Cyberattack Techniques in the Modern World

A cyberattack is an assault launched targetting computer systems and networks. In the modern world, there are a variety of techniques and attack types used by hackers to achieve their objectives. 

Malware 

Malware is a malicious piece of software that is specifically designed to collect information or to damage a computer system by gaining unauthorized access. Examples of modern malware include WannaCry and HenBox. Wannacry is a ransomware attack that infected around 250,000 windows computers worldwide in 2017. The damage caused by Wannacry is estimated at around US$5 Billion. HenBox typically appears as a legitimate Android system and VPN apps, and sometimes embeds legitimate apps. The main goal of the HenBox apps is to spy on those who install them.

 There are several types of malware which include,

1. Viruses:  This is a special type of malware that is self-replicating. First, it needs to be executed by a user or a process  to infect the host system
   
2. Worms: Unlike viruses, worms do not need to be executed by a user or a process to infect the host system. Worms usually target the computer networks spreading rapidly through replication. 
3. Trojan horses: Malware that is disguised as a harmless program, but actually gives
   attackers elevated proviledge and full control of an endpoint when installed. Unlike other types of malware types, trojan horses are not self-replicating 
4. Ransomware: Malware that locks a computer or device or encrypts data  on an infected endpoint with an encryption key that only the attacker knows, thereby making the data unusable until the victim pays a ransom 
5. Back doors: This type of malware allows an attacker to bypass authentication to gain unauthorized access to a compromised system 
6. Logic bombs: Logic bombs are a special type of malware that is triggered when a specific condition is met (Like a special date) 
7. Rootkits: This type of malware allows the attackers to get root-level access to a computer. Usually, rootkits are installed to BIOS of a computer. This prevents operating system level security tools from detecting them.  

Spamming and phishing  

Spam and phishing emails are the most common methods of delivering malware. The volume of

spam email as a percentage of total global email traffic fluctuates widely typically from 45 to 75 percent. In contrast to spam phishing attacks, are becoming more sophisticated and difficult to identify.

Spear phishing is a targeted phishing campaign that appears more credible to its victims by

gathering specific information about the target, and thus has a higher probability of success.

Bots and botnets

Bots are individual endpoints that are infected with advanced malware that enables an attacker to take control of the compromised endpoint. A botnet is a network of bots working together under the control of attackers. In a botnet, advanced malware works together toward a common objective, with each bot growing the power and destructiveness of the overall botnet. The botnet can evolve to pursue new goals or adapt as different security countermeasures are deployed. Botnets themselves are dubious sources of income for cybercriminals. Botnets are created by cybercriminals to harvest computing resources. Control of botnets can then be sold or rented out to other cybercriminals.

REFERENCES

https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/
https://www.checkpoint.com/cyber-hub/cyber-security/what-is-cyber-attack/