Skip to main content

What is cyber attack /China cyber attack on india

Recently chineese hackers attemped over 40000 cyber attack in india on information technology, banking sector, police security system, infrastructure. 40000 attack has been done within five days. But couldn't break the indian cyber security system. cyber attack is done  due to recently on going conflict between India🇮🇳 vs china..  🔴What is cyber attack?  A cyber attack is an attempt to disable computers, steal data, or use a breached computer system to launch additional attacks. Cybercriminals can use a variety of methods to launch a cyber attack including malware, phishing, ransomware, man-in-the-middle attack, and other methods.  In other situations, cyber attacks can be part of nation-states' cyber warfare or cyber terrorism efforts.  Strong organizational-wide cybersecurity and network security controls are now more important than ever. A cybercriminal may steal, alter, or destroy a specified target by hacking into a susceptible system. Cyber threats can ...
Post a Comment

What is cyber attack /China cyber attack on india

Recently chineese hackers attemped over 40000 cyber attack in india on information technology, banking sector, police security system, infrastructure. 40000 attack has been done within five days. But couldn't break the indian cyber security system. cyber attack is done  due to recently on going conflict between India🇮🇳 vs china.. 



🔴What is cyber attack? 

A cyber attack is an attempt to disable computers, steal data, or use a breached computer system to launch additional attacks. Cybercriminals can use a variety of methods to launch a cyber attack including malware, phishing, ransomware, man-in-the-middle attack, and other methods. 

In other situations, cyber attacks can be part of nation-states' cyber warfare or cyber terrorism efforts. 

Strong organizational-wide cybersecurity and network security controls are now more important than ever.

A cybercriminal may steal, alter, or destroy a specified target by hacking into a susceptible system. Cyber threats can range in sophistication from installing malicious software like malware or a ransomware attack (such as WannaCry) on a small business to attempting to take down critical infrastructure like a local government or government agency like the FBI or Department of Homeland Security. One common byproduct of a cyber attack is a data breach, where personal data or other sensitive information is exposed. 

As more organizations bring their most important data online, there is a growing need for information security professionals who understand how to use information risk management to reduce their cybersecurity risk. This paired with the increasing use and regulatory focus on outsourcing means that vendor risk management and third-party risk management frameworks are more important than ever.

🔴Types of cyber attack :

🔵10 most common cyber attack types:

1.Denial-of-service (DoS) and distributed 2.denial-of-service (DDoS) attacks
3.Man-in-the-middle (MitM) attack
4.Phishing and spear phishing attacks
Drive-by attack
5.Password attack
6.SQL injection attack
6.Cross-site scripting (XSS) attack
7.Eavesdropping attack
8.Birthday attack
8.Malware attack.

1. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
A denial-of-service attack overwhelms a system’s resources so that it cannot respond to service requests. A DDoS attack is also an attack on system’s resources, but it is launched from a large number of other host machines that are infected by malicious software controlled by the attacker.

Unlike attacks that are designed to enable the attacker to gain or increase access, denial-of-service doesn’t provide direct benefits for attackers. For some of them, it’s enough to have the satisfaction of service denial. However, if the attacked resource belongs to a business competitor, then the benefit to the attacker may be real enough. Another purpose of a DoS attack can be to take a system offline so that a different kind of attack can be launched. One common example is session hijacking, which I’ll describe later.

There are different types of DoS and DDoS attacks; the most common are TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack and botnets.

TCP SYN flood attack
In this attack, an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. The attacker’s device floods the target system’s small in-process queue with connection requests, but it does not respond when the target system replies to those requests. This causes the target system to time out while waiting for the response from the attacker’s device, which makes the system crash or become unusable when the connection queue fills up.

There are a few countermeasures to a TCP SYN flood attack:

Place servers behind a firewall configured to stop inbound SYN packets.
Increase the size of the connection queue and decrease the timeout on open connections.
Teardrop attack
This attack causes the length and fragmentation offset fields in sequential Internet Protocol (IP) packets to overlap one another on the attacked host; the attacked system attempts to reconstruct packets during the process but fails. The target system then becomes confused and crashes.

If users don’t have patches to protect against this DoS attack, disable SMBv2 and block ports 139 and 445.

Smurf attack
This attack involves using IP spoofing and the ICMP to saturate a target network with traffic. This attack method uses ICMP echo requests targeted at broadcast IP addresses. These ICMP requests originate from a spoofed “victim” address. For instance, if the intended victim address is 10.0.0.10, the attacker would spoof an ICMP echo request from 10.0.0.10 to the broadcast address 10.255.255.255. This request would go to all IPs in the range, with all the responses going back to 10.0.0.10, overwhelming the network. This process is repeatable, and can be automated to generate huge amounts of network congestion.

To protect your devices from this attack, you need to disable IP-directed broadcasts at the routers. This will prevent the ICMP echo broadcast request at the network devices. Another option would be to configure the end systems to keep them from responding to ICMP packets from broadcast addresses.

Ping of death attack
This type of attack uses IP packets to ‘ping a target system with an IP size over the maximum of 65,535 bytes. IP packets of this size are not allowed, so attacker fragments the IP packet. Once the target system reassembles the packet, it can experience buffer overflows and other crashes.

Ping of death attacks can be blocked by using a firewall that will check fragmented IP packets for maximum size.

Botnets
Botnets are the millions of systems infected with malware under hacker control in order to carry out DDoS attacks. These bots or zombie systems are used to carry out attacks against the target systems, often overwhelming the target system’s bandwidth and processing capabilities. These DDoS attacks are difficult to trace because botnets are located in differing geographic locations.

Botnets can be mitigated by:

RFC3704 filtering, which will deny traffic from spoofed addresses and help ensure that traffic is traceable to its correct source network. For example, RFC3704 filtering will drop packets from bogon list addresses.
Black hole filtering, which drops undesirable traffic before it enters a protected network. When a DDoS attack is detected, the BGP (Border Gateway Protocol) host should send routing updates to ISP routers so that they route all traffic heading to victim servers to a null0 interface at the next hop.

2. Man-in-the-middle (MitM) attack
A MitM attack occurs when a hacker inserts itself between the communications of a client and a server. Here are some common types of man-in-the-middle attacks:

Session hijacking
In this type of MitM attack, an attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client. 

3. Phishing and spear phishing attacks
Phishing attack is the practice of sending emails that appear to be from trusted sources with the goal of gaining personal information or influencing  users to do something. It combines social engineering and technical trickery. It could involve an attachment to an email that loads malware onto your computer. It could also be a link to an illegitimate website that can trick you into downloading malware or handing over your personal information.

Spear phishing is a very targeted type of phishing activity. Attackers take the time to conduct research into targets and create messages that are personal and relevant. Because of this, spear phishing can be very hard to identify and even harder to defend against. One of the simplest ways that a hacker can conduct a spear phishing attack is email spoofing, which is when the information. 

4. Drive-by attack
Drive-by download attacks are a common method of spreading malware. Hackers look for insecure websites and plant a malicious script into HTTP or PHP code on one of the pages. This script might install malware directly onto the computer of someone who visits the site, or it might re-direct the victim to a site controlled by the hackers. Drive-by downloads can happen when visiting a website or viewing an email message or a pop-up window. Unlike many other types of cyber security attacks, a drive-by doesn’t rely on a user to do anything to actively enable the attack — you don’t have to click a download button or open a malicious email attachment to become infected. A drive-by download can take advantage of an app, operating system or web browser that contains security flaws due to unsuccessful updates or lack of updates.

5. Password attack

Because passwords are the most commonly used mechanism to authenticate users to an information system, obtaining passwords is a common and effective attack approach. Access to a person’s password can be obtained by looking around the person’s desk, ‘‘sniffing’’ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing.

6. SQL injection attack

SQL injection has become a common issue with database-driven websites. It occurs when a malefactor executes a SQL query to the database via the input data from the client to server. SQL commands are inserted into data-plane input (for example, instead of the login or password) in order to run predefined SQL commands. A successful SQL injection exploit can read sensitive data from the database, modify (insert, update or delete) database data, execute administration operations (such as shutdown) on the database, recover the content of a given file, and, in some cases, issue commands to the operating system.

7. Cross-site scripting (XSS) attack

XSS attacks use third-party web resources to run scripts in the victim’s web browser or scriptable application. Specifically, the attacker injects a payload with malicious JavaScript into a website’s database. When the victim requests a page from the website, the website transmits the page, with the attacker’s payload as part of the HTML body, to the victim’s browser, which executes the malicious script. For example, it might send the victim’s cookie to the attacker’s server, and the attacker can extract it and use it for session hijacking. The most dangerous consequences occur when XSS is used to exploit additional vulnerabilities. These vulnerabilities can enable an attacker to not only steal cookies, but also log key strokes, capture screenshots, discover and collect network information, and remotely access and control the victim’s machine.

8. Eavesdropping attack

Eavesdropping attacks occur through the interception of network traffic. By eavesdropping, an attacker can obtain passwords, credit card numbers and other confidential information that a user might be sending over the network. Eavesdropping can be passive or active. 

9. Birthday attack

Birthday attacks are made against hash algorithms that are used to verify the integrity of a message, software or digital signature. A message processed by a hash function produces a message digest (MD) of fixed length, independent of the length of the input message; this MD uniquely characterizes the message. The birthday attack refers to the probability of finding two random messages that generate the same MD when processed by a hash function. If an attacker calculates same MD for his message as the user has, he can safely replace the user’s message with his, and the receiver will not be able to detect the replacement even if he compares MDs.

10. Malware attack

Malicious software can be described as unwanted software that is installed in your system without your consent. It can attach itself to legitimate code and propagate; it can lurk in useful applications or replicate itself across the Internet. Here are some of the most common types of malware:

Macro viruses — These viruses infect applications such as Microsoft Word or Excel. Macro viruses attach to an application’s initialization sequence. When the application is opened, the virus executes instructions before transferring control to the application. The virus replicates itself and attaches to other code in the computer system.
File infectors — File infector viruses usually attach themselves to executable code, such as .exe files. The virus is installed when the code is loaded. Another version of a file infector associates itself with a file by creating a virus file with the same name, but an .exe extension. Therefore, when the file is opened, the virus code will execute.
System or boot-record infectors — A boot-record virus attaches to the master boot record on hard disks. When the system is started, it will look at the boot sector and load the virus into memory, where it can propagate to other disks and computers.

A Cyber Attack is Preventable
Despite the prevalence of cyber attacks, Check Point data suggests that 99 percent of enterprises are not effectively protected. However, a cyber attack is preventable. The key to cyber defense is an end-to-end cyber security architecture that is multilayered and spans all networks, endpoint and mobile devices, and cloud. With the right architecture, you can consolidate management of multiple security layers, control policy through a single pane of glass. This lets you correlate events across all network environments, cloud services, and mobile infrastructures.

In addition to architecture, Check Point recommends these key measures to prevent cyber attacks:

Maintain security hygiene
Choose prevention over detection
Cover all attack vectors
Implement the most advanced technologies
Keep your threat intelligence up to date

If u like my article plz share it with your friend.. comment below.... 


follow me on social media
Facebook - https://m.facebook.com/Techajkalpro/
instagram - https://www.instagram.com/techajkalpro/
twitter - https://mobile.twitter.com/arnabma91603171
join telegram - TECH AJKAL PRO
products review 
product unboxing
app reviews 
technical updates
https://t.me/TECHAJKALPROMAITYARNABTECH





Labels:

Comments

Post a Comment

Popular posts from this blog

Best smartphone under 15000rs - techajkalpro

There are so many smart phone available in the market & online with different specifications. But here are the best smart phone under 15000rs . So lets see the top five smartphone   🔵1. Samsung Galaxy M21: 🔴 HIGHLIGHTS : ➡️SM-M215FZBD ➡️SM-M215FZBDINS ➡️6000 mAh Battery with 15W Fast Charging ➡️16.21cm (6.4") sAMOLED display ➡️48 MP Triple Camera ➡️device :4GB RAM, Internal memory - 64GB ➡️Price-14499 rs.  2.Realme 6: 🔴 HIGHLIGHTS : price:13999 🔵3.one plus 5: price:15990 🔴 HIGHLIGHTS : ➡️Grade: Refurbished - Very Good ➡️6 GB RAM | 64 GB ROM | ➡️5.5 inch Full HD Display ➡️20MP Rear Camera | 16MP Front Camera ➡️3300 mAh Battery ➡️Qualcomm Snapdragon 835 Processor 🔵4.Samsung galaxy M30S: price:14999 🔴 HIGHLIGHTS : ➡️48MP + 8MP + 5MP triple rear ➡️camera | 16MP front facing camera ➡️16.21 centimeters (6.4-inch) FHD+ ➡️capacitive touchscreen with 2340 x 1080 pixels resolution 16M color ➡️support Memory, Storage & SIM: 4GB RAM | 64GB storage expandable up to 512GB ➡️...
1 comment
Read more

🔴Redmi Note 9 Pro Max Next Sale on June 24 at 12 Noon via Amazon, Mi.com

The  Redmi Note 9 Pro Max  price in India starts at Rs. 16,499 for the 6GB + 64GB storage variant. The 6GB + 128GB and 8GB + 128GB variants of the phone are priced at Rs. 17,999 and 19,999, respectively. All the Redmi Note 9 Pro Max models are  offered  in Aurora Blue, Glacier White, and Interstellar Black colour option. The  Redmi  budget smartphone will be available to purchase via  Amazon.in  and  Mi.com  on June 24 at 12pm (noon). Customers planning to purchase the phone through Amazon can select no-cost as well as standard EMI options. Prime members can also enjoy five percent discount using Amazon Pay ICICI Bank Credit Card. Additionally, Amazon and Xiaomi, both are offering  Airtel  double data benefits with Rs. 298 and Rs. 398 unlimited packs.
Post a Comment
Read more

Mi 10 Gets Android 11 Beta 1 Update

Mi 10 has received the official Android 11 Beta 1 build for download. The new software build, which is meant for testing purposes and not for end consumers, doesn't include Xiaomi's MIUI skin on top of the next-generation Android version. This means that Mi 10 users can test the new update in its vanilla form, without any specific custom changes. The new development comes just days after OnePlus brought Android 11 Beta 1 for the OnePlus 8 and OnePlus 8 Pro users. Vivo also recently brought the beta version of the upcoming Android release for the Nex 3S and iQoo 3.
Post a Comment
Read more