What Is a Cyber Attack?

What is a cyberattack?

A cyberattack is any action performed to gain unauthorized access to a computer, an information system or an IT network in order to damage, steal, or expose personal or corporate information. An attack could take the form of someone trying to gain access to your LinkedIn account, or it could be more large scale, such as the sophisticated Caesar’s Entertainment attack that led to the payment of $15 million to hackers to prevent the publication of a customer database.

Any company or individual employee is vulnerable to a cyberattack at any given moment through a mobile device, a laptop computer or a desktop machine. It could come through an email, or it could be a concerted effort targeting corporate servers. But there are also some effective ways you can protect yourself and your business.

5 most common types of cyberattacks

Cybercriminals can attack your business in many ways, but these five approaches are more common than others.

Malware

Malicious software (malware) can come from anywhere and take any form. These malicious applications can enter an IT network simply by opening an email attachment or installing an EXE file from a suspicious site. And once malware gets into your system, it isn’t easy to contain.

Malware comes in many forms, such as spyware, ransomware, keyloggers and viruses. For example, ransomware is used to bar access to computer systems and data, only restoring them upon payment of a sum of money. This happened to the information technology group CDW, which fell victim to an attack. Their hackers demanded a ransom of $80 million. The company offered them $1.1 million, which was rejected, so the attackers started to leak CSW’s data.

Phishing

A phishing attack is a message intended to trick someone into revealing personally identifiable information (PII) that would give access to your accounts. Phishing attacks used to be easy to spot – like those emails from a foreign prince who wants to give you millions of dollars. That’s a phishing scam to get your bank account information.

This type of cyberattack has become more sophisticated in recent years, coming from email servers spoofing official corporate email addresses, applications on hijacked web pages or even phone calls from criminals claiming to be government officials. For the most part, these types of attacks tend to focus on fear or greed, so if something seems too good to be true, it should be treated with caution. [Read related article: Using Machine Learning to Detect Spear Phishing Attacks]

DDoS attack

A distributed denial-of-service (DDoS) attack gives cybercriminals a way to overload a network with unwanted traffic that eventually overwhelms and disrupts live services. It’s like a crowd blocking you from your favorite store, preventing anyone from going in and keeping away a business’s actual customers. These types of targeted attacks usually focus on larger organizations, including banks and other financial gateways, essentially allowing hackers to ruin those companies.

SQL injection

A Structured Query Language (SQL) injection allows a hacker to exploit weak web forms by using malicious commands to steal data, delete or modify records, or even take over an entire website – all through a relatively simple process. An SQL exploit is often considered one of the more avoidable breaches because it usually comes from broken code on a database or a website. Through trial and error, a skilled cybercriminal could access customer information like credit card numbers, home addresses and email addresses.

Zero-day exploit

One of the more effective types of cyberattack is the zero-day exploit, which is a recently discovered bug or vulnerability that can be easily used to attack, overwhelm or take over a system. Once a zero-day exploit is discovered, the clock starts ticking. Worst of all, some zero-day exploits may not be discovered by corporate IT departments for weeks or months after the first breach.

5 most damaging effects of a cyberattack

Cyberattacks can have a wide range of adverse effects on your business. 

Financial loss

Some cyberattacks focus on the actual theft of corporate funds, while others end up costing a company scores of cash, simply as a side effect. According to IBM, the average cost of a data breach caused by a cyberattack is around $4.45 million.

A simple data breach can quickly become a devastating financial loss for any business. The costs associated with your information technology (IT) managers updating the security protocols for the entire corporate network, as well as the physical security of individual worksites, can add up remarkably fast. 

A tarnished reputation

Everyone says, “I never thought it would happen to me.” But this is what hackers rely on – nobody expects a cyberattack. That’s why they’re so effective.

Customer trust becomes a real concern after an attack; potential customers and clients might scrutinize the losses and gaps in security, which could lead to lost business.

Extensive business disruptions

Once a cybercriminal successfully breaches a corporate network, there are multiple ways they could overwhelm your business. One cyberattack may focus solely on siphoning funds, while another might attempt to disrupt a supply chain. Other attacks, like a DDoS attack, may focus on overwhelming your system to cause the failure of each service or application you offer. Recovering from a cyberattack could take days or even weeks, and could cost millions.

Legal liabilities

After any major data breach, an organization must prove its compliance with any state, federal or regulatory standards for its specific industry. For companies that keep meticulous records and conduct regular audits, they should have a paper trail that shows that all the required steps were followed. For companies that don’t keep such thorough records, legal fees could add up. Worse yet, even if a business followed all the rules and regulations, clients and partners could still pursue legal action when a data breach includes certain information.

Data loss

Perhaps the most destructive effect of a cyberattack is the loss of sensitive corporate data. In addition to personal and sensitive customer data, a well-executed attack could reveal other information, like patents, commercial secrets and the source code to major products. Once a cybercriminal has that kind of company information, they have a lot of power.

With the source code of an application, a cybercriminal has all they need to break the software outright or weave in vulnerabilities to exploit unsuspecting users. Users could potentially reveal other flaws in their own network that a cybercriminal could utilize, unintentionally giving a cyberattack a way to increase the damage it causes. That’s when a business becomes liable – potentially leading to financial loss, a damaged reputation and a laundry list of legal ramifications.

Why do cyberattacks happen?

Cyberattacks occur for a variety of reasons and are perpetrated by many actors. Below, we look at why attacks occur, what these attacks target and who’s behind them.

Why?

The three main reasons cyberattacks occur are:

1. Criminal

Cybercriminals can be motivated by:

• Direct theft (e.g., stealing money from bank accounts)
• Identity theft (e.g., sale of personal and financial information on the black market to fraudsters)
• Extortion (e.g., use of ransomware or DDoS attacks to force victims to pay to regain access to their systems or data)
• Corporate espionage (e.g., hacking into a company’s research and development department to gain insight into a competitor’s activities)

2. Political

Countries might use cyberattacks to:

• Destabilize another state (e.g., by targeting their financial markets, energy grids and other systems)
• Obtain knowledge (e.g., to influence political outcomes or to reveal secretive communications and strategies)
• Kompromat (e.g., to obtain damaging information on a person or group to discredit or blackmail them)

Other situations in which political cyberattacks occur include:

• Public exposure (e.g., hacktivists releasing confidential information to expose human rights abuses and corruption)
• Reputation damage (e.g., targeting a political party or other entity to uncover and publicize embarrassing information to undermine public trust)
• Raising public awareness (e.g., hacking into government websites, media outlets, corporations and so on to discover information to support an individual’s or organization’s perspective).

3. Other

Three other main reasons behind individual cyberattacks include:

• Revenge (e.g., employees stealing data to sell to competitors)
• Competition (e.g., overcoming the challenge of breaking into difficult-to-penetrate systems before other hackers)
• Penetration testing (e.g., when companies employ contractors to attempt to hack into their systems to identify vulnerabilities)

What?

The primary targets in a cyberattack are:

• Financial assets: This could be the theft of cash or other financial instruments from bank accounts, digital wallets and online financial services.
• Financial data: Hackers often steal credit card information, banking details and other financial records, quickly selling them on the black market.
• Personal data: This could be Social Security numbers, phone numbers, addresses and so on that could be used to set up fake credit profiles to apply for loans.
• Sensitive data: This may include health records, private communications and legal documents that could be used to blackmail an individual or company. Health records may be sold for marketing purposes. [Read related article: How HIPAA Laws Impact Employers]
• Corporate information: This is intellectual property, like trade secrets, business strategies, ongoing research and development projects, proprietary technology, and future business strategy.
• Infrastructure: This is when communications networks, transport systems and power grids are attacked.

Who?

Perpetrators of cybercrime can be external or internal. The primary external threats are:

• Organized crime: Sophisticated groups of criminals will target individuals, companies and networks for financial gain.
• State actors: Nation-states will attack each other’s infrastructures, elections and so on for political reasons.
• Amateur hackers: Some see hacking as a challenge and may target individual systems to improve their skills.
• Hacktivists: Hacktivists are motivated by ideological and political purposes to carry out attacks but are usually not sponsored by individual states.

Key internal threats include:

• Employees: Employees, especially disgruntled current or former employees who still have access to company systems, may steal data or sabotage your network.
• Contractors: Although rare, an independent contractor with a grievance toward their client may be motivated to damage their IT system and access their data without consent.
• Business partners: In situations where there is a fallout between shareholders, an individual may attempt to access information available to other shareholders beyond that permitted by any partnership agreement. They may do this to gain a competitive advantage in negotiating an exit.
• Clients: In case of a commercial dispute or in an attempt to gain a bargaining advantage, a client may attempt to access a supplier’s IT system for commercially sensitive information.

As you can see, modern businesses face multiple cybersecurity issues. However, unless you’re an international business or a key supplier to multinational companies or governments, you are exceedingly unlikely to be targeted by rogue nations and hacktivists.

You shouldn’t think, though, that as an owner of an SMB, your business and its data would not interest cyberattackers. According to security firm BlackFog, 61 percent of U.S. and U.K. businesses were subject to a successful cyberattack in the last year.

What are examples of well-known cyberattacks?

Recent examples of successful cyberattacks include:

• British digital protection firm DarkBeam suffered a data breach affecting in excess of 3.8 billion records.
• Online education platform Real Estate Wealth Network had more than 1.5 billion personal real estate ownership records exposed, including those of celebrities and politicians.
• A hacker leaked more than 220 million users’ email addresses from X, formerly known as Twitter.
• U.K. newspaper The Guardian was hit by a ransomware attack that affected its operation for months.
• Casino chain Caesars Entertainment paid $15 million to hackers so they wouldn’t publish a database of loyal customers they’d stolen.
• U.K. logistics firm KNP Logistics was forced to close following a ransomware attack, causing 700 employees to lose their job.

How do I protect my business against a cyberattack?

1. Enforce strong password security practices.

Believe it or not, people still use remarkably weak passwords for their various accounts. According to Security.org, the most common password today is “123456.” A strong password is the first line of defense against a cyberattack.

Some best practices for passwords include using at least one numeral and one special character, like a hashtag or a question mark. Other recommended practices are using a unique password for every account you have, changing those passwords regularly and using a password manager.

2. Always use the latest software.

Cybercriminals use exploits like a zero-day attack through older versions of an application, and all types are vulnerable, from an email program to a media player to an instant messenger. As a matter of fact, a lot of application updates include security fortifications to shore up known issues and prevent similar bugs from being exploited in a future cyberattack. If you’re running the latest versions of your software packages and apps, they’re probably secure.

3. Use a virtual private network.

When your business is equipped with a top virtual private network (VPN), you get a direct pipeline to your network through the internet that keeps your information hidden from prying eyes. 

A VPN filters your traffic through various servers to hide your activity or location from cybercriminals and even your internet service provider (ISP). While there are some drawbacks to even the best VPN, such as slower network speeds and IP blacklisting, the benefits – such as added security, anonymity and access to georestricted content – outweigh them. [Read related article: Secure Remote Access: What It Is and How It Works]

4. Use a reliable cybersecurity insurance service.

Cybersecurity insurance can help any business recover from the effects of a successful cyberattack, whether it’s financial assistance, logistical support or additional IT resources. Once a breach occurs and exposes employee or customer PII, a cybersecurity insurance policy will activate and help notify the necessary parties of the incident while helping mitigate the company’s liability.

Cybersecurity insurance policies can cover fraud and theft, as well as the forensic work necessary to expose a network’s weaknesses and help prevent future incidents. These types of policies can also help recover extorted funds and assist with the loss and restoration of data.

5. Regularly back up and encrypt your data.

Have you ever forgotten to save a document before you closed it? It’s awful to lose all that work you put in because of a moment of absentmindedness. Now, imagine you saved all of your data, but it’s all been deleted by a rampaging hacker who wants to do harm. It’s even worse to lose all that work because of a targeted attack. The good news is that it’s perfectly preventable with a cloud-based document management system.

By regularly backing up your data to an encrypted location, you not only add security to your corporate documents, but also protect them from being deleted permanently. If you keep multiple copies of your documents on a secure server or an external drive, it stops hackers from finding them in the first place. [Read related article: Cloud Encryption: Using Data Encryption in the Cloud]

Eduardo Vasconcellos contributed to this article.