Cyber Attacks - 3 Current Threats and Countermeasures

The Colonial Pipeline cyberattack in May 2021 thrust ransomware back into the public spotlight. However, ransomware isn't the only digital danger to individuals, businesses, and organizations, with DDoS attacks and data theft a serious and daily problem for many.
To help stave off these threats, a good place to start is by understanding what it is that you're up against. In this article, we'll fill you in about the most common types of cyberattacks and countermeasures.
DDoS attacks seek to paralyze networks or servers by overwhelming them with requests. These take advantage of the client-server model, upon which most Internet applications operate. Whenever you type the URL of a particular website into your browser (for example, www.nytimes.com) your computer, laptop, or device (the client), sends a request to that URL's server.
Web servers can answer several thousand requests per second, however, they aren't without limits, either in terms of bandwidth, or the hardware itself. The more requests that are submitted, the longer the response time, similar to telephone (landline) switchboards or networks of the past. In the worst case, traffic simply collapses and users receive an error message (503 - Service Unavailable) when attempting to visit the site in question.
Cybercriminals launching DDoS attacks use multiple computers or Internet of Things (IoT) devices to send large numbers of requests at the same time. These computers form a so-called botnet. Most of the time, these devices are infected with viruses or malware and spread across the globe, with their owners having no idea that their computers are being used illictly.
Even though the end goal of all DDoS attacks is denial of service, they go about achieving this in different ways and by exploiting various parts of a network connection. So-called multi-vector attacks enter through several of these entry points at the same time.
Should a website take longer than usual to load, you shouldn't automatically assume that it is experiencing a DDoS attack, since peaks in usage can also produce a similar effect. With that said, there are some sure symptoms of a DDoS attack:
It isn't possible to completely prevent DDoS attacks since the infected devices that launch them are unable to be controlled. As such, countermeasures for DDoS attacks entail ensuring network resilience.
According to Netscout's most recent Global Threat Intelligence Report, ⇱ in 2020, more than 10 million DDoS attacks were launched, the most in history. Some of the more infamous DDoS attacks of all time include:
When using ransomware, cybercriminals hack IT systems, encrypting the data stored on drives. In order to unlock these, the extortionists demand a ransom. Similar to DDoS attacks, ransomware also frequently targets utility networks or healthcare systems.
Ransomware can find its way onto computers or systems through phishing emails, attachments infected with trojans, or IT networks possessing inadequate security. Victims include individuals as well as businesses and even government officials.
As is the case with DDoS attacks, those who engage in ransomware are often hackers from countries like China, Iran, Russia, or North Korea, which makes it difficult or impossible to prosecute them. Since victims often need to pay in cryptocurrencies, like Bitcoin, tracing the recipient is difficult.
In addition to the well-known CryptoLocker variant, screenlockers are also common. For the latter, victims, need to pay a ransom in order to regain access to their screen or monitor. In most cases, cyber extortionists also threaten to release sensitive data if they aren't paid.
Typically, ransomware makes its presence on your system felt rather quickly, displaying a message stating that you have been attacked, and providing information about how to proceed. Other symptoms of a ransomware attack include:
A ransomware attack often manifests similarly to the above.
WARNING! The US Government and all of its cybersecurity branches ⇱ strongly discourage paying cyber ransoms. This is because there is no guarantee that you will receive the password, and also that by doing so, you provide extortionists with an incentive to continue their illicit activities. The FBI, for example, recommends immediately contacting their local field office if you believe yourself to be the victim of a ransomware attack.
Should you already practice safe behavior with regards to IT security, you're well protected against ransomware attacks. Some aspects to keep in mind include:
According to the FBI ⇱, since 2016, more than 4,000 ransomware attacks have been recorded per day. Among the most infamous are:
Even though most people speak about data theft, in reality, cybercriminals copy digital information. Most of the time, they intend to use email accounts for illegal activity, gain access to funds or sensitive information, or tarnish someone's reputation. When it comes to identity theft, the purpose is often to engage in illegal activity using the victim's personal information.
Most data thieves identify their victims through phishing emails, inadequately secured networks, or infected websites. For companies, disgruntled or technologically illiterate employees are often responsible when sharing sensitive data without authorization.
Take a close look: Phishing emails often look legitimate, however, upon detailed inspection, often have an odd feature (or two).
Should criminals gain access to bank accounts, it won't take long for you to notice suspicious transactions. In other cases, hackers will release stolen information online, in order to negatively impact the victim. If the information isn't immediately actionable, it can take years for a victim to learn that their data was stolen, for example, when applying for a loan or credit card, or receiving official mail or court summons.
As is the case with the other two kinds of cyber attacks, criminals take advantage of weaknesses in IT systems. Below are some guidelines to help in protecting yourself and your data:
In contrast to DDoS and ransomware attacks, leaks of sensitive information pre-date the Internet. The main difference is the scale, with data theft in the 21st century impacting millions of people worldwide, per year. The most notorious cases of data theft over the past few years include:
DDoS attacks, ransomware, and data theft can all exert a significant impact on your digital security. Fortunately, with the help of powerful antivirus programs, firewalls, strong passwords (that can be easily and safely managed with a password manager), and regular updates to your software and drivers, it's possible to minimize the likelihood of falling prey to such an attack. IP filters and cloud services help specifically against DDoS attacks, preventing bots from being able to send requests to your site.
Caution is in order when dealing with suspicious emails or websites since these often serve as the delivery vehicles for malware and trojans. Should you believe yourself to be the victim of a cyberattack, the best thing to do is to contact local or federal authorities.