Malware is any piece of software that was written with the intent of doing harm to data, devices or to people.
Different kinds of malware : virus, trojans, spyware, worms, ransomware, adware, botnets.
The most frequent warning signs of malware infection :
- Unexpected Crashes
- Slow System
- Excessive Hard Drive Activity
- Strange Windows
- Peculiar Messages
- Bad Program Activity
- Random Network Activity
- Erratic Email
- Blacklisted IP Address
- Unexpected Antivirus Disabling
How to avoid malware infections?
Make sure your operating system, browsers, and plugins are always up to date, because keeping your software patched can keep online criminals at bay.
2. Web-based attack - $2,014,142
Web-based attack focus on an application itself and functions on layer 7 of the OSI. Application vulnerabilities could provide the means for malicious end users to breach a system's protection mechanisms typically to take advantage or gain access to private information or system resources. Information gathered can include social security numbers, dates of birth, and maiden names, which are all often used in identity theft. Another popular target for attackers is credit card data which left unprotected and unencrypted can be used to cause significant damage to organizations most valued assets, their customers.
The most frequent warning signs of web-based attack :
- High Incoming Request Rate
- HTTP Headers : Attacks initiated from Perl scripts (Perl is a favorite hacker programming language, according to Imperva) may be identified with a "libwww-perl" user agent strings in the HTTP request headers
- Unusual Geographies
- Automated Traffic for weeks or even months from a unique IP address
How to avoid web-based attack?
Many methodologies exist, and there is never one right solution or architecture for all environments. Previously
discussed, there are more passive methods which include Intrusion Detection Systems (IDS). IDS systems simply alert on seemingly offensive traffic which is destined towards a protected asset or application. On the opposite spectrum there are more preventative methods which include application-aware firewalls, reverse proxies, and Intrusion Detection Prevention (IDP) which not only actively monitor for attacks but they attempt to block or change the environment such that further attacks are not successful in reaching the protected application or system.
3. Denial of service - $1,565,435
DoS is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. The most serious attacks are distributed DoS where the perpetrator uses more than one unique IP address, often thousands of them.
The most frequent warning signs of DoS attack:
- Slow Network
- No Access
- Huge Increase in Spam Emails
How to prevent DoS attack?
- Ensure you have extra bandwidth
- Make your architecture as resilient as possible
- Create a DDoS action plan
- Improve the security of your Internet of Things (IoT) devices
- Monitor traffic levels
- Use a Content Delivery Network (CDN)
- Use secured Virtual Private Server (VPS) hosting
- Hardware upgrades
- Update everything, regularly
- Drop packets from obvious sources of attack
- Block spoofed IP addresses
- Blacklist and Whitelist