A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Cyber attacks aim to disable, disrupt, destroy or control computer systems or to alter, block, delete, manipulate or steal the data held within these systems.
Any individual or group can launch a cyber attack from anywhere by using one or more various attack strategies.
People who carry out cyber attacks are generally regarded as cybercriminals. Often referred to as bad actors, threat actors and hackers, they include individuals who act alone, drawing on their computer skills to design and execute malicious attacks. They can also belong to a criminal syndicate, working with other threat actors to find weaknesses or problems in the computer systems — called vulnerabilities — that they can exploit for criminal gain.
Government-sponsored groups of computer experts also launch cyber attacks. They’re identified as nation-state attackers, and they have been accused of attacking the information technology (IT) infrastructure of other governments, as well as nongovernment entities, such as businesses, nonprofits and utilities.
Cyber attacks are designed to cause damage. They can have various objectives, including the following:
Financial gain. Cybercriminals launch most cyber attacks, especially those against commercial entities, for financial gain. These attacks often aim to steal sensitive data, such as customer credit card numbers or employee personal information, which the cybercriminals then use to access money or goods using the victims’ identities.
This article is part of
Download this entire guide for FREE now!
Other financially motivated attacks are designed to disable computer systems, with cybercriminals locking computers so owners and authorized users cannot access the applications or data they need; attackers then demand that the targeted organizations pay them ransoms to unlock the computer systems.
Still, other attacks aim to gain valuable corporate data, such as propriety information; these types of cyber attacks are a modern, computerized form of corporate espionage.
Disruption and revenge. Bad actors also launch attacks specifically to sow chaos, confusion, discontent, frustration or mistrust. They could be taking such action as a way to get revenge for acts taken against them. They could be aiming to publicly embarrass the attacked entities or to damage the organizations’ reputations. These attacks are often directed at government entities but can also hit commercial entities or nonprofit organizations.
Nation-state attackers are behind some of these types of attacks. Others, called hacktivists, might launch these types of attacks as a form of protest against the targeted entity; a secretive decentralized group of internationalist activists known as Anonymous is the most well known of such groups.
Insider threats are attacks that come from employees with malicious intent.
Cyberwarfare. Governments around the world are also involved in cyber attacks, with many national governments acknowledging or suspected of designing and executing attacks against other countries as part of ongoing political, economic and social disputes. These types of attacks are classified as cyberwarfare.
Threat actors use various techniques to launch cyber attacks, depending in large part on whether they’re attacking a targeted or an untargeted entity.
In an untargeted attack, where the bad actors are trying to break into as many devices or systems as possible, they generally look for vulnerabilities in software code that will enable them to gain access without being detected or blocked. Or, they might employ a phishing attack, emailing large numbers of people with socially engineered messages crafted to entice recipients to click a link that will download malicious code.
In a targeted attack, the threat actors are going after a specific organization, and the methods used vary depending on the attack’s objectives. The hacktivist group Anonymous, for example, was suspected in a 2020 distributed denial-of-service (DDoS) attack on the Minneapolis Police Department website after a Black man died while being arrested by Minneapolis officers. Hackers also use spear-phishing campaigns in a targeted attack, crafting emails to specific individuals who, if they click included links, would download malicious software designed to subvert the organization’s technology or the sensitive data it holds.
Cyber criminals often create the software tools to use in their attacks, and they frequently share those on the so-called dark web.
Cyber attacks often happen in stages, starting with hackers surveying or scanning for vulnerabilities or access points, initiating the initial compromise and then executing the full attack — whether it’s stealing valuable data, disabling the computer systems or both.
In fact, most organizations take months to identify an attack underway and then contain it. According to the “2022 Cost of a Data Breach” report from IBM, organizations with fully deployed artificial intelligence and automation security tools took an average of 181 days to identify a data breach and another 68 days to contain it, for a total of 249 days. Organizations with partially deployed AI and automation took a total of 299 days to identify and contain a breach, while those without AI and automation took an average of 235 days to identify a breach and another 88 days to contain it, for a total of 323 days.
Cyber attacks most commonly involve the following:
There is no guaranteed way for any organization to prevent a cyber attack, but there are numerous cybersecurity best practices that organizations can follow to reduce the risk.
Reducing the risk of a cyber attack relies on using a combination of skilled security professionals, processes and technology.
Reducing risk also involves three broad categories of defensive action:
Best practices include the following:
Cyber attacks have continued to increase in sophistication and have had significant impacts beyond just the companies involved.
For example, JBS S.A., an international meat-processing company, suffered a successful ransomware attack on May 30, 2021. The attack shut down facilities in the United States as well as Australia and Canada, forcing the company to pay an $11 million ransom.
That came just weeks after another impactful cyberattack. Hackers hit Colonial Pipeline in May 2021 with a ransomware attack. The attack shut down the largest fuel pipeline in the United States, leading to fuel shortages along the East Coast.
Several months before that, the massive SolarWinds attack breached U.S. federal agencies, infrastructure and private corporations in what is believed to be among the worst cyberespionage attacks inflicted on the U.S. On Dec. 13, 2020, Austin-based IT management software company SolarWinds was hit by a supply chain attack that compromised updates for its Orion software platform. As part of this attack, threat actors inserted their own malware, now known as Sunburst or Solorigate, into the updates, which were distributed to many SolarWinds customers.
The first confirmed victim of this backdoor was cybersecurity firm FireEye, which disclosed on Dec. 8 that it was breached by suspected nation-state hackers. It was soon revealed that SolarWinds attacks affected other organizations, including tech giants Microsoft and VMware, as well as many U.S. government agencies. Investigations showed that the hackers — believed to be sponsored by the Russian government — had been infiltrating targeted systems undetected since March 2020.
Here is a rundown of some of the most notorious breaches, dating back to 2009:
The volume, cost and impact of cyber attacks continue to grow each year, according to multiple reports.
Consider the figures from one 2022 report. The “Cybersecurity Solutions for a Riskier World” report from ThoughtLab noted that the number of material breaches suffered by surveyed organizations jumped 20.5% from 2020 to 2021. Yet, despite executives and board members paying more attention — and spending more — on cybersecurity than ever before, 29% of CEOs and CISOs and 40% of chief security officers said their organization is unprepared for the ever-evolving threat landscape.
The report further notes that security experts expect the volume of attacks to continue their climb.
The types of cyber attacks, as well as their sophistication, also grew during the first two decades of the 21st century — particularly during the COVID pandemic when, starting in early 2020, organizations enabled remote work en masse and exposed a host of potential attack vectors in the process.
Consider, for example, the growing number and type of attack vectors — that is, the method or pathway that malicious code uses to infect systems — over the years.
The first virus was invented in 1986, although it wasn’t intended to corrupt data in the infected systems. Cornell University graduate student Robert Tappan Morris created the first worm distributed through the internet, called the Morris worm, in 1988.
Then came Trojan horse, ransomware and DDoS attacks, which became more destructive and notorious with names such as WannaCry, Petya and NotPetya — all ransomware attack vectors.
The 2010s then saw the emergence of cryptomining malware — also called cryptocurrency mining malware or cryptojacking — where hackers use malware to illegally take over a computer’s processing power to use it to solve complex mathematical problems to earn cryptocurrency, a process called mining. Cryptomining malware dramatically slows down computers and disrupts their normal operations.
Hackers also adopted more sophisticated technologies throughout the first decades of the 21st century, using machine learning and artificial intelligence, as well as bots and other robotic tools, to increase the velocity and volume of their attacks.
And they developed more sophisticated phishing and spear-phishing campaigns, even as they continued to go after unpatched vulnerabilities; compromised credentials, including passwords; and misconfigurations to gain unauthorized access to computer systems.
Arista’s new switches provide more options for enterprises and higher speeds for bandwidth-hungry hyperscalers. The latest …
Telecom operators have committed to sustainability plans to reduce carbon emissions and energy use. But they also face challenges…
Nmap might be more common for security tasks, but it’s also useful for network documentation and inventory. Follow these best …
Research shows organizations are still struggling to bring in IT talent. We identify the reasons why there’s a shortage and what …
The threat of a recession coupled with the ongoing need for transformation and growth means CIOs must make force multiplying …
The U.S. Senate, federal agencies and state governments have banned TikTok from government devices due to concerns about data …
Modern enterprise organizations have numerous options to choose from on the endpoint market. Learn about some of the main …
Monitoring files on Windows systems is critical to detect suspicious activities, but there are so many files and folders to keep …
While Microsoft Loop is not yet generally available, Microsoft has released details about how Loop can connect users and projects…
It is challenging to find the right balance between performance, availability and cost. Learn how to enable and apply AWS Compute…
Among other benefits, a hybrid cloud data warehouse can offer enhanced flexibility and scalability, as well as on-demand access …
The wrong instance type can affect workload performance and even increase costs. This year at re:Invent, AWS released new EC2 …
Composability offers a ‘philosophical mindset shift’ to ensure that technology does not dictate your business
We’ve all seen laptops adorned with security stickers and in-jokes, but how did this cyber community trend get started, what does…
Against a backdrop of rising energy costs and supply uncertainty, cutting the amount of power their ICT estate consumes can also …
All Rights Reserved, Copyright 2000 – 2022, TechTarget
Do Not Sell or Share My Personal Information