Abstract
The world suffering from COVID-19. In this situation, people are focusing on virtual or online modes of working, which can be done from home or anywhere. Cybersecurity has become the priority for all of us to protect data. This chapter mentions the most used cyber-attack techniques for stolen money and data from different sectors.
TopBackground
Provide In 2021, a large number of leaks of corporate data and user data were recorded. Among participants in high-profile incidents are well-known companies, and volume of lost user data is in hundreds of billions. There are different reasons, which include errors in operation of applications and protection tools, internal intruders, and actions of ransomware programs. In general, trend towards an increase in number of data leaks will continue since large amounts of corporate or personal data are always of interest to attackers due to their high cost, (Evans M, 2016). Separately, it is worth paying attention to a relatively new vector of attack propagation, namely attacks on supply chain or attacks by a third party. After attack on Solar-Winds and compromise of its Orion software, there were no less high-profile incidents, such as compromise of ASUS Live service or CCleaner program. The number of such attacks is predicted to increase in future, as corporate or private users do not expect to be attacked by trusted software or services. In same class of attacks, hacking networks of outsourcing companies and further attacks on infrastructure of their customers, as well as attacks on corporate resources through home computers of users transferred to remote work, remain relevant, (Ahmed N, 2020).
Of course, one of the most relevant cyber threats in 2022 will remain phishing attacks, in which victim receives a fake email from, for example, a search service or an online store with an offer to go to a fake website or open an email attachment that contains hidden ransomware code. According to Kaspersky Lab experts, in 2021, up to 350,000 new malware patterns were registered per day, most of which belong to ransomware class, as well as tens of millions of phishing emails. This growth is explained by fact that cyber fraud is actively developing as a separate industry, in which there are services for creating ransomware programs, distributing them, and collecting money. In addition, now, before encrypting data, ransomware will first try to find credentials to access victim’s crypto wallets or other sensitive data.
Key Terms in this Chapter
Social engineering: Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks, or physical locations or for financial gain.
Vulnerability: Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware.
Cyber Threat: A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber-attacks include threats like computer viruses, data breaches, and Denial of Service (DoS) attacks.
Cyberattack: A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices.
Malware: Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Examples of common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware.