The IT security situation in Germany is tense. In 2019 alone, the Federal Criminal Police Office recorded over 100,000 reported cyberattacks in Germany, and the number of unreported cases is probably much higher. The main targets of hackers are primarily companies and public institutions, but private individuals are also increasingly being targeted. To understand how companies and private individuals can protect themselves, you first need to understand what the different types of hacker attacks are. You’ll learn about that and much more in this post. Hacker attack, cyber threat, data theft: it won’t hit me, you may think. To illustrate the scale and threat of cyberattacks, here are a few facts about the cybersecurity situation in Germany in 2020:
Compared to 2019, the German Federal Office for Information Security (BSI) determines:
- 117.4 million new malware variants
- 35,000 intercepted mails with malware from German government networks
- 52,000 blocked websites with contained malware programs
- 7 million malware reports sent to German network operators
- One in four citizens has already been a victim of cybercrime, 25% of them even in the last 12 months
At this point, at the latest, it becomes clear that cybercrime really does concern everyone. That’s why we’ve summarized five different types of hacker attacks and given you tips on how you can protect yourself.
1. Denial-of-service (DoS) and distributed denial-of-service attacks (DDoS)
In DoS attacks, systems are flooded with requests by hackers to such an extent that the IT infrastructure can no longer handle the requests. When an attack is carried out in parallel by several computers on which malware is installed, this is known as a DDoS. The more computers that work together as a botnet, the more powerful the attack. If a server is attacked without DDoS protection, the servers are overloaded with the enormous number of requests, so that websites are either no longer accessible or only build up in slow motion. Attackers use this type of cybercrime to extort ransoms from organizations or carry out other criminal acts. In-house servers are classic targets of DoS attack. Routers that are properly set up and secured with strong passwords provide some protection, but most organizations rely on larger firewalls. If a successful attack has already occurred, additional resources should be provided by hosting providers so that the website can still be accessed. An elastic infrastructure can thus dynamically reduce and expand resources as needed, automatically maximizing the use of the resource.
2. Man-in-the-middle attacks
A MitM attack occurs when a hacker inserts himself into the communication between a client and a server. This can be done in the course of session hijacking, where the hacker attacks the connection between a trusted client and a network. In this case, the IP address of the trusted client is replaced with that of the hacker. In this way, the criminals can not only read the data traffic, but also manipulate it. An effective protective measure against this attack is strong end-to-end encryption. This involves encrypting the transmitted data in such a way that it never exists in unencrypted form on the partial routes. Alternative protection mechanisms are intrusion detection systems, i.e., attack detection systems that monitor the network activities of systems and secured network systems and report suspicious activities.
3. Phishing and spear phishing attacks
In a phishing attack, emails are mostly sent with a seemingly trustworthy source with the aim to grab personal data. Through a link in the email, people are redirected to a website where they are supposed to reveal personal information. Spear phishing even goes one step further: victims are addressed personally and the fake emails contain information that is relevant to the individuals. The following figures illustrate how many phishing emails are sent every day. With 4 billion e-mail users worldwide, 3.4 billion phishing e-mails are sent to e-mail inboxes every day. To protect oneself against social engineering measures, it is advisable to handle personal information in social networks responsibly. The less information hackers can gather about users, the harder it will be to deceive them. In addition, account information, access data and passwords should never be shared by phone or e-mail. After all, reputable companies and banks do not ask their customers to reveal this information to anyone. In addition, it is advisable to exercise caution when receiving e-mails from unknown senders. If there is even the slightest suspicion that it is an attempted attack, it is better not to react. If it is a false alarm, the employer or bank will contact you through another channel, such as a letter.
4. Drive-by download
Drive-by download is another popular hacker method to spread malware. For this, hackers search for an unsecured website and inject a malicious script into the http or PHP code of the page. This injected script can be used to install malware on a site visitor’s computer – without the user noticing. To protect yourself against this, it is important to keep your browser and plug-ins up to date. With most browsers, an automatic search for updates can be set up. Additional help can be provided by virus protection installed on the computer, which detects and fends off malware.
5. Password attacks
Another popular method is password attacks, where hackers grab users’ passwords. Hackers find them in password Excel lists on the dekstop, on slips of paper on the screen or under the keypad, or they use social engineering methods to guess passwords or get them out of the user – in the worst case, the password for a password database that protects other accesses. A subtype of password attacks are brute force attacks. Brute force means that all strings of possible passwords are tried one after the other. You can protect yourself against this type of attack by using a higher password change frequency and longer passwords, because longer passwords mean that the attacks statistically take more time. The longer a hacker needs for a successful attack and the more likely a password change is, the less attractive an attack is. However, the chances of success with brute force are 100%, since every password can be guessed at some point. Another form of password attack is the dictionary method. Here, hackers use a dictionary of common passwords such as “password 123” to gain access to a victim’s network and server. Hackers can also be logical and enter passwords related to the victim’s name, pet, or hobbies, for example. To protect against dictionary attacks, equally complex and unique passwords should be used for different access points. Additionally, account lockout policies can be implemented to ensure that an account is locked out after a certain number of invalid password entries.
If you want to learn even more about social engineering attacks, read our human security gap whitepaper for free here.