Categories:

Category: Technology Read: 2371 By: Ptechloop

Cybercriminals' online exploitation strategies

In this article, we will be discussing the deceptive and careful tactics that cyber attackers can exploit to steal your identity or defraud your online assets. It is important to know their tactics so you can confront them or avoid any acts of vulnerability that might instigate their fraud on you.

You can also learn what cyberattack means, and its behaviors on our devices here: Cyber attack types and behaviors

Over the years, cyber criminals have developed and deployed ways they can penetrate systems illegally and carry out their attacks on their victims. It is very important to note that as the days go by and technology keeps unfolding, hackers keep developing new strategies they can hijack and launch their attack online. Thus, we all need to keep our eyes steady to block and undo any of their attempts to take charge.

  • Social Engineering

    • The manipulation of individuals into completing acts or disclosing private information is known as social engineering. Social engineers frequently use people's enthusiasm to assist, but they also exploit their flaws. For example, an attacker may call an authorized employee with an urgent situation that needs instant network access and use name-dropping tactics to get this access by appealing to the person's vanity or avarice or invoking authority.


    Types of social engineering attacks:

    1. Pretexting: This is when an attacker calls an individual and lies to them in an attempt to gain access to privileged data. For example, pretending to need a person’s personal or financial data in order to confirm their identity.
    2. Tailgating: This is when an attacker quickly follows an authorized person into a secure, physical location.
    3. Something for something (quid pro quo):This is when an attacker requests personal information from a person in exchange for something, like a free gift.
  • Denial-of-Service (DoS)

    • Denial-of-Service (DoS) assaults are a form of network attack that may be carried out by an inexperienced attacker. A DoS attack disrupts network service to users, devices, or applications.

    DoS attacks are classified into two types.

    1. Overwhelming traffic: This occurs when a network, host, or application receives a tremendous volume of data at a rate that it cannot process. This slows transmission or reaction, or it causes the device or service to crash.
    2. Maliciously designed packets: A packet is a collection of data that travels from a source computer or application to a destination computer or application across a network, such as the Internet. The recipient will be unable to process a maliciously designed packet. For example, if an attacker sends packets that contain errors or are improperly formatted and cannot be identified by an application, the receiving device will run very slowly or crash.

    NB: DoS attacks are considered a major risk because they can easily interrupt communication and cause significant loss of time and money.

  • Distributed DoS (DDoS)

    • Distributed DoS (DDoS) attacks are comparable to DoS attacks in that they come from several, coordinated sources. For example, an attacker may create a network (botnet) of infected hosts known as zombies that are managed by handler systems. The zombie computers will continually scan and infect new hosts, producing an increasing number of zombies. When ready, the hacker will command the handler systems to launch a DDoS assault using the zombie botnet.

  • Botnet

    • Botnet: A bot computer is often infected by visiting a malicious website or by downloading an infected email attachment or media file. A botnet is a network of bots connected over the Internet and managed by a hostile individual or organization. It may contain tens of thousands, if not hundreds of thousands, of bots that are normally managed by a command-and-control server. These bots may be used to spread malware, launch DDoS attacks, send spam email, or perform brute-force password assaults. Cybercriminals frequently rent out botnets to third parties for illicit reasons. Many organizations, such as Cisco, force network traffic through botnet traffic filters in order to identify botnet locations.
    Bots infected with malware attempt to interact with a command-and-control host on the Internet.

  • On-Path Attacks

    • On-path attackers intercept or modify communications between two devices, such as a web browser and a web server, either to collect information from or to impersonate one of the devices. This type of attack is also referred to as a "man-in-the-middle" or "man-in-the-mobile" attack.

    1. man-in-the-middle (MitM):A MitM attack happens when a cybercriminal takes control of a device without the user’s knowledge. With this level of access, an attacker can intercept and capture user information before it is sent to its intended destination. These types of attacks are often used to steal financial information. There are several forms of malware that may launch MitM attacks.
    2. man-in-the-mobile (MitMo):A variant of man-in-the-middle, MitMo is a type of attack that is used to gain control of a user's mobile device. When a mobile device becomes infected, it is instructed to exfiltrate user-sensitive information and send it to the attackers. One example of a malware package with MitMo capabilities is Zeus. It enables attackers to silently intercept two-step verification SMS messages delivered to users.
  • SEO Poisoning

    • You've definitely heard of search engine optimization, or SEO, which is the process of optimizing a company's website so that it appears higher in search engine rankings. So, what do you believe SEO poisoning is?
    Search engines like Google function by presenting users with a list of web sites depending on their search query. These web pages are rated based on the importance of their content. While many respectable organizations specialize in optimizing websites for better positioning, attackers utilize popular search phrases and SEO to push rogue sites higher up the search results rankings. This is referred to as "SEO poisoning. The most common goal of SEO poisoning is to increase traffic to malicious sites that may host malware or attempt social engineering.

  • Wi-Fi Password Cracking

    • Wi-Fi Password Cracking: Imagine you’re enjoying your lunch in the canteen when a colleague approaches you. They seem distressed. They explain that they can’t seem to connect to the public Wi-Fi on their phone and ask if you have the private Wi-Fi password to hand so that they can check that their phone is working. This kind of a gimmick is know as Wi-Fi cracking because they will use the Wi-Fi information you revealed to carry out their malicious attack.

  • Advanced persistent threats (APTs),

    • Attackers can also infiltrate using advanced persistent threats (APTs), which are multi-phase, long-term, stealthy, and sophisticated operations against a specific target. For these reasons, an individual attacker frequently lacks the necessary skill set, resources, and persistence to carry out APTs. An APT is frequently well-funded and targets businesses or governments for economic or political objectives because of the complexity and skill level necessary to carry out such an assault. Its main goal is to install customized malware on one or more of the target's computers and remain undetected there.

  • Password Attacks

    • Password Attacks; One of the most common methods of authenticating to a website is by entering a login and password. As a result, revealing your password is a simple method for fraudsters to acquire access to your most sensitive information.

    Common password security breaches include:

    1. Password spraying: This is a method of gaining access to a system by 'spraying' a few commonly used passwords across a large number of accounts. A cybercriminal, for example, would use 'Password123' with several usernames before attempting again with a second regularly used password, such as 'qwerty.'
      This method allows the culprit to go unnoticed while avoiding numerous account lockouts.
    2. Dictionary attacks: A hacker attempts to get into a password-protected account by systematically trying every word in a dictionary or a list of widely used terms as a password.
    3. Brute-force attack: The most basic and widely used method of getting access to a password-protected site, brute-force assaults include an attacker trying every conceivable combination of letters, numbers, and symbols in the password space until they find the correct one.
    4. Rainbow attack: In a computer system, passwords are saved as hashed values rather than plain text (numerical values that uniquely identify data). A rainbow table is a big dictionary of hashes and passwords that have been precomputed.
      Unlike a brute-force attack that has to calculate each hash, a rainbow attack compares the hash of a password with those stored in the rainbow table. When an attacker finds a match, they identify the password used to create the hash.
    5. Traffic interception: Plain text or unencrypted passwords can be easily read by other humans and machines by intercepting communications. If you store a password in clear, readable text, anyone who has access to your account or device, whether authorized or unauthorized, can read it.

See also... Cyber Attack, Types and Behavior

credit: cisco

: 3 years ago
Share:

Ptechloop Editor

Daniel Aghadoo

Ptechloop Ltd. is an IT-savvy team that employs artificial intelligence to make abstract concepts a reality.. We use technology (information and communication technology) to provide a long-term solution to the universe's critical problems. Through software engineering, we contribute to the development of a smart, simple, and easy life. Know more about us...

Talk to Ptechloop Customer Care Unit And Get Clear View of Every Software and online/web-related Technology You Wish To Implement In Your organization, Business etc.