Cyber security
Cyber security is the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber attacks.
It aims to reduce the risk of cyber attacks and protect against the unauthorised exploitation of systems, networks and technologies.
Common cyber threats
Backdoors
Backdoors allow remote access to computers or systems without users’ knowledge.
Formjacking
Formjacking is the process of inserting malicious JavaScript code into online payment forms to harvest customers’ card details.
DNS poisoning attacks
DNS (domain name system) poisoning attacks compromise DNS to redirect traffic to malicious sites. Affected sites are not ‘hacked’ themselves.
DDoS attacks
DDoS (distributed denial-of-service) attacks attempt to disrupt normal web traffic and take targeted websites offline by flooding systems, servers or networks with more requests than they can handle, causing them to crash.
Cryptojacking
Cryptojacking is the malicious installation of cryptocurrency mining – or ‘cryptomining’ – software. This software illicitly harnesses the victim’s processing power to mine for cryptocurrency.
Common cyber attacks
Botnets
Botnets are large networks of compromised computers, whose processing power is used without the user’s knowledge to carry out criminal activity. This can include distributing spam or phishing emails or carrying out DDoS.
Drive-by downloads
Drive-by downloads install malware when victims visit a compromised or malicious website. They don’t rely on unsuspecting users taking action, such as clicking malicious email attachments or links, to infect them.
Exploits and exploit kits
Exploit kits are collections of multiple exploits. Available for rent on the dark web, they enable unskilled criminals to automate attacks on known vulnerabilities.
MITM attacks
A MITM (man-in-the-middle) attack occurs when a criminal hacker inserts themselves between a device and a server to intercept communications that can then be read and/or altered.
