Cyberattacks/ Unethical Hacking

most of us would know about the term ‘hacking’. when we think about hacking, the first thing that usually comes to mind would be exploiting breaching defences and gaining unauthorized access to a system. they would then use that power to gain profit, introduce Trojan or similar malware into cybersecurity network.

But actually, there are different types of hacking and hackers. there is good hacking that is used to prevent and secure companies and find vulnerabilities and weaknesses to patch them up, which is done legally under speculation and authorization. there are also different types of hackers with different intentions. white hat hackers and black hat hackers have been mentioned above, and the white does ethical hacking while the black has malicious intent. another hat hacker is the grey hat, which is in between white and black.

Usually, grey-hat hackers surf the net and hack into computer systems to notify the administrator or the owner that their system/network contains one or more vulnerabilities that must be fixed immediately. Grey hats may also extort the hacked, offering to correct the defect for a nominal fee.

common types of cyberattacks

1.phising attacks on servers

phishing attacks may impersonate other users, and send fraudulent links or trick people into revealing their usernames and passwords with phishing messages, and they can be sent by email, text or other channels. or if a site is hacked and the hackers gain access and control of the site, then they might be able to steal all the data and credentials on the website.

2.different types of attacks(unethical hacks)

DDOS attack(denial of service attack)

-this attack sends and floods a system resources with false traffic so that it cannot respond to service requests. it launches from a large number of other hosts machines that are infected with malicious software which is controlled by the attacker.

a DDOS attack sends heavy and false traffic through the internet to the victims

-cookie theft

Cookies, which are stored on websites caches or on your system when you visit certain websites, holds a wealth of information about you, passwords, creditentials, and personal and finanical data.

once stolen, cookies may be decrypted to reveal your information, or to impersonate you online.

Avoiding public networks or unprotected networks with security lesser than WPA2 is your safest bet, and using a VPN(virtual private network) to encrpyt and tunnel the connection on your phone or mobile device is also advised, and you should also clear the browser and system caches in your history, block third party cookies, so that you will have less cookies to steal.

-MITM(man in the middle attack)

unsecured network connections are exposed to this tactic, and it involves intercepting data stream between the sender and recipient. They are then able to read or modify the data being passed through the proxy connection.

th objective may be to eavesdrop and record a confidential transmission such as an exchange of login/ financial credentials, or the attacker may want to disrupt the flow of traffic by sending malicious malware to both of the systems.

tips to avoid MITM or cookie theft:

  • use a reliable and escure VPN
  • avoid the use of free Wi-fi hotspots
  • avoid going to insecure websites, malicious websites
  • avoid using apps from untrusted sources

-Trojan horse

a trojan horse is a type of malware often disguised as legitimate software. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. a trojan horse acts like a legit application or file to deceive you to loading and executing the malware on your device.

trojan attacks can be from emails, downloads, mails, messages

once downloaded or installed, it can perform the action it was designed for. for example, when you open an email from someone, you might think its from a reowned company or someone you know, but the file you opened has gone to install malware unknowingly on your device.

-drive-by attack

in a drive-by attack, hackers look for insecure websites and plant malicious scripts into HTTP or PHP code on the pages. When the victim visits the website,, the script may install malware directly onto the computer of someone on the site, or it redirects them to a site controlled by the hackers. apps, operating systems or web browser that has security flaws or unsuccessful updates are more vulnerable to these attacks.

Solutions and how to stay safe from cyberattacks

1.avoid opening suspicious emails, suspicious files or links

if you receive an email or message telling you that you have won the lottery, or you can receive a free gift, do not open the email or attachment. as mentioned above, these emails may look like they are from a renowned company or someone you know, but they are malicious and fraudulent and it could be a phishing attack or the file could be a trojan horse.

example of a phishing email

2.download all software from authentic sources, avoid downloading files from torrent sites

when downloading applications, plugins, files, try your best to download them from the original sites or authentic sites. fishy and torrent websites may not be up to date and hackers may be able to run a drive-by attack, MITM attack, or cookie theft. and it’s also best to try not to download paid apps from third-party software, such as trying to download Minecraft for free on fraudulent or third-party websites.

3.go incognito mode when on third-party computers(or computers that aren’t yours)

if you are using a shared computer or other’s people computer, you should go incognito mode so that your browsing history, cookies, user credentials would not be saved when another person comes to use it, as Google Chrome tends to save your credentials, cookies when you browse in a normal window.

4.use a good anti-virus software, and a good VPN

antivirus software can provide protection agaiinst viruses, malware, internet threats. and each time a usb stick is inserted into a computer, make sure to scan it. turn on the safe browsing feature of anti-virus to prevent yourself from accidentally browsing malicious sites.

you may also want to use a vpn to hide your ip address, access geographically blocked websites, change your ip address to and appear as though you’re in a different country.

some good vpns that i recommend

5.Do not re-use passwords on important accounts

Ensure that your passwords are different for emails, credentials, and logins. That way, if hackers manage to crack your password for one account, they only can get access to that account, and the others will still be secure. Try to change your passwords regularly to make it tougher for hackers to crack your password, and use 2 factor-authentication(or 2 step verification) whenever possible.

summary and points

Conclusion

As the internet advances with higher technology, it becomes vaster, and more cybercriminals are looking to steal the information on the internet. Hence, we need to stay safe when browsing and ensure that we help to do our part to protect ourselves and others to make the internet a trustworthy place for everyone to work, study, and play.

credits:

https://medium.com/all-technology-feeds/10-ways-to-stay-safe-from-cyber-attacks-6449219ceb54

https://whatismyipaddress.com/hacking-basics

https://blog.finjan.com/9-common-hacking-techniques-and-how-to-deal-with-them/

Tagged : / /