Common Types of Cyberattacks (Part I)
In this article, we will talk about the most common types of cyberattacks.
We call cyberattack any offensive maneuver employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices. These attacks try to hack into a system using one or several digital acts, usually from an anonymous source, to steal, alter, or destroy a specified target.Among the common types of cyber attacks we find the following:
Malware
Malware is any software that intentionally performs malicious actions in a system without the user's knowledge. Viruses, worms, and trojan horses are different kinds of malware.
Virus
A computer virus is a small script of code that, when executed, replicates itself by modifying other computer programs called hosts and inserting its code to alter how a computer operates. Of course, since this is a type of malware, it is all done without the permission or knowledge of the user.
Worm
A computer worm is a standalone malware program that replicates itself to spread to other computers. This differs from a virus because the virus needs a host program, but the worm does not. A worm often uses a computer network to spread itself, relying on security failures on the target computer to access it. Once there, it will try to scan and infect other computers.
Trojan Horse
A Trojan Horse Virus is malware that downloads onto a computer disguised as a legitimate program. It typically gets hidden as an email or free-to-download file attachment and then transfers onto the user’s device. Once downloaded, the malicious code will execute the task the attacker designed it for, such as spying on users’ online activity or stealing sensitive data.
Kartos helps you protect your organization by locating its vulnerabilities
Kartos Corporate Threat Watchbots is the monitoring platform developed by Enthec for the protection of organizations. Using its army of bots, Kartos crawls all three layers of the web, locating exposed vulnerabilities and open gaps in the organization that can be used to execute any of the common types of cyberattacks we just saw. Thanks to kartos, organizations can proactively defend themselves against these threats, preventing them from materializing. Contact us for more information on how Kartos can help you protect your organization.
Do you know how to protect your user privacy?
The tendency of users when using technologies is not to worry about the use of their private information.
Acquiring private information can be dangerous if that data is not protected. Such vulnerable data can be stolen by cybercriminals and published through leaks on the deep web
When using internet services, they commonly use tracking methods in which information is actively or passively collected from the user. This information is trusted not to be used by a third party, exposing threats to your privacy.
Tracking Techniques
Some tracking techniques used to profile habits, tastes, and other user details are explained below.
- Cookies: Text files that store information sent by the web service in the user’s browser.
- Privacy policies: When the online service stores and manages confidential data, it must indicate to the user how this information will be used.
- HTML5 elements: Storage mechanism, also known as “Client-Site-storage,” with more storage capacity than cookies.
- IP address and geolocation: When a user browses the Internet, the service provider automatically assigns the user an IP address. An online service can use this IP address to identify the user's city of residence.
- Social Networks: All social networks, such as Twitter, Facebook, or Instagram, collect information from users and share it with third parties.
- Google services: Google has several services that monitor and record each user's activity.
Tools to protect yourself
The following are some of the most commonly used online tools and services to prevent personal information filtering.
Search Engines
There are alternative search engines where there is no vulnerability to privacy when it comes to making queries and doing so confidentially and anonymously:
- Ixquick: A search engine that does not record IP addresses, does not correlate with visitors and search criteria, and does not use tracking cookies.
- Startpage: Search engine based on Ixquick with the characteristic that it can function as a proxy server between the user and the Google search engine. The results will be the same as those returned by Google but without collecting information about the user who performs the searches.
- DuckDuckgo does not record the user’s personal information or search criteria, nor does it allow the sending of information about the user or their search criteria. It also does not allow sending information about the user to the sites he/she visits.
Privacy settings in browsers
- Firefox: The privacy settings section called “Tracking” contains the alternative to indicate options to prevent tracking.
- Opera: Configuration options that allow the management of cookies, SSL certificates, and passwords can be applied.
- Chromium: In the same way as Opera and Firefox, managing various cookie management privacy details is possible.
- VPN: VPN is a technology that allows private connections between two points using a public network such as the Internet. The benefit of VPNs is to hide the user’s IP and to be able to access Internet sites that are blocked in the country from which the request is made. The VPN service routes the request to the website using an IP address belonging to a different country.
Anonymous Proxy Servers
A proxy server is a middleware solution, which works by routing requests and responses transparently between the two. It allows the possibility of hiding the client’s IP address, as the destination will only see the proxy's IP address.
There are several lists of anonymous proxy servers that allow IP hiding data.
Other solutions
There are other exciting techniques and tools to protect against tracking that are interesting and could be explored in more detail:
- HTTPS Everywhere extension: Extension developed by the Tor Project and EFF team, with the primary objective of capturing requests made with the HTTP protocol against a list of sites and overwriting requests so that they use HTTPS.
- Web browser plug-ins: Extensions that allow you to easily clean information stored in the browser, such as Click and Clean.
- Privacy Bagder: Add-on developed by EFF that allows you to block trackers such as Ghostery but also will enable you to block “Ads”.
Qondar helps you protect your personal information
Qondar Personal Threat Watchbots is the cyber surveillance platform developed by Enthec for the protection of people's information and digital assets. Thanks to its continuous and automated monitoring capabilities, Qondar crawls the Internet, the Depp Web and the Dark Web and locates leaked and exposed personal information, issuing alerts about the findings in real time. Contact us to find out how Qondar can help you protect your privacy online
Enthec in Leanfinance
Enthec in Leanfinance
https://leanfinance.es/enthec-caso-exito-sector-ciberseguridad/
Enthec participates in FEINDEF, the International Defence and Security Exhibition
Madrid, 17th, 18th and 19th May 2023:
Enthec participates in FEINDEF, the International Defence and Security Fair, a reference forum for the defence and security sector in Spain, invited by INCIBE in the Innova for Def&Sec Space.
