Cyber attack

Cyber-attack

• Attack, via cyberspace – targets an enterprise’s use of cyberspace for the purpose
of disrupting, disabling, destroying, or maliciously controlling a computing
environment/infrastructure or destroying the integrity of the data or stealing controlled information.

• Leads to loss of money, theft of personal information, theft of financial and medical
information – damages reputation and safety.

• common types – Malware, Phishing, Man-in-the-
middle attack, Denial-of-service attack, SQL injection etc.

Malwares

• Malicious software.

• Software installed on a victim’s computer
without consent.

• Compromises the operation of a system by performing an unauthorized function or process.

• Breaches a network through a vulnerability –
typically when a user clicks a dangerous link or email attachment → installs risky software.

• Includes spyware, ransomware, viruses, and
worms.

Ransomware

• A type of malware – prevents from accessing someone’s computer or data on it.

• Encrypts files on a device and blocks access to key
components of the network.

• Result – computer becomes locked or the data is stolen,
deleted or encrypted.

• Extortion attack – payment demanded to unlock the
computer or access the data.
 Victim asked to contact the attacker via an anonymous email address or follow instructions on an anonymous web page.
 Payment demanded in a cryptocurrency such as
Bitcoin
• Impact:
 Loss of money.
 devastating to an individual or organization.
 severely impacts business
processes.

• Infamous ransomware attacks
 WannaCry malware/ransomware – 2017
 Petya Ransomware – 2016
 Ryuk ransomware – 2018 etc.