There’s a good chance that cybercriminals will not hack your business. Maybe not this weekend, but quite likely on Monday morning.
I say so because it is a fact that West African Banks are under-protected.
According to Dataprotect, more than 85% of financial institutions in West Africa reported that they have already fallen victim to at least one cyberattack resulting in losses, and some faced recurrent attacks.
And this is just the financial industry. In this post, we’ll not talk about cyber blackmail in Cameroon. We’ll see the top ten types of cyber attacks that companies in Cameroon may fall victim to.
Top 10 Cyber Attacks That May Cause Your Business To Suffer Losses
The estimated losses of the banks reporting financial information concerning cyber attacks amount on average to €770,000 over the past few years.~ Dataprotect.
1. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
It’s not a good experience. See five infamous DDoS attacks in history.
Depending on your business goals, your security partner will help you avoid these kinds of attacks by deploying either a proactive or reactive DDoS solution. Which one they choose will depend on your business goals.
2. Man-in-the-middle (MitM) attack
A MitM attack occurs when a hacker inserts itself between the communications of a client and a server.
Here are some common types of man-in-the-middle attacks: session hijacking, IP Spoofing, and Replay.
You’ll want a capable security partner because detecting a Man-in-the-middle attack can be difficult. In fact, if you aren’t actively searching to determine if your communications have been intercepted, a Man-in-the-middle attack can potentially go unnoticed until it’s too late.
3. Phishing and spear phishing attacks
Examples of these kinds of cyber attacks leave you wondering if anyone is safe.
Security firm RSA was targeted in a successful spear phishing attempt in early 2011. Two groups within the company were sent spear phishing emails simply titled “2011 Recruitment Plan.” Although the emails were marked as junk mail, one employee opened an email attachment that ultimately led to a form of malware being installed on the computer. The malware gave the attacker remote access and the ability to steal sensitive data.
In 2015, scammers used the trusted guise of the Electronic Frontier Foundation (EFF) to direct victims to a fake site (Electronicfrontierfoundation.org). The scammers used it to distribute keyloggers and other malware. Luckily, the EFF has taken control of the domain.
One simple way your security partner can start helping today is by running a test to see how “phish-prone” your organization is.
4. Drive-by attack
Unlike many other types of cyber security attacks, a drive-by doesn’t rely on a user to do anything to actively enable the attack — you don’t have to click a download button or open a malicious email attachment to become infected.
A drive-by download can take advantage of an app, operating system or web browser that contains security flaws due to unsuccessful updates or lack of updates.
5. Password attack
Because passwords are the most commonly used mechanism to authenticate users to an information system, obtaining passwords is a common and effective attack approach.
Access to a personnel’s password can be obtained by looking around his/her desk, ‘‘sniffing’’ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing.
While you can protect your business from brute-force and dictionary attacks by implementing an account lockout policy, there is more a security partner will help you accomplish.
6. SQL injection attack
Over the years, SQL injection has become a common issue with database-driven websites.
It occurs when a malefactor executes a SQL query to the database via the input data from the client to server. SQL commands are inserted into data-plane input (for example, instead of the login or password) in order to run predefined SQL commands. A successful SQL injection exploit can read sensitive data from the database, modify (insert, update or delete) database data, execute administration operations (such as shutdown) on the database, recover the content of a given file, and, in some cases, issue commands to the operating system.
One way your security partner will help prevent such attacks is by applying least0privilege model of permissions in your databases.
7. Cross-site scripting (XSS) attack
Here is a simple narration.
Attacker uses third-party web resources to run scripts into victim’s web browser or scriptable application.
When the victim requests a page from the website, the website transmits the page, with the attacker’s payload as part of the HTML body, to the victim’s browser, which executes the malicious script.
For example, it might send the victim’s cookie to the attacker’s server, and the attacker can extract it and use it for session hijacking.
The most dangerous consequences occur when XSS is used to exploit additional vulnerabilities. These vulnerabilities can enable an attacker to not only steal cookies, but also log keystrokes, capture screenshots, discover and collect network information, and remotely access and control the victim’s machine.
To prevent this, your security partner starts by sanitizing data input by users in an HTTP request before reflecting it back. They’ll make sure all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches. They’ll convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents and give users the option to disable client-side scripts.
8. Eavesdropping attack
Eavesdropping attacks occur through the interception of network traffic.
By eavesdropping, an attacker can obtain passwords, credit card numbers and other confidential information that a user might be sending over the network. Eavesdropping can be passive or active:
- Passive eavesdropping — A hacker detects the information by listening to the message transmission in the network.
- Active eavesdropping — A hacker actively grabs the information by disguising himself as a friendly unit and by sending queries to transmitters. This is called probing, scanning or tampering.
Detecting passive eavesdropping attacks is often more important than spotting active ones, since active attacks require the attacker to gain knowledge of the friendly units by conducting passive eavesdropping before.
Data encryption is the best countermeasure for eavesdropping.
9. Birthday attack
Simply put, a birthday attack refers to the probability of finding two random messages that generate the same message digest (MD) when processed by a hash function.
That’s to say. If an attacker calculates the same MD for his message as the user has, he can safely replace the user’s message with his, and the receiver will not be able to detect the replacement even if he compares MDs.
10. Malware attack
Malicious software can be described as unwanted software that is installed in your system without your consent. It can attach itself to legitimate code and propagate; it can lurk in useful applications or replicate itself across the Internet. Here are some of the most common types of malware:
- Macro viruses
- File infectors
- System or boot-record infectors
- Polymorphic viruses
- Stealth viruses
- Logic bombs
Securing your business in Cameroon from Cyber Attacks
Mounting a good defense requires understanding the offense. This article has reviewed the 10 most common cyber-security attacks that hackers use to disrupt and compromise information systems.
As you can see, attackers have many options, such as DDoS assaults, malware infection, man-in-the-middle interception, and brute-force password guessing, to try to gain unauthorized access to critical infrastructures and sensitive data.
Measures to mitigate these threats vary, but security basics stay the same: Keep your systems and anti-virus databases up to date, train your employees, configure your firewall to whitelist only the specific ports and hosts you need, keep your passwords strong, use a least-privilege model in your IT environment, make regular backups, and continuously audit your IT systems for suspicious activity.
Request a free IT Security consultation. Get a no-obligation quote within 8 business hours.