Cyber security is the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber attacks.
It aims to reduce the risk of cyber attacks and protect against the unauthorised exploitation of systems, networks and technologies.
Backdoors
Backdoors allow remote access to computers or systems without users’ knowledge.
DDoS attacks
DDoS (distributed denial-of-service) attacks attempt to disrupt normal web traffic and take targeted websites offline by flooding systems, servers or networks with more requests than they can handle, causing them to crash.
Formjacking
Formjacking is the process of inserting malicious JavaScript code into online payment forms to harvest customers’ card details.
Cryptojacking
Cryptojacking is the malicious installation of cryptocurrency mining – or ‘cryptomining’ – software. This software illicitly harnesses the victim’s processing power to mine for cryptocurrency.
DNS poisoning attacks
DNS (domain name system) poisoning attacks compromise DNS to redirect traffic to malicious sites. Affected sites are not ‘hacked’ themselves.
Botnets
Botnets are large networks of compromised computers, whose processing power is used without the user’s knowledge to carry out criminal activity. This can include distributing spam or phishing emails or carrying out DDoS attacks.
Drive-by downloads
Drive-by downloads install malware when victims visit a compromised or malicious website. They don’t rely on unsuspecting users taking action, such as clicking malicious email attachments or links, to infect them.
Exploits and exploit kits
An exploit is a piece of malicious code that can compromise a security vulnerability. Many have been developed by the security services. For instance, in 2017 the WannaCry ransomware spread using an exploit known as EternalBlue. This exploit had been created by and stolen from the US National Security Agency.
Exploit kits are collections of multiple exploits. Available for rent on the dark web, they enable unskilled criminals to automate attacks on known vulnerabilities.
MITM attacks
A MITM (man-in-the-middle) attack occurs when a criminal hacker inserts themselves between a device and a server to intercept communications that can then be read and/or altered.
MITM attacks often happen when a user logs on to an insecure public Wi-Fi network. Attackers can insert themselves between a visitor’s device and the network. The user will then unknowingly pass information through the attacker.
