Everyday Cyber Dangers: Description and Defense
When people are told to imagine a hacker, then always see a hooded figure typing away in a room barely lit by a screen. However, these people fail to realize that hackers are people that dress, and act like you and I. That guy sitting in the corner of the McDonald’s you ate at recently could have been a hacker, so could have that woman behind you in line at Starbucks or that guy who bumped into you on the street. Hackers could be performing multitudes of attacks in public, and would not know when or how to protect yourself against them. To gain such knowledge, you must know what types of attacks there are. Cyber attacks are usually categorized under a list of types or attacks, such as: malware, and the Man in The Middle (MITM) attacks.
Malware can be categorized as any software that causes a disruption in or that manipulates a devices normal functions, and, unfortunately, any device is vulnerable to malware. Malware is usually acquired from opening, or downloading a program that contains such malware. When the code is activated, the malware usually replicates it’s files install other applications that slow down your internet considerably, holds a devices files for ransom while locking said device, bombing the device with ads, and/or irreparable breaking the device. But, how can you find this malicious code once it infects you?
Spotting malware is not very hard. In most cases, your computer tries to track a the downloaded file’s source by looking at it’s properties and information. If the file is sketchy, your computer will warn you, or outright reject the download from finishing. Also, you can manually search for malware by downloading an Anti-Virus program that scans your computer files for malicious code. Once you have spotted the malware, you have to delete it, and protect yourself from more.
To delete the malware, almost all Anti-Virus programs also do the service of deleting bad files they have found. However, preventing more from invading your device is a much more grueling task. You can take actions to block malware, such as: putting up a tight firewall, having a good password for your PC, and having a BIOS password. To avoid malware, you can simply avoid downloading files from suspicious websites, and avoid clicking on suspicious and popup ads.
Here is an example of working malware. In 2013, a bank in Kiev was a victim to malware. Malware was injected into their system, and wreaked havoc. The malware was responsible for tracking every transfer, the bookkeeping of the bankers, and sending that information to criminal group in Russia, China and all over Europe. The criminal groups used that information, and the malware to impersonate the bank officers, and transfer millions of dollars to dummy accounts. It was only when footage of an A.T.M. randomly dispensing cash was caught months later then officials found out about the malware.
The Man in The Middle type of attack is very different from malware. In this type, an actual person is attacking you live rather than a bunch of code. In turn, you can expect this type of attack to be harder to detect, to eliminate, and to avoid. But first, what is the MITM attack? It is the type of attack where the attacker siphons through, and possibly alters the communication between two devices whom believe that they are not being interrupted. Obviously, through this technique, the attacker can possibly gain personal information from either end of the communication, and that never ends well. Although, how can someone spot such a covert type of attack?
MITM attacks are difficult to discover. However, you can approach this by using browsing tools, such as: Cert Patrol, and Perspective. These tools work to measure the validity of the certificate of connections. By keeping note of domain names, and other parameters, these tools check to see if the connection to is legitimate or not. If the tools see that the certificate changes, it is likely that a MITM attack is starting. Stopping a MITM attack is simple, you can just disconnect from the site you saw signs of the attack from, or just disconnect from that “free” Wi-Fi . That free Wi-Fi might just cost you something.
To prevent the effects of an MITM attack, you can encrypt your connection data very securely. This prevents the attacker from reading your data, and they might just give up. To prevent an MITM attack, avoid connecting to open Wi-Fi connections, because you will never know if that connection is rigged.
Here is an example of a MITM attack. In early 2017, a logistics company in Govandi lost $16,000 to a MITM attacker. The unidentified attacker hacked a official’s email and demanded a client, an Italian company, to pay early. The client complied which resulted in a lose of $16,000 on the logistic company’s side.
Just remember to be wary; you never know when you will become a victim to an attack.