Cybersecurity For Dummies. Joseph Steinberg. Читать онлайн. Newlib. NEWLIB.NET

Автор: Joseph Steinberg
Издательство: John Wiley & Sons Limited
Серия:
Жанр произведения: Зарубежная компьютерная литература
Год издания: 0
isbn: 9781119867203
Скачать книгу
such as the loss of customers who no longer trust a small business after the latter suffers a security breach.

       Professional risks: Risks to one’s professional career that stem from breaches. Obviously, cybersecurity professionals are at risk for career damage if a breach occurs under their watch and is determined to have happened due to negligence, but other types of professionals can suffer career harm due to a breach as well. C-level executives can be fired, board members can be sued, and so on. Professional damage can also occur if hackers release private communications or data that shows someone in a bad light — for example, records that a person was disciplined for some inappropriate action, sent an email containing objectionable material, and so on.

       Business risks: Risks to a business similar to the professional risks to an individual. Internal documents leaked after breach of Sony Pictures painted various the firm in a negative light vis-à-vis some of its compensation practices.

       Personal risks: Many people store private information on their electronic devices, from explicit photos to records of participation in activities that may not be deemed respectable by members of their respective social circles. Such data can sometimes cause significant harm to personal relationships if it leaks. Likewise, stolen personal data can help criminals steal people’s identities, which can result in all sorts of personal problems.

       Physical danger risks: Cyberattacks on sewage treatment plants, utilities, and hospitals in recent years have shown clearly that the failure to maintain cybersecurity can lead to the endangering of human lives. For example, in 2020, a woman in Germany died while being transported between hospitals after the hospital at which she had been a patient was struck by ransomware. And in 2021, a lawsuit was filed arguing that a baby died as a result of medical mistakes made as she was born at a hospital in Alabama during system outages caused by a ransomware attack.

      Getting to Know Common Cyberattacks

      IN THIS CHAPTER

      

Exploring attacks that can inflict damage

      

Discovering the difference between impersonation, data interception, and data theft

      

Looking at the various types of malware, poisoning, and malvertising

      

Finding out about advanced forms of cyberattacks

      Many different types of cyberattacks exist — so many that I could write an entire series of books about them and add many new chapters every year. In this book, however, I do not cover all types of threats in detail because the reality is, you’re likely reading this book to learn about how to keep yourself cybersecure, not to learn about matters that have no impact on you, such as forms of attacks that are normally directed at espionage agencies, industrial equipment, or military armaments.

      In this chapter, you find out about the different types of problems that cyberattackers can create through the use of attacks that commonly impact individuals and small businesses.

      Attackers launch some forms of cyberattacks with the intent to inflict damage to victims. The threat posed by such attacks is not that a criminal will directly steal your money or data, but that the attackers will inflict harm to you in some other specific manner — a manner that may ultimately translate into financial, military, political, physical, or other benefit to the attacker and (potentially) damage of some sort to the victim.

      Types of attacks that inflict damage include

       Denial-of-service (DoS) attacks

       Distributed denial-of-service (DDoS) attacks

       Botnets and zombies

       Data destruction attacks

      Denial-of-service (DoS) attacks

      A denial-of-service (DoS) attack is one in which an attacker intentionally attempts to either partially cripple or totally paralyze a computer or computer network by flooding it with large amounts of requests or data, which overload the target and make it incapable of responding properly to legitimate requests.

      In many cases, the requests sent by the attacker are each, on their own, legitimate — for example, a normal request to load a web page. In other cases, the requests aren’t normal requests. Instead, they leverage knowledge of various protocols to send requests that optimize, or even magnify, the effect of the attack.

      In any case, denial-of-service attacks work by overwhelming computer systems’ central processing units (CPUs) and/or memory, utilizing all the available network communications bandwidth, and/or exhausting networking infrastructure resources such as routers.

      Distributed denial-of-service (DDoS) attacks

      FIGURE 2-1: A DDoS attack.

      Sometimes the goal is financial: Imagine, for example, the damage that may result to an online retailer’s business if an unscrupulous competitor knocked the former’s site offline during Black Friday weekend. Imagine a crook who shorts the stock of a major retailer of toys right before launching a DDoS attack against the retailer two weeks before Christmas.

      DDoS attacks remain a serious and growing threat. Criminal enterprises even offer DDoS for hire services, which are advertised on the dark web as offering, for a fee, to “take your competitor’s websites offline in a cost-effective manner.”

      In fact, according to a 2017 study by Kaspersky Lab and B2B International, almost half of companies worldwide that experienced a DDoS attack suspect that their competitors may have been involved.

      DDoS attacks can impact individuals in three significant ways:

       A DDoS attack on a local network can significantly slow down all Internet access from that network. Sometimes these attacks make connectivity so slow that connections to sites fail due to session timeout settings, meaning that the systems terminate the connections after seeing requests take longer to elicit responses than some maximum permissible