Cyber attacks aim to disable, disrupt, destroy or control computer systems or to alter, block, delete, manipulate or steal the data held within these systems.
They're identified as nation-state attackers, and they've been accused of attacking the IT infrastructure of other governments, as well as nongovernment entities, such as businesses, nonprofits and utilities.
Nation-state attackers are behind some of these types of attacks.
Governments around the world are also involved in cyber attacks, with many national governments acknowledging or being suspected of designing and executing attacks against other countries as part of ongoing political, economic or social disputes.
Threat actors use various techniques to launch cyber attacks, depending in large part on whether they're attacking a targeted or an untargeted entity.
In a targeted attack, the threat actors are going after a specific organization and the methods used vary depending on the attack's objectives.
Cyber attacks often happen in stages, starting with hackers surveying or scanning for vulnerabilities or access points, initiating the initial compromise and then executing the full attack - whether it's stealing valuable data, disabling the computer systems or both.
Depending on the actual attack details, this type of attack can be more specifically classified as a man-in-the-browser attack, monster-in-the-middle attack or a machine-in-the-middle attack.
DDoS attacks are similar to DoS attacks in that they flood a target's system with large volumes of false data requests at one time.
The difference between DoS and DDoS attacks is that DDoS attacks use multiple sources to generate false traffic, whereas DoS attacks use a single source.
There's no guaranteed way for any organization to prevent a cyber attack, but there are several cybersecurity best practices they can follow to reduce the risk.
Preventing attempted attacks from actually entering the organization's IT systems.
Implementing perimeter defenses, such as firewalls, to help block attack attempts and access to known malicious domains.
Using software to protect against malware, namely antivirus software, thereby adding another layer of protection against cyber attacks.
Several months before that, the massive SolarWinds attack breached U.S. federal agencies, infrastructure and private corporations in what is believed to be among the worst cyberespionage attacks inflicted on the U.S. On Dec. 13, 2020, Austin-based IT management software company SolarWinds was hit by a supply chain attack that compromised updates for its Orion software platform.
These cyber attacks are sometimes paired with physical attacks, while at other times, they're aimed at peering inside Ukrainian servers for information gathering.
The Petya attacks in 2016, which were followed by the NotPetya attacks of 2017, hit targets around the world, causing more than $10 billion in damage.
The types of cyber attacks, as well as their sophistication, also grew during the first two decades of the 21st century - particularly during the COVID pandemic when, starting in early 2020, organizations enabled remote work en masse and exposed a host of potential attack vectors in the process.
Then came Trojan horse, ransomware and DDoS attacks, which became more destructive and notorious with names such as WannaCry, Petya and NotPetya - all ransomware attack vectors.
Attackers have been finding ransomware techniques that yield better results for the attackers.
This Cyber News was published on www.techtarget.com. Publication date: Tue, 12 Dec 2023 22:43:05 +0000