Alireza Gharib Blog

What is a cyberattack?

Cyberattacks aim to damage or gain control or access to important documents and systems within a business or personal computer network.

Cyberattacks are distributed by individuals or organizations for political, criminal, or personal intentions to destroy or gain access to classified information.

Here are some examples of cyberattacks:

• Malware
• Distributed Denial-of-Service (DDoS) attack
• Phishing
• SQL injection attacks
• Cross-site scripting (XSS)
• Botnets
• Ransomware

Using reliable software and a solid cyber strategy can lower the chances of a business or personal database being affected by a cyberattack.

What are the different types of cyberattacks and threats?

Cyberattacks come in various forms through computer networks and systems. Malware and phishing are two cyberattack examples used to gain control of sensitive data from businesses and personal electronic devices. Learn about the types of cyberattacks and their effect on recent technology.

Malware

Malware, or malicious software, disguises itself as a trusted email attachment or program (i.e., encrypted document or file folder) to exploit viruses and allow hackers into a computer network. This type of cyberattack often disrupts an entire IT network. Some examples of malware are trojans, spyware, worms, viruses, and adware.

Distributed Denial-of-Service (DDoS) attack

A DDoS attack is when several hacked computer systems target a site or network and deny the user experience on that specific website or network. For example, hundreds of pop-ups, advertisements, and even a crashing site can contribute to a DDoS attack on a compromised server.

Phishing

Phishing is the act of sending fraudulent emails on behalf of reputable companies. Hackers use phishing to gain access to data on a personal or business’ network.

SQL injection attacks

An SQL injection attack is when a cybercriminal exploits software by taking advantage of apps (i.e., LinkedIn, Target) to steal, delete, or gain control of data.

Cross-site scripting (XSS)

Cross-site scripting (XSS) is when a cybercriminal sends a “script-injected” or spammed website link to your inbox, and it’s opened—releasing personal information to said criminal.

Botnets

Botnets are when multiple computers, normally on a private network, are infected with viruses and other forms of malicious software, I.e., pop-up messages or spam.

Ransomware

Ransomware is a type of malicious software, or malware, that threatens a victim by destroying or blocking access to critical data or systems until a ransom is paid.

Recent cyberattacks and trends

Cyberattacks are common and a popular topic of interest, especially when being reported by media outlets. Most of these cyberattacks have affected thousands, if not millions, of the general population. This includes cyberattacks on social media platforms, websites that house personal data, and more.

Here are some of the most recent cyberattacks and trends from the past decade:

       United States Office of Personnel Management

Noted as “one of the most significant data breaches in US history,” the US Office of Personnel Management was hacked in April 2015 costing 21.5M investigations, 19.7M applicants that applied for an investigation, and 5.6M fingerprints to be stolen.

       Equifax

In 2017, Equifax failed to correct network vulnerability by properly securing their data. This led to over 147.9M customers in the United States, UK, and Canada getting their credit card details and social security numbers stolen by hackers.

       Russian cyberattacks

Within the past year, over 58% of all cyberattacks observed by Microsoft have been attributed to hackers in Russia. Their hackers have been effective in stealing data from other countries with a 32% success rate in 2021.

        CNA Financial

Insurance company CNA Financial was hit with a ransomware attack in March 2021, leaving employees locked out of internal systems and resources. The cyber hackers also stole valuable data, reportedly resulting in a USD$40 million settlement paid by CNA Financial.

        Colonial Pipeline

When the Colonial Pipeline Company was hacked on May 7, 2021, all operations were shut down to contain the attack. In order to restore the computerized system used to manage oil pipelines throughout the southeastern United States, Colonial Pipeline paid the hackers a ransom of 75 bitcoins (equivalent to USD$4.4 million at the time). This cyberattack was the largest in U.S. history to target oil infrastructure.

        Cryptocurrency

In March and April 2022, three different lending protocols came under cyberattack. In the span of one week, hackers stole USD$15.6 million worth of cryptocurrency from Inverse Finance, USD$625 million from gaming-focused Ronin Network, and USD$3.6 million from Ola Finance.