Malware, ransomware, phishing, DDos: terms that can make a company or an individual tremble but against which there are solutions. A cyber attack is a violation of the information system, attempted or completed, to obtain some advantage.
In essence, the hacker uses sophisticated technological tools to break into a private individual’s device or into an entire company’s system, generally with the aim of stealing his data and subsequently asking for money to return it.
In other cases, they destroy them to carry on a sort of “digital activism”. Regardless of the payment or not of the “ransom”, the economic and social damage is enormous: think of a possible blockage of airport computer systems, servers that control public health, telecommunications companies, etc. What are the primary forms of cyber threats? The most common dangers are represented by the following:
- ransomware;
- phishing;
- malware;
- DDoS attacks.
What Is Ransomware?
Ransomware stands out among the primary forms of cyber threats. It is a virus that takes control of a computer device (generally a computer but also a tablet or smartphone) and encrypts the data.
The hacker will then request a ransom in cryptocurrencies (mainly Bitcoin) to restore the device. The user, therefore, finds the computer blocked by the virus. The most common ransomware are:
- Reveton;
- CryptoLocker;
- WannaCry.
The user unknowingly installs these viruses. This happens, in particular, in large companies and in public administration, where the number of employees is high, and it is more likely that one of them will make a false move. If it is a device connected to a corporate network, the virus spreads by infecting all the computers. It is possible to avoid a cyber attack of this type with an antivirus capable of scanning the .exe file before installing them to detect any anomalies.
What Is Malware?
Malware is another type of malicious software that risks a computer system. In practice, through malware, the hacker can take control of a device and interfere with their normal functioning, even damaging or deactivating them.
Again, the aim is to encrypt or steal data contained on computers, tablets or smartphones and then ask for a ransom. Some of the signs that may suggest a cyber malware attack are:
- Abnormal functioning of the device: it is slower than usual both in navigation and in the use of offline applications;
- The continuous appearance of pop-ups with advertisements that should not appear and which, in turn, hide further cyber threats.
- The operating system crashes or closes and then reopens by itself;
- Hard drive space suddenly becomes very low;
- The computer fan is spinning at an unusual speed;
- Computer resource activity has skyrocketed;
- Strange icons appear on the browser’s taskbar;
- The home page has changed;
- The antivirus no longer works, and it is not possible to update.
What Is Phishing?
Phishing is the system that hackers use to try to install (or, instead, to make the user install unintentionally) viruses such as ransomware. It is, therefore, one of the primary forms of cyber threats in circulation.
The term derives from the English fishing, that is, to fish. And that’s what the hacker does: “fishing” in the universe of Internet users who are distracted or unfamiliar with digital devices to mislead them.
The most widespread technique is the message sent via email, SMS or WhatsApp, apparently normal and containing a link to ask the recipient to click with any excuse. Strategies have recently been refined to make users believe that the message is authentic: the pages of banks, service providers or the Italian post office are “cloned”, and the recipient is asked to click on the link in the message to confirm his data, because their online bank account has had strange accesses, etc. The most frequent tricks reported in the subject of the letters are:
- password expiration;
- the need to change the conditions of a particular contract;
- renewing your credit or debit card or PayPal account;
- the addition or correction of information regarding the social profile;
- A job offer is to be accepted upon the release of bank details.
If the recipient of the message believes it, the link they click on takes them to a web page specially created to steal their data. To avoid harm from phishing, you should:
- Verify the origin of any message that invites you to release data, accept contractual changes, review subscriptions and so on: trash the news and delete it permanently;
- Never click on a link contained in an email whose origin is not clear to us;
- Check the sender’s address: often, the phisher uses accounts or URLs similar to those of the user’s contacts, bank or credit card manager.
- Check the situation of your current account from time to time. It is also advisable to ask the bank to activate the SMS service, which informs of each movement made;
- Blocking unsolicited payments or credits: in the first case, you risk being scammed, and in the second, a complaint for money laundering.
What Is A DDoS Attack?
Another form of cyber threat is the DDoS attack, i.e. Distributed Denial-of-service, which has increased exponentially in recent years (+43% in the second half of 2021 compared to the first half). It is a system that targets Internet sites and servers for:
ALSO READ: Fortinet, Three Rules Against Cyber Threats
- Interrupt network services;
- Attempt to exhaust an application’s resources.
The strategy used by hackers is to send a huge amount of traffic to the site, causing functionality problems or taking it completely offline and jeopardizing a company’s business continuity and reputation. Sometimes, hackers break into the victim’s database while the DDoS attack progresses, gaining access to all stored information. A DDos attack can last several hours or days, causing damage to both corporate and personal devices. The main signs that can make you think you are the victim of a cyber attack of this type are:
- the unusual increase in web traffic originating from the same IP address or ranges;
- slow network performance;
- the site suddenly went offline.
