What Is a Cyberattack?

There’s one word that goes hand-in-hand with “cyberattack”: malicious.

According to IBM, a cyberattack is “a malicious attempt to steal, expose, disable, or destroy information through unauthorized access to computer systems.” Similarly, Checkpoint states, “a cyberattack can maliciously disable computers, steal data, or use a breached computer as a launchpad for other attacks.”

A cyberattack is a blanket term that covers the many devious actions threat actors use to compromise IT systems. These nefarious tactics range from stealing and damaging hardware to deploying malware, stealing passwords, and intercepting conversations.

Whereas a cyberattack is a wide range of malicious actions targeting computers, networks, data, and personal information, a computer virus is a specific type of cyberattack.

Computer viruses are a type of malware that infects a system—they get their name because they act similarly to how viruses infect the human body. Once computer viruses attach themselves to a file, they can replicate themselves until the whole system is infected.

1. Malware

Malware is a malicious software program intentionally engineered to harm your computer, network, website, server, database, etc. Typically, technology users accidentally install malware by clicking on bad links or attachments and downloading fraudulent applications.

Malware includes viruses, worms, ransomware, adware, trojans, spyware, and keyloggers. Click here to learn more about malware.

2. Zero-Day Exploits

Hackers regularly uncover security vulnerabilities in software—these vulnerabilities are one of the main reasons why your software and operating system require ongoing patches and updates. Once a hacker discovers a way in, they can weasel through your network to install malware and gather as much sensitive data as possible.

3. Phishing

With a phishing attack, hackers convince you to hand over sensitive information or trick you into downloading and installing malware by posing as a legitimate source or company.

Email is one of the easiest targets for phishers because they can easily manipulate the content to look legitimate—for example, changing the email “sender” to look like it’s coming from a company executive and asking for password or credit card information.

4. Man In the Middle (MITM) Attack

Think of a MITM attack like someone eavesdropping on a conversation—threat actors hack their way into your network, then lurk and intercept messages. Using this method, they can steal information such as login credentials, account information, and credit card numbers. Due to their secretive nature, MITM attacks can be challenging to detect. Advanced cybersecurity solutions, like endpoint detection and response (EDR), can help detect cyberattacks and quarantine affected devices before your entire IT ecosystem is infected.

5. Distributed Denial of Service (DDOS)

With a distributed denial of service (DDOS) attack, the attackers overwhelm systems or networks by directing a high volume of unwanted traffic at them. The goal of the DDOS attack is to paralyze the target by exhausting its available bandwidth and network resources.

6. Password

With password attacks, threat actors find a password left lying around, for example, a post-it note left under a keyboard. Keep in mind that a hacker doesn’t need to be some mysterious lurker in a basement somewhere—a hacker can easily be an employee or anyone with physical equipment access. Once a hacker has your password, they can easily install malware or steal sensitive information, especially if you haven’t employed multifactor authentication (MFA). The scenario gets even scarier if you’ve reused your password for multiple accounts.

1. Smishing and Mobile Device Attacks

These types of cyberattacks specifically target mobile device users with text-based phishing communications. In this case, hackers send deceiving texts that look like links to receipts, shipping notices, billing alerts, etc.—instead, these texts actually contain links aimed at sealing your personal information. Since links in texts are usually condensed and hard to decipher, it’s easier to trick unsuspecting victims.

2. 5G Hardware and Device

Before purchasing new equipment, it’s a good idea to research the device’s reputation and security. New technology provides new opportunities for hackers with zero-day threats. A brand new piece of 5G hardware can be exciting, but be sure to install any recommended firmware and software updates before you use it.

3. One-Time Password (OTP) Bypass

Threat actors can use MFA tokens to sneak their way through password verification—they rely on tactics like MFA fatigue, reusing recent tokens, gaining access through an unused token, uncovering a leaked token, or using a phishing email to trick you into resetting your password and handing over the OTP token. Learn more about MFA fatigue cyberattacks.

There’s nothing easy when it comes to cybersecurity, but as your technology partner, we can help make cybersecurity easier for your business.

Contact us today to schedule a cybersecurity assessment or to learn more about the cybersecurity solutions High Touch can provide to help protect your business from cyberattacks.