Disturbing Trends in Recent Cyber Attacks

(Vehement Media via Comtex)

Things aren't looking good on the cyber attack front these days. Most recently, the Colonial Pipeline attack disrupted gas distribution to the entire eastern half of the United States. Unfortunately, that was far from an isolated incident. Since the Covid-19 pandemic hit in early 2020, the U.S. has seen a historical increase in cyber attacks. In fact, in August 2020, the FBI reported it was receiving over 4000 reports a day, an increase of 400% over pre-pandemic numbers.

The problem isn't just an increase in raw numbers. According to Feroot, a company that provides client-side security tools for front-end applications, the specific kinds of cyber attacks perpetrated in recent months suggest far more worrisome trends.

Here, we examine the most common types of cyber attacks and detail recent examples in an effort to understand just what U.S. companies may be facing in the very near future.

What is a "Cyber Attack"

In simplest terms, a cyber attack is an attack by one digital system on another. An attack can involve one computer or entire networks of computers. The term applies to small events, like a virus infecting a personal laptop, as well as to global events affecting entire countries.

There are dozens of different kinds of cyber attacks, and more are always being invented. However, ten types show up most often.

  • Malware: Malware is a specific type of software designed to damage computers or networks. There are a number of different kinds of malware, including viruses, trojans, and worms. Each of these spreads in its own particular way, but all of them are meant to either shut down or take control of your computer.
  • Phishing: Phishing scams are email-based. The hacker's goal is to get you to give up important pieces of personal information such as passwords or bank account numbers. The hacker might accomplish this directly, by convincing you to simply tell them the information. In other instances, though, the email will pressure you to click on links or download attachments. Those attachments install malware specifically designed to steal your personal data.
  • Ransomware: Ransomware is a version of malware designed to encrypt your files or freeze your systems so that you can't use them. Once this has been accomplished, you are then presented with a ransom demand. Pay the ransom, and the thieves will send you a code that unlocks everything.
  • Man in the middle: In this type of attack, hackers create fake websites to take the place of actual websites. You might believe you are visiting a fan site for your favorite TV show, but you are actually on a fake site that has been inserted between you and the actual site. Once you're on the fake site, the hacker will try to convince you to click on dangerous links or download malware files.
  • Denial of services: A denial of services attack aims to shut down a company's services, costing the company time, energy, and money. The attacker could send internet traffic to a dead site, or they could try to overwhelm the company's system, so it goes down.
  • Zero-day exploits: Zero-day exploits involve holes in legitimate computer code--from apps to operating systems--that haven't yet been fixed. Hackers are always on the lookout for such weaknesses, and once they've discovered them, the race is on to exploit them before users install patches.
  • Cryptojacking: In cryptojacking, cryptocurrency miners hijack computers and systems to get free energy and processing power for their mining operations.
  • SQL injection: SQL attacks target databases looking to steal customer data. Many of these databases are programmed to accept commands written in Structured Query Language (SQL) and will simply turn over data when requested.
  • Password attack: As the name implies, password attacks are aimed at getting password information. These hackers use a variety of different methods, including social engineering, hacking into password databases, and so-called "brute force" attacks that use sophisticated programs to every possible variant of user information to "guess" passwords.
  • Cross-site scripting: In these attacks, hackers insert malicious code into content from reliable websites. When you visit these websites, the code intercepts any personal data you type in. Hackers can then sell this data on the dark web.

Recent Attacks and What They Reveal

Recent cyber attacks have largely relied on the methods listed above, methods that have been around for decades. However, hackers are employing them against new targets and for new purposes. Just what have we learned from these recent attacks?

  • No one is immune: Perhaps the most important lessons of these recent attacks is that we are now so dependent on computer networks that virtually every company is vulnerable. In early 2019, for example, the Weather Channel fell victim to a phishing attack that installed ransomware on the network's computers. As a result, the channel went dark for a full 90 minutes. In March of 2021, Australia's Channel Nine was off the air for several hours after a similar ransomware attack. While it may not be surprising that televisions and computers are now intimately linked, such attacks serve as a reminder that nothing today is beyond the reach of hackers. While radio and television may once have represented an important backup should the internet go down, it is now clear that hackers could theoretically take down every information outlet at the same time.
  • Cyber attacks are part of a larger cyber war: Many analysts pointed the finger at China in the wake of the Channel Nine incident, a sign of another troubling development in cyber warfare. Increasingly cyber warfare has truly become a form of "warfare" as governments play a larger role in attacks. For some time, the U.S. and others have recognized the threat posed by cyber attacks and have worked to create defensive strategies for protecting their infrastructure. Now it seems many countries seem intent on designing offensive cyber weapons as well.
  • Corporations aren't civilians any more: Some governments haven't just limited themselves to attacks on other governments but have begun attacking businesses as well. North Korea's attack on Sony Pictures in 2014 made splashy headlines, but Microsoft discovered in 2017 that the U.S. government can't necessarily be trusted either. WannaCry was a zero-day exploit attack that installed ransomware on computers mostly in the U.K. While the U.S. didn't initiate this attack, they did discover the vulnerability well beforehand and didn't alert Microsoft, choosing instead to hold on to the information in case they needed it. What they might have needed it for isn't completely clear.
  • Cyber attacks have real-world consequences: It's always been the case that cyber attacks could cost money. Now it appears such attacks can have far deadlier consequences. Earlier this year, a hacker managed to breach security at the Oldsmar, Florida water treatment plant and increase the level of sodium hydroxide to near-fatal levels before administrators regained control of the system.

If such incidents seem scary, it's because they are. With everything in our world now digitally connected, there seems no limit on the kind of damage hackers could inflict. At the same time, recent attacks suggest there may be no limit on the kind of damage they are willing to inflict. No individual, government or company is immune, and the bigger the target, the better. 

Now more than ever, it is essential to review your own company's security protocols and to invest in new technologies to recognize, prevent and fight these escalating threats.

comtex tracking