With growing interconnectedness comes numerous threats. Being able to identify these threats will assist in reducing their impact.
Malware and phishing
Malware refers to harmful software. Once malware is in your computer, it can wreak havoc, from taking control of your machine, to monitoring your actions and keystrokes, to silently sending all sorts of confidential data from your computer or network to the attacker.
Attackers will use a variety of methods to get malware into your computer. However it usually requires the user to take an action to install the malware. This can include clicking a link to download a file, or opening an attachment that may look harmless.
In a phishing attack, an attacker may send you an email that appears to be from someone you trust. The email will seem legitimate, and it will have some urgency to it (e.g. fraudulent activity has been detected on your account). In the email, there will be an attachment to open or a link to click.
Upon opening the attachment, you’ll install malware in your computer.
If you click the link, it may send you to a legitimate-looking website that asks for you to log in to access an important file — the website is actually a trap used to capture your credentials.
SQL injection attack
SQL is an abbreviation for structured query language. It is a standardised query language for requesting information from a database. An SQL injection attack works by exploiting any one of the known SQL vulnerabilities that allow the SQL server to run malicious code.
For example, if an SQL server is vulnerable to an injection attack, it may be possible for an attacker to go to a website’s search box and type in code that would force the site’s SQL server to dump all of its stored usernames and passwords for the site.
Cross-site scripting (XSS)
In an SQL injection attack, an attacker goes after a vulnerable website to target its stored data, such as user credentials. But if the attacker would rather directly target a website’s users, they may opt for a cross-site scripting attack.
This attack also involves injecting malicious code into a website, but in this case the malicious code the attacker has injected only runs in the user’s browser when they visit the attacked website, and it goes after the visitor directly, not the website.
Denial of service (DoS)
This happens when a website is flooded by an attacker with more traffic than it was built to handle. The website’s server becomes overloaded and it is impossible for the website to serve up its content to visitors who are trying to access it.
In some instances, these DoS attacks are performed by many computers at the same time. This scenario of attack is known as a Distributed Denial of Service Attack (DDoS). This type of attack can be even more difficult to overcome due to the attacker appearing from many different IP addresses around the world.
Users today have so many logins and passwords to remember that it’s tempting to reuse them, even though security best practices universally recommend that you have unique passwords for all your applications and websites.
Once attackers have a collection of usernames and passwords from a breached website or service (easily acquired on any number of black market websites on the internet), they know that if they use these same credentials on other websites there’s a chance they’ll be able to log in.
This is just a selection of common attack techniques. Being aware of, and mitigating, these attacks is important.
A useful website is the Federal Government’s Stay Smart Online at www.staysmartonline.gov.au