Five main types of Cyber Attacks

How  they  can  affect  your  business

Cyber attacks come in many different forms, and the type of attack on any particular company depends on the type of information the intruder is looking for.

As an Insurance Broker who has been advising businesses on these risks for many years, I have found interest in cyber insurance coverage is at an all-time high.

Those who previously thought it to over the top, expensive and not a necessity, are taking a much closer look at these exposures. The fact is, more businesses are seeing it an important part of their Management of these risks.  The potential interruption and income loss they could suffer in the future. Because unfortunately there is actually no 100% effective protection provided by Cyber Security.

Cyber attacks affect all industries, but the type of attack deployed depends on the industry to which the company being targeted belongs. In 2015, the health care, financial services, retail and education sectors were those that saw the greatest number of cyber incidents.

Cyber attacks come in many different forms, and the type of attack on any particular company depends on the type of information the intruder is looking for. Here are the five major types of attacks to which your organisation could be vulnerable:

1. Phishing attacks

Phishing is perhaps the most commonly reported type of cyber attack. Trying to keep up with the methods used for some phishing attacks is proving to be very difficult.

There are various types of phishing attacks and the type that is used usually depends on the industry. Hackers send out hundreds of thousands of emails [with an attachment or link] hoping that someone will click on them. That is the way the hacker hopes to gain access to your system. Once you open it, you’re giving them access to your computer system and the information in it.

2. Malware, spyware, ransomware
Each of these types of attack has its own objectives. Any one of those is an attack on your software, your systems, your theft prevention software. Gaining access through any one of the malware type of attacks. 

Basically it is a malicious software with the intent to gain unauthorized access and that could include viruses, spyware, and more recently, we’ve see ransomware where they’ll lock down your system and essentially say 'we have your data, if you want it back you’re going to pay a ransom and we’ll let you gain access back to your information”. One of the most utilised systems is Crypto Locker.

What looks like a legitimate email, but you click on the link or attachment which can allow them immediate access to your system. It’s as simple as that.

As for spyware, hackers introduce a software into your system that looks for the simplest form to track keystrokes to get passwords or electronically spy on your network, whether to gain access to confidential information or spying in order to gain access to unidentifiable information. Those so called “Microsoft” technicians that call randomly are expert in introducing these.

A "worm" is similar to a virus but it spreads differently. In order to affect your files, a worm eats into your system and runs on its own. If a worm is introduced into your system, it could replicate by resending itself from your system to everyone in your contacts list; so one person lets it in and then it just compounds itself; depending on how it's written, it could get back to every contact on your list.

3. Distributed Denial of Service attack (DDoS)

This happens when a server is overloaded with connections, with a goal of ultimately shutting down your website or network system. Hackers are overloading your system, hoping it will shut down your network and you will not be able to operate your business.

4. Brute force attack

A very sophisticated software or algorithm which is written to do whatever it can to attack your system by searching for vulnerabilities and in many cases, attacks a password-protection mechanism.

The brute force attack will use a specially designed software to go through hundreds of thousands of different words, combinations of words and numbers to try to crack your password. They will even go through every word in the dictionary to see if they can access something like a password.

5. Social engineering/cyber fraud

In this case they are not attacking your system, they’re attacking individuals, and the obedient staff who have the authority to electronically transfer funds. This type of attack doesn’t target your data, but instead your money and once it’s transferred it’s quite likely that you will not be able to retrieve that money back..

I have seen a very good friend who is a CEO in a Risk Management company have his Accounts Department caught up in a scam. He was away on business but his Financial Controller received an email, that was from the CEO’s own address asking requesting that funds be EFT’s urgently to a particular person along with the Bank details to use. The email genuinely looked like it was from the CEO, so he did what he was told. Upon the return of the CEO, he confirmed he had done what had asked. When the CEO advised he had sent no such email, it was a quick call to the Bank to stop the transaction being finalised.

 

Latest News

Finalists again in 2020

CPR Insurance Services was very pleased to be nominated again for this year's Insurance Business Magazine awards. Unfortunately the Awards night has been postponed until later due to COVID19, we very much appreciate the accolades this brings us. We have been nominated three years in a row now and won the the award the past two years. It was always going to be very hard to win three in a row.

read more

CPR Insurance Services Awarded Authorised Representative Insurance Business of the Year for 2019

Mandy and Robert Cooper were proud to receive the inaugural Authorised Representative Business of the Year from ANZIIF in the Australian Insurance Industry Awards for 2019.

We share this award with all our staff, Lauren, Guy and Sarah and thank them for their dedication in providing the best possible customer service. We also thank our clients who have made our business what it is today. We thank you all so much.

read more