Introduction to cyber security attacks

A cyber security attack is any action that targets IT systems, computer networks, personal computers, etc., intending to cause damage. Attackers aim to gain access to confidential data, disturb or destroy IT infrastructure, or use breached computer systems to carry out additional attacks.

Targets of cyber-attacks can be individuals, companies, or even governments. Cyber security attackers are often called hackers or black hat hackers.

Most often, reasons for cyber security attacks are:

  • criminal (money theft, data theft, or business disruption);
  • socio-political (hacktivism);
  • personal (revenge, money gain, competing with other hackers);
  • espionage.

Social Engineering

Social engineering can be defined as a malicious act of psychological manipulation to make individuals give out sensitive, confidential information or trick users into making security mistakes. Hackers using this attack method may seek login credentials or bank account information. Frequently, they attempt to gain access and control of your personal computer or install malicious software on it.

Creating and developing attack techniques is often referred to as “bugs in the human hardware” because the success of cyber security attacks depends on the end-user’s mistake. Social engineering has become one of the most frequent means of breaching personal data security.

Social engineering attacks rely on the interaction between hackers and victims. Most attacks are performed over the telephone, but in some circumstances, attackers can introduce themselves as IT technicians, external auditors, or even government officials.

Social Engineering Life Cycle

Social engineering attacks cannot be successfully carried out in a single step; they require comprehensive preparation. The life cycle of one attack is shown in the following picture:

Investigation

In the investigation phase, the attacker is preparing for the attack. He or she creates the most convenient attack technique based on the selected victim(s) using all the previously gathered background information

Hook

The hook phase is the starting point for the attacker in which they interact with the victim(s), gain trust, and make a breakthrough by taking control of the interaction.

Play

This phase is the phase of the actual attack. It is usually performed over an extended period, as the attacker tries to access more sensitive data or continues to disturb the victim, causing more damage to them.

Exit

In the exit phase, the attacker removes all traces of an attack, covers their tracks, and ends the interaction with the victim(s).

Examples of Social Engineering Attacks

Social engineering attacks can be performed in many different forms, depending on the aim, selected victim, or available techniques. Commonly known types of attacks with their brief description are:

  • Phishing – the attack is usually performed via infected email attachments or links to malicious websites;
  • Pharming – a type of attack in which the end-user is automatically redirected to a malicious site;
  • Baiting – an attack strategy in which hackers use false promises of an item or goods to trick victims into cooperating;
  • Quid Pro Quo – (a favor for a favor) these types of attacks are performed to look like an exchange of information, for example, trading credentials for some reward or monetary compensation;
  • Tailgating – an attack method in which the attacker follows an authorized employee into a restricted area;
  • Scareware – a widespread technique in which the hacker uses a pop-up that warns you that your security software is outdated or that malicious content has been detected on your PC. It tricks victims into visiting malicious websites or buying unwanted products;
  • Smishing – SMS phishing;
  •  Tab nabbing/reverse tab nabbing – an attack is carried out by rewriting unattended browser tabs with malicious content.

Prevention and Risk Management

Because the strategy of social engineering attacks strongly relies on human feelings or lack of end-user awareness, the primary prevention technique is the education of employees.

Even with adequately established security measures such as maintaining physical protection to servers, network components, and personal computers, implementing a firewall, anti-malware, or anti-ransomware detection, etc., it is vital to consistently raise awareness and keep end-users informed about social engineering tactics and how to recognize, avoid and report them.

There are a few guidelines to minimize the probability of becoming a social engineering victim:

  • Keep your computer and antivirus/anti-malware software updated;
  • Use two-factor authentication;
  • Always use different strong passwords* and often change them (*strong password = min. 12 characters, a mixture of both uppercase and lowercase letters, a mixture of letters and numbers, the inclusion of at least one special character);
  • Never share your credentials or leave your devices unattended;
  • Do not open emails and attachments from suspicious sources;
  • Be suspicious of uninvited communications and strangers;
  • Use a VPN;
  • Restrict access to the primary Wi-Fi network;
  • Closely monitor account activity;
  • Pay attention to URLs and check websites’ security;
  • Be wary of tempting offers.

Security awareness is not a matter of a 40, 60, or 90-minute program once a year. End-users should be frequently educated about social engineering tactics and psychological triggers. Also, the success of the training should be evaluated through simulated phishing attacks.

Tamara Petrović

Tamara is a system administrator devoted to maintaining the smooth operation of computer systems and networks. She is constantly learning and staying up to date with the latest advancements in technology. In her spare time, she takes care of her furry friends and practices yoga to keep her balanced.