Connect with us

Education

Why Cyber Attacks in the News? What’s Cyber Attack Trends and prevention?

Published

on

A cyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.

Depending on the criminal intent, a cyber attack can be random or targeted. Cyber attack methods seem to rotate in order to throw organizations off their defenses. Mega ransomware attacks dominated the news in 2017 with WannaCry and NotPetya. Cryptominers’ attacks made headlines in 2018. In 2019, cyber attacks have been a mixed bag. Phishing email cyber attacks remain a constant thorn for most organizations.

The resurgence of ransomware has been growing. Small local and state government agencies, mainly in the southeastern part of the U.S., have been victimized. Digital transformation is eroding traditional network perimeters with the adoption of cloud computing, cloud-based subscription services, and the ubiquity of mobile devices. This increased expansion of vectors means more ways to attack an organization.

Cyber Attack Trends

In its provides analysis of the year to date, looking at global cyber attack trends in malware overall, ransomware, and mobile and cloud malware.

TREND 1: Software supply chain attacks on the rise

In software supply chain attacks, the threat actor typically installs malicious code into legitimate software by modifying and infecting one of the building blocks the software relies upon. As with physical chains, software supply chains are only as strong as their weakest link.
Software supply chain attacks can be divided into two main categories. The first includes targeted attacks aiming to compromise well-defined targets, scanning their suppliers list in search of the weakest link through which they could enter. In the Shadow Hammer attack, attackers implanted malicious code into the ASUS Live Update utility, allowing them to later install back doors on millions of remote computers.
In the second category, software supply chains are used to compromise as many victims as possible by locating a weak link with a large distribution radius. One such example is the attack on Prism Web, an e-commerce platform, in which attackers injected a skimming script into the shared JavaScript libraries used by online stores, affecting more than 200 online university campus stores in North America.

TREND 2: Evasive phishing cyber attacks

Phishing is a popular cyber attack technique and continues to be one of the biggest threats to cyber security. Advanced socially engineered evasion techniques are bypassing email security solutions with greater frequency. Check Point researchers noted a surge in sextortion scams and business email compromise (BEC), threatening victims into making a payment through blackmail or by impersonating others, respectively. Both scams do not necessarily contain malicious attachments or links, making them harder to detect. In April, one sextortion campaign went as far as pretending to be from the CIA and warned victims they were suspected of distributing and storing child pornography. Hackers demanded $10,000 in Bitcoin.
Evasive email scams include encoded emails, images of the message embedded in the email body, as well as complex underlying code that mixes plain text letters with HTML character entities. Social engineering techniques, as well as varying and personalizing the content of the emails, are additional methods allowing the scammers to fly safely under the radar of anti-spam filters and reach their target’s inbox.

TREND 3: Clouds under attack

The growing popularity of public cloud environments has led to an increase of cyber attacks targeting resources and sensitive data residing within these platforms. Following the 2018 trend, practices such as misconfiguration and poor management of cloud resources remained the most prominent threat to the cloud ecosystem in 2019. As a result, subjected cloud assets have experienced a wide array of attacks. This year, misconfiguring cloud environments was one of the main causes for a vast number of data theft incidents and attacks experienced by organizations worldwide.
Cloud cryptomining campaigns have increased with upgraded techniques capable of evading basic cloud security products. Docker hosts have been exposed and competitors’ cryptomining campaigns operating in the cloud shut down. Check Point researchers also witnessed an increase in the number of exploitations against public cloud infrastructures.

TREND 4: Mobile device attacks

Malicious actors are adapting techniques and methods from the general threat landscape to the mobile world. Banking malware has successfully infiltrated the mobile cyber arena with a sharp rise of more than 50% compared to 2018. In correlation to the growing use of banks’ mobile applications, malware capable of stealing payment data, credentials and funds from victims’ bank accounts have been pushed from the general threat landscape and became a very common mobile threat too.

10 Ways to Prevent Cyber Attacks

Even if you don’t currently have the resources to bring in an outside expert to test your computer systems and make security recommendations, there are simple, economical steps you can take to reduce your risk of falling victim to a costly cyber attack:

  1. Train employees in cyber security principles.
  2. Install, use and regularly update antivirus and antispyware software on every computer used in your business.
  3. Use a firewall for your Internet connection.
  4. Download and install software updates for your operating systems and applications as they become available.
  5. Make backup copies of important business data and information.
  6. Control physical access to your computers and network components.
  7. Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace make sure it is secure and hidden.
  8. Require individual user accounts for each employee.
  9. Limit employee access to data and information and limit authority to install software.
  10. Regularly change passwords.

 

Education

As many as six new nursing colleges to be functional in Haryana soon

Published

on

Haryana Chief Secretary Sanjeev Kaushal shared that the construction work of six nursing colleges in the state will be completed soon and classes will commence in the month of July. Not only this, the new building of the National Institute of Fashion Technology, Panchkula has also completed its construction work.

Adding on to this, he shared that, till now, the classes are being held in another building, the chief secretary said while presiding over the review meeting of development projects worth more than Rs 100 crore here.

CHIEF SECRETARY REVIEWED MAJOR PROJECTS

The Chief Secretary reviewed several major projects, including power, health, medical, and technical education in the state, and directed the concerned officials to complete them within the stipulated time period.

COLLEGES UNDER CONSTRUCTION

He said that the construction of nursing colleges in Dherdu village of Kaithal, Khedi Ram Nagar village of Kurukshetra, Kheranwali village of Panchkula, Aura and Dayalpur village of Faridabad, and Sadatpur village of Rewari is under construction.

The construction work of Medical college in Koriawas in Narnaul, Medical College at Jind, Bhiwani, and Dental College at Nalhar is being completed at a fast pace. The work of the second phase of Kalpana Chawla Medical College is also undergoing.

Continue Reading

Trending