The economic loss caused by network intrusions, data breaches, and cyber-crime, in general, cannot be underestimated. According to research conducted by information security firm McAfee, the annual global losses attributed to cyber-crime activity will likely reach two trillion dollars by the end of the decade, and this is a modest estimate.
Cyber-security and information assurance are two major topics of discussion among IT experts these days. As the world continues to move towards an era of connected devices, there are serious concerns about the future of data security. Dutch firm Gemalto security estimates that nine trillion personal records have been stolen since 2013; each one of these records is a potential risk of identity theft, fraud, and economic loss. To ensure the integrity of cyber-security and information assurance in the future, it helps to understand how malicious hackers are exposing the pitfalls of network and personal data security these days.
With the above in mind, here are five security breach methods currently used by cyber-crime perpetrators:
Remote Code Execution
In August 2017, a security research firm found an interesting vulnerability in version 59 of the popular Google Chrome browser. The issue is known as an internal code conflict that occurs when a compiling routine confuses objects with values. Malicious hackers could exploit this issue by means of remote code execution, which can escalate to the point of allowing attackers to take control of a vulnerable computer running the aforementioned Chrome version.
SQL Injection
When former President Barack Obama ordered an investigation into possible interference by Russian operatives in the 2016 elections, electoral bodies across a few jurisdictions revealed that they had been targeted by hackers. The Illinois Board of Elections, for example, suffered a data breach that exposed many voter registration records. An investigation revealed that hackers found a vulnerability in the Board of Elections’ website, which was subjected to a malicious SQL injection that granted access to the voter registration database.
Ransomware Attacks
In 2013, the estimated economic loss of ransomware attacks was just $5 million; these days, that figure stands at $5 billion. Ransomware started with websites being held hostage, but the method later changed to infecting personal computers as well as workstations with malicious code that encrypts files and folders stored on local hard drives. The victims are extorted with the offer of a decryption key in exchange for payments made to a Bitcoin wallet. In recent months, ransomware attacks targeted the National Health Service in the United Kingdom as well as public rail systems in Thailand.
Trojan Horse Attacks
The first reported cyber-crime incident was a guessed password in the 1960s. The second incident was a computer virus developed in the mid-1980s and the third incident was a Trojan horse attack in the late 1980s. Millions of personal computers are infected via Trojan horse attacks each year; the most popular method in 2017 is still a deceptive email with an attachment that executes malicious code when it is opened. Security analysts predict that Trojan horse attacks will likely migrate to messaging apps and social networks in 2018.
Rootkit
This is a very sophisticated attack that used to be carried out by a combination of password cracking and social engineering; these days, however, it is more likely to be conducted from a remote location or with assistance from a Trojan horse attack. Once a rootkit is installed, the attacker can fully control the targeted computer with the assurance of going completely undetected. Antivirus scanners can detect most of these attacks, but security specialists are seeing new variants that may feature code stolen from the National Security Agency.
In the end, the five cyber attacks listed herein are only the tip of the iceberg. For businesses and individuals, having a sense of security is important. Even though cyber-security and information assurance are becoming more sophisticated, the same can be said about the malicious hackers planning their next moves.
To help protect against those malicious hackers, it is imperative to have the necessary skills and knowledge. The privacy of others and safeguarding data and other information are profoundly important. Getting an online bachelor’s degree in some form of information technology or cyber-security can help you learn those necessary skills.
Eileen O'Shanassy is a freelance writer and blogger based out of Flagstaff, AZ. She writes on a variety of topics and loves to research and write. She enjoys baking, biking, and kayaking. Check out her Twitter @eileenoshanassy.
