Types of cyber attacks and its prevention


Types of cyber attacks and its prevention

Welcome back to my blog, today we will be talking about Cybersecurity and what are the safety measures that we should take to prevent ourselves from any such attack. So, in this article, I will tell you about the “keywords” that not only impressed me, but I believe that it is going to impress every one of you. It will definitely benefit you and will also help you to prevent any unexpected events that would occur in your future life. So, let's begin with, what are the different types of cyberattacks.


Different Types of Cyberattacks


1).

The first word that I would like to tell you about, is "Name Generator Attack". This attack gets your personal information or your data privacy from the applications that you use or from the websites that you visit.

Remember the links, “What will you get in 2030”? or “How will you look in 2050”? What will you achieve in the future? Who is going to marry you? and How many dollars will you make? etc...

This kind of link, that can measure your future path, is just like a game but actually, they take your personal information from you, and they also make surveys on how often you use the Internet or you're interested in those kinds of things.

 

Later on, they will create something like malware, call spyware, or adware, by using social engineering, to trick you, hack you, and get your money or even deeper, or private information. 

 

2).

The next keyword is called "Blagging". Remember those calls, that ask you to transfer money either via phones, or ATMs, or any kind of transferring service. Don’t fall into such deception.

 

3).

Next comes "Shouldering". If you think critically, shouldering is also a kind of attack. It's like you're withdrawing your money from an ATM and then, someone behind you looks at your code or records you in a camera.

Shouldering is like watching over you, or your personal information. And this is how they can steal your information. They can do this by spamming the camera on your device or by any hacking tool that they can think of. 

 

4).

So, moving onto the next one, "Dictionary Attack, Rainbow Attack, Brute Force Attack, and Cryptanalysis". These four types of attacks look quite similar, but it's completely different. 


(A). The Dictionary attack is easily found on the internet, because people can go to the website and search for the common password that people generally use and then, hackers can use those passwords and put them down in the locking part. So that it can go into someone's account or hack into someone's system. This is called the "Dictionary attack". There are thousands of websites out there, hackers can make a perfect or a general guess to your account. 

 

(B). But, "Brute Force Attack" needs to find the unique password to hack your accounts. It's different from a dictionary attack because, in a dictionary attack people can think about the normal password like "I love you", “123456”, “password”, something like this. 

But brute force attack is guessing the password, with the combination of strings and letters, and different characters and even special letters like '# ? @'. 


(C). The Rainbow attack is similar to the Cryptanalysis attack, but it's faster and more convenient because the hacker is going to use the hashing technique to generate the password to hack your device. I will explain each type of attack and how they are done in a separate article, so click on the follow by email button that you will find at the end of this article, to never miss any update.

  

How to keep yourself secure?

 

So, how to keep yourself secure from these attacks? I will explain three techniques to prevent them. Based on what I found out of my research over the internet.

 

First Method


The first one is about "Two-Factor Authentication", many of you would have heard of it, some might have even opted for it. But if you haven’t done it yet, it is basically adding an extra security feature to your account/data. 

Normally we enter our phone number or email and then the password to login to our account, but there comes the second step verification. For second step Verification you just need to:

Login to your account -> Settings -> Manage your google Account ->Security ->Two-Step Verification.


Click on it and move forward to complete your two-step verification, after that click on Turn On, and now you are more secure than before. So, now even if someone has your email/phone no and password, they cannot log in into your account unless you provide the authentication from your mobile. Even you need to verify that it’s you before logging in. 

Not just your google account, you can do this even for your WhatsApp /Instagram/ Facebook, to protect your account and data.

 

Second process


Second is about "Limitation of Logging", it prevents the attacks by limiting the number of login attempts. For example, you entered the incorrect username or/and password three times, this will block your account, for like one hour or two hours, to log in again. This is also a good way to protect your data and your system. 

 

Third process

The third one is about the "CAPTCHA". Captcha prevents any bot or a botnet or any malicious things, that are detected on your computer. Because as a human we can understand that this is a tree, this is a car, and this is the vehicle, but the computer or the virus doesn’t know who or what it is, and thus this prevents it from entering into your account. 

However, there are some AI that can even breakthrough “CAPTCHA”.

 

5).

Moving on to the next keyword "Remote Access Attack". This kind of attack shows you or illustrates you the ways, a hacker can hack into your device, by your carelessness. This happens if you keep the Bluetooth or the wireless connection of your device open all the time. It can be like an airdrop, and a hacker can send you information, or data, or any malicious links, or codes to your device, and you do not realize what's going on.

And then you click to open it, BOOM you have been hacked. This kind of attack is caused by yourself. Do not keep your Bluetooth or wireless connection open all the time.

Also, another technique is called "SQL Injection". This type of technique is effective and dangerous because the hackers use hashing techniques to hack into your device. 

 

One thing that I was impressed and interested to learn after my research, was the word "Heuristic". I will explain more about it in the upcoming article, because it is basically, talking about the process of How people hack, and how we get to protect our system.


6).

Moving to the Next keyword is "Zero Hour Threats". A hacker can hack to your device and you do not realize what's going on to your system, because you cannot work for 24 hours with your computer. You need time to sleep, you need time to do whatever you want, and stay away from technology for like a couple of hours, and those hours are when the hacker can study about you, and hack you during that period. 

 

The word "Zero Hour Threats" leads to another word called "Vulnerable Window". This defines the time that a window takes to understand what's going on in the device and notify the user, that someone, or some virus, or some malware got detected on their window and it needs the user or the device owner to take action on this, whether they have the antivirus or not, whether they have any techniques to deal with this type of issue.


7).

The next keyword is "Patching". Patching is the word that we define as an update. You as a user can find all the time that “this app needs to be updated”, your version needs to be updated, your computer or the operating systems, or your device or whatsoever need to be updated. And updated requirements are called "Patching".

Patching is not about the plan to deal with the malware or any attack. They are implemented or developed whenever a new thing occurs, which can cause improper actions to the applications, or the websites that you use. So, most of the developers or the white hat hackers call this kind of technique as patching.

 

But if we take a deeper look at who is responsible for this, it will lead to the vulnerable analysis or the penetration tester, who can test the device, find the weak points, and prove it, and call it patching.


8).

Moving to the next keyword "Bug Bounties". This is so impressive and beneficial for the world full of technology because we do not know which part, which system, which application, and which operating system has a weak point, so the company owner or the owner of the application will use this as a competition. It can be a competition for all developers, to find the flaws or vulnerabilities in their device, in their systems, and then the developer can get the money as a reward, for their hard work in researching and analyzing.

 

There are still a couple of things, that I have learned from my research and they impressed me, and also provided a deeper understanding of the word "hacking". 

Firstly, it's about the comparison between bots and botnet. A botnet is the combination of a large number of bots that a hacker can just botnet in the format of the DOS- “Denial of service” to hack your device. 


Most of the emails that a user or a person generally get, and contains malicious code are from the Spambot.  Spambot a machine that automatically distributes the spam email to people. Another one is about the two types of attack inside the DOS- Denial of Service. The first one is about "Teardrop". While "Flooding"- is the second type of attack that a hacker use.



Now if I go deeper, it will sound more like a book than an article, so I will continue with each one of them and more on cybersecurity in the upcoming articles. I hope you liked the article. So, for now, scroll down to the follow by email button and follow us to never miss an update. Also, comment down below if you have any queries or suggestions.

Types of cyber attacks and its prevention Types of cyber attacks and its prevention Reviewed by Abhishek Yadav on June 22, 2020 Rating: 5

No comments:

Please let me know if you liked the post. Do share it with your friends

Powered by Blogger.