Know the Risks – 5 Common attack strategies used by Hackers.

2019 so far has been a busy year for IOT – (internet of things) – most industries are seeing a huge increase in malicious activity – web bots, auto web scraping, phishing scams and brute force attacks have escalated from annoying to tsunami level.  There are many theories as to why this is happening, personally I agree with the idea that certain people are determined to undermine the trust people have placed in the buying from the web and the associated businesses.

Despite this juvenile goal, people are using online more than ever to make purchases and organise their lives. A recent study by Australia Post highlighted that, “In 2016, Australian’s spent $21.65 billion shopping online across both physical goods and digital services (music and video streaming, and takeaway food services). This is a total increase spend of 10.4% compared to 2015”.

Understanding and managing the security risks of being online can provide peace of mind and hopefully save you some money and effort.

The top 5 methods used to undermine your online activity are;

  1. Malware/Ransomware  
  2. Phishing Attack  
  3. PUP/Adware  
  4. Account Hijacking  
  5. Unpatched/Outdated Software

Below is brief outline of what these methods are with suggested pre-cautionary steps; 

1. Malware/Ransomware
Malicious software that spreads via an email attachment or a link to a malicious website. It infects the endpoints when a user opens the attachment or clicks on the link.

Ransomware is specialised malware that encrypts all the files on the system that it infects, preventing you from accessing any data unless you pay a ransom.

Pre-Cautionary Step: Always check the sending URL - Train yourself and staff security awareness for end users, to teach them not to open email attachments from unknown users and not to click on suspicious URLs and download browser plug-ins from suspicious websites.

2. Password Phishing Attack 
A malicious email that tricks users into surrendering their user credentials (login details). The email may look legitimate, as if coming from your bank (bank logos and familiar names), usually asking you to reset or re-enter your password. 

Everything visually appears genuine; it even warns the recipient not to fall for fraudulent emails. The only thing that gives it away is the rogue link asking for confidential information.

Pre-Cautionary Step: Enable 2-factor authentication, biometrics, or other authentication methods (one-time passwords via text). Use anti-spam email software to protect against such attacks.

3. PUP Adware  
Potentially unwanted programs (PUPs) are trojans, spyware or adware that secretly monitor your keystrokes, scan files on your hard drive, and save your browser cookies. Hackers make money using PUPs by marketing software products with annoying ads that pop up on your screen. Like hard disk cleaner, virus scanning and adult dating services.

Pre-Cautionary Step: Do not download and instal apps, browser extensions and programs from untrusted websites. Backup your system to an external drive or online backup service to avoid losing all data. Use a reliable virus scanning application that is constantly updated with new detection code.

4. Account Hijacking 
Hackers gain access to user accounts by repeatedly entering in different “guesses” of stolen passwords or words from the dictionary with combinations of numbers until they successfully log in.

Such attacks are typically launched with automated tools, whereby thousands of passwords are submitted from multiple bots (botnets) in a matter of seconds.

Pre-Cautionary Step: Brute-force attacks can be prevented, by 1) account lockout after designated number of failed login attempts; 2) using a challenge-response test (reCAPTCHA) to prevent automated submission.

5. Unpatched/Outdated Software 
Hackers exploit vulnerabilities in systems software and web applications to execute unauthorized code, enabling them to gain extra privileges or steal information.

Shellshock exploited a bug in Unix in 2014 to take over systems and convert them to bots. SQL-injection attacks are used to exploit vulnerable web applications.

Pre-Cautionary Step: Always keep core, modules and plugins up to date (a must for open source CMS like word press joomala and drupal). Run vulnerability scanning software at regular intervals and patch all systems which have high-priority vulnerabilities.