What is a cyber attack?

Due to the global networking of today's IT systems, it rarely happens that they are used in isolation. IT systems communicate both locally and globally via networks such as B. mobile networks or the Internet.

The entirety of these globally communicating IT systems is called cyber space.

An important part of cyberspace is the Internet and more and more IT communication relationships are being relocated there. Due to the constant and daily accumulation of enormous amounts of data and information, cyberspace becomes a very attractive target for hackers.

In addition to the Internet (GAN), many other network structures are also used, such as LAN, WAN, etc.

A wide variety of attacker groups primarily use cyber space as an attack vector to achieve their interests with a specific goal.

Table of Contents

These interests can be:

  • Extortion for money
  • information gathering
  • Sabotage
  • Influencing or enforcing political interests

...and many other interests

"If you have something that can be valuable to a competitor,
you will be targeted and almost certainly compromised.”

We primarily distinguish between the following three attacker groups:

  • Script Kiddie – The district league
  • Technical Attacker – The Bundesliga
  • Industrial Hacker - The Champions League
ProSec Attacker Pyramid Cyberattack
Do you want to protect yourself against cyber attacks?
Arrange a consultation appointment now!
Request advice

Common attack purposes include:

Espionage (attack on confidentiality)

Cyber ​​attack, espionage (attack on confidentiality)

Manipulation (attack on integrity)

Cyber ​​attack, manipulation (attack on integrity)

Sabotage (attack on availability)

Cyber ​​attack, sabotage (attack on availability)

Typical cyber attacks:

Phishing is one of the most common and promising types of cyber attacks. Attackers try to access user data or compromise the company's IT environment via fake emails or websites.

The  Ransomware it is malware, and the German public likes it too Crypto Trojan or called blackmail Trojans. This cyber attack uses cryptographic methods to encrypt a user's files and thus deny him access to them, sometimes also to the entire computer system and the connected network.
Depending on the target of the malicious code, the malware can delete and edit files in the system or provide data about the user's behavior to third parties.

Cross-site scripting (XSS) are client-side cyber attacks on websites and what is attached to them.

For example, the JavaScript code is inserted into form fields or ads on the web page, which is executed when it is sent back to the server. SQL injections, which are aimed directly at the connected database, fall into a similar category.

With Stored XSS, the malicious JavaScript code that was stored in the database as part of the cyber attack is executed with every call.

Social engineering uses a variety of psychological manipulation techniques to attempt to gain the trust of a specific individual into revealing important information (such as login names and passwords). Occasionally it is also a question of simply eavesdropping on a target person.

Due to the constant further development in the IT world, new cyber attack methods and scenarios arise almost every day.
Other cyber attack scenarios, such as PhishingRansomware or Malware, can be found in the wiki on our website.

Protection against cyber attacks

Unfortunately, there is no such thing as 100% protection against cyber attacks. Nevertheless, the effect of such attacks can be clearly identified and mitigated by taking suitable measures.

Is your IT secured against cyber attacks?
Have a penetration test done now!
More about the penetration test

Suitable measures are:

  • a well-functioning IT infrastructure
  • penetration testing
    serious security gaps and the resulting attacks by professional hackers.
    Closing the IT weak points as quickly as possible.
  • Continuous security testing
    Continuously check and optimize the IT infrastructure and applications.
  • Security awareness training
    Prepare employees specifically for social engineering and sensitize them to IT attacks.
  • Monitoring = transparency of the entire IT infrastructure
  • segmentation
    e.g. B. Network Separation “Accounting” from “Production”
  • Quality patch management and configuration management
    e.g. B. All updates are up to date
  • Early detection of security gaps (e.g. through V-Screening)
DIVIDE
Newsletter Form

Become a Cyber ​​Security Insider

Get early access and exclusive content!


By signing up, you agree to receive occasional marketing emails from us.
Please accept the cookies at the bottom of this page to be able to submit the form!
OTHER CONTRIBUTIONS

Table of Contents

PSN_KU_Cover
NewsLetter Form Pop Up New

Become a Cyber ​​Security Insider

Subscribe to our knowledge base and get:

Early access to new blog posts
Exclusive content
Regular updates on industry trends and best practices


By signing up, you agree to receive occasional marketing emails from us.
Please accept the cookies at the bottom of this page to be able to submit the form!