An increase in technology also increases the possibility of evolved cyber attacks and/or threats. As we get wiser in systems we use or measures to take, so do our hackers, whose aim is to compromise our systems, security, data, and other information, including account numbers, emails, and passwords. This interference can lead to theft of identity, loss of funds from a financial institution, and much more company devastation.
In this article, we hope to educate you on prevalent attacks that many cause from your online presence and actions that can be taken to mitigate and prevent further trouble.
What Are Some Common Cyber-Attacks?
SSL Stripping
What is SSL stripping? This is also known as an SSL downgrade attack and is an attack used to compass security enforces by the SSL certificates on websites. HTTP and HTTPs function in the request-response protocol, but they deem it more secure as for the request encryption through SSL.
SSL is a secure protocol used for communicating sensitive information; this information includes but not limited to banking details, email correspondence, to name a few. An encrypted connection between both parties creates this protocol’s security; this is usually a client application and a server. For a secure connection to be established in most scenarios, the following occurs.
- A user sends an unsecured HTTP request
- The server replies by HTTP and then redirects the user to a secure protocol (HTTPS).
- The secure session begins when the user submits a secure HTTPS.
For the SSL strip to happen, a hacker intercepts the redirected HTTP to the secure HTTPS protocol and interferes with requests between the user and server. The hacker proceeds to establish the connection (HTTPS) between her/himself and server, and an unsecured bond with the user, the hacker acting as a third party.
Help Of a VPN
A Previous article titled ‘Why Invest In A VPN’ informs you how a VPN can be your best option for hackers, identity theft, and generally cybercriminals. Virtual Private Network (VPN) allows users to have a secure connection to other networks via the internet; this is usually done remotely. A VPN hides your IP address, which then protects you from identity theft by encrypting your data; all this is done by routing you through a private network. With information encrypted being sent from the user to your intended location, data intercepted by hackers would be unreadable.
Min-in-the middle
A man-in-the-middle (MITM) attack happens when the attacker/hacker intercepts the communication to inject malware to your device, be it PC or mobile. The MITM usually consists of three parties: the victim (user), the website, or entity the victim is attempting to communicate with and the interceptor/hacker.
The MITM methods are most times to steal the browser cookies, phishing, and to identify login credentials that are stored. These allow your attacker(s) to insert themselves between the victim and the intended entity to gain relevant credentials and other valuable information.
Fake Hotspots for Wi-Fi
One of the most natural things for hackers to do may be to set-u a false wi-fi hotspot name Barnes & Noble, McDonald, or everyone’s favorite Starbucks. These frauds would look most reputable and would be seen as convenient and identical to the network commonly used. Once connected to this network and data transmission begins, hackers will have access to all your details. This to the hacker is like “taking candy from a child.”
Packet Sniffing
This is considered as the gathering, collecting, and logging of possibly all that passes through your computer network. When using a website with an unprotected network can allow your hacker to attach hi/herself unto packets of information passing between you and the website trying to reach and process.