly identifying these attacks could greatly improve a business security over to these threats.

On the other hand, individuals with the capability to access digital cyberspace in any means should also have cyber defense countermeasures. These preventive measures include and not limit to, password hygiene, this include routinely changing of password of one’s personal account to avoid direct phishing and “sniffing” of an attacker, downloading an anti- virus software, to keep your system up-to-date with automated and scheduled scans for imminent and potential danger of attacks and, lastly, caution against phishing attacks. Phishing attacks are attacks that are most prominent and common among individuals as these attacks send attachments from individuals with monetary gain, lottery win and travel with an all out expense while bringing the name of a legitimate organization while the attacker operates illegally.

As a reader, you now have identified, visualized this threat as well as ideas to countermeasure it. It would be an honorary tribute to yourself to expand and share your knowledge about this topic to your friends, families and neighbors verbally or digitally. Remember that it takes years to build a reputation and minutes of cyber incident to ruin it. Share and subscribe, productive, informative, proficient!