- This topic has 25 replies, 17 voices, and was last updated 11 months, 1 week ago by Saranath.
-
AuthorPosts
-
-
2023-09-16 at 10:12 pm #41734SaranathKeymaster
-
2023-09-18 at 11:00 am #41762Weerapat PipithruengkraiParticipant
As I am both an IT developer and a user, There are several common ways to conduct IT security attacks.
– Password attack: This is the most common method to attack IT systems, by guessing the password or cracking password techniques such as brute-forcing.
– Phishing attack: This method is a social engineering attack that tricks users into revealing sensitive information using lucrative content such as fake links, emails, and messaging.
– Malware: This is malicious software that can damage computer systems, they are commonly delivered by email attachments and fake software downloads.
– Drive-by attack: This is a cyberattack that occurs when a user visits a website that automatically downloads the malware to their IT devices.
– Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS): This cyberattack aims to overwhelm and disrupt IT resources by being flooded with multiple illegitimate requests, resulting in the inability to respond to service requests.
– SQL injection: This can be done by injecting malicious SQL code into a vulnerable web application database to access and modify data.-
2023-09-19 at 11:37 pm #41788Nichcha SubdeeParticipant
Thank you for the excellent overview of common IT attack methods. I would like to point out that these attacks are continuously evolving. This certainly raises concerns that we should keep watchful about in the future.
-
2023-09-25 at 9:48 pm #41890Myat Htoo LinnParticipant
Hello Weerapat!
Thank you for providing a summary of the common ways IT security attacks can occur in the IT profession. While I may not fully grasp the intricacies of these methods, it’s important to recognize them as possible paths for various security attacks. We should remain alert regarding these concerns in our work. -
2023-09-25 at 9:50 pm #41891Teerawat PholyiamParticipant
You nailed all details of what we’ve learnt, you explained very well and easy to understand your explanation, thanks for your sharing Weerapat!
-
-
2023-09-18 at 11:38 am #41771SaranathKeymaster
Ah!! We got the IT to answer this question first. Weerapat gave almost all common security attacks. Other students are allowed to provide similar discussion, but with your understanding please.
-
2023-09-19 at 12:50 am #41780Nichcha SubdeeParticipant
There are multiple ways to be targeted by attackers for hacking, and three common methods that non-IT people, like myself, often hear about for the theft of personal information are as follows:
1. Phishing Attack
Attackers frequently employ deceptive emails or messages to trick individuals into revealing sensitive information, such as financial details. When I receive a phishing email, I take the following steps: I report the email as phishing and then delete it from my account.
2. Password Attack
In this type of attack, hackers may either guess or steal the usernames and passwords of users. They then use this information to access other services where the same credentials are used. This type of attack is quite prevalent. When creating an account on a website, the system typically requires users to adhere to specific password criteria, such as including uppercase and lowercase letters, symbols, and numbers.
3. Malware Attack
While browsing websites, users may encounter pop-ups. The best course of action in such cases is to close these pop-ups immediately, as clicking on them can allow malware to infiltrate your computer. -
2023-09-21 at 8:12 pm #41813PhyoParticipant
There are several types of cyberattacks which I learned in a previous elective course. Those include several malware attacks such as viruses, Trojans, spyware, worms, etc., and phishing attacks such as sending emails and messages with fake accounts.
There are other interesting malicious threats I also learned such as:
Insider threat in which intentional or negligent insiders in the organization compromise security or assist external attackers.
People with little knowledge of computer security can encounter the following threats.
– Pop-up advertisement on browser: Attackers use malicious code in the pop-up advertisement when it is linked.
– Not updating the OS and Browser could be holes for hackers to take advantage of penetrating into the system.-
2023-09-23 at 11:48 pm #41869Teeraboon LertwanichwattanaParticipant
That is indeed true. I once encountered a pop-up advertisement when I was a child, and I didn’t understand what it was, so I clicked on it without realizing the consequences. After that, my computer displayed a virus detection, which was a really unfortunate experience.
-
-
2023-09-22 at 11:46 am #41826Supida BamrungtrakulsukParticipant
I would like to focus on 3 examples of cyberattack methods that occur in hospitals.
1) Ransomware attacks:
In 2017, the WannaCry ransomware attack targeted hospitals and healthcare organizations worldwide, including the National Health service (NHS). It exploited a vulnerability in Microsoft Windows Systems across networks. WannaCry infected computer systems and encrypted patient records to demand a ransom in cryptocurrency for decryption keys, leading to disruption and potential risks to patient care.
2) Phishing attacks:
In 2020, a phishing campaign targeted healthcare workers with COVID-19 related lures. Hospital staff received phishing emails containing malicious attachments or links that seem to be from a trusted source. Clicking on the provided link led to credential theft, which was a fake login page similar to the hospital’s email system, and unauthorized access to the hospital’s network and potentially compromising patient data.
3) Insider threats:
This cyberattack could be caused by intention or accident. In 2014, a former employee of a Texas hospital gained unauthorized access to sensitive patient information and exposed them to external parties by posting them online. This breach compromised the privacy and security of patients, leading to legal consequences for the hospital. -
2023-09-22 at 12:42 pm #41828Ching To ChungParticipant
I have personal experience with three kinds of attacks
First is the DDoS attack, which stands for Distributed Denial of Service. For this attack, the attacker usually has control of a “zombie network” of computers, which he could control to send a huge amount of requests to the target, flooding the traffic and thus making the target network no longer usable. This is surprisingly simple to do, so simple that it could be demonstrated using the windows command line to sent a large amount of requests. To guard itself against these attacks, many websites nowadays have employed cloud cybersecurity services (a famous example would be Cloudflare) which distinguishes authentic requests from DDoS requests.
Second is the Phishing attack. The attacker pretends to be some authentic website or entity, but instead captures the data of the victim. Since these phishing websites often look very real, many people tend to fall victim to them without checking if the URL is authentic first. This is also not difficult to carry out, as it is very easy to copy the whole HTML and CSS code of another website, so there could be 100% resemblance to the real website. An unsuspecting victim may receive an email to “reset their password due to security risks” or “enter their credit card information” on the phishing website, and the attacker would receive their information. One of my friends received a DHL email claiming that she has a parcel to receive but has yet to pay the shipping fee. She was led to a very real looking DHL website, and was asked to pay the shipping fee through her credit card. She immediately got charged $1000 USD on her credit card after entering her credit card information.
Third is the SQL injection attack. Many web apps use SQL to query their database, and if the system if not set up well and contains vulnerability, the attacker may be able to “inject” their code annd make the system behave however they want. I have a little bit of experience learning SQL injection for myself (for academic purposes of course), so I will give a more detailed example for this sake about how SQL injection could be performed. For example, let’s pretend that there is this URL to a hospital blog: https://website.thm/blog?id=1. This is a blog website from a hospital and contains public and private pages, where private pages are only available to be seen by internal staff after they log in. From the URL, you can see that the blog entry been selected comes from the id parameter in the query string (/blog?id=1). The web application needs to retrieve the article from the database and may use an SQL statement that looks something like the following: SELECT * from blog where id=1 and private=0 LIMIT 1;
This SQL statement is looking in the blog table for an article with the id number of 1 and the private column set to 0 (0 means False), which means it’s able to be viewed by the public and limits the results to only one match. Now, SQL Injection could be introduced when the user input is passed into the database query. In this instance, the id parameter from the query string may be used directly in the SQL query.Let’s pretend article id 2 is locked as private, so the attacker cannot be view it on the website. We could now instead call the URL: https://website.thm/blog?id=2;– This would then, in turn, produce the SQL statement:SELECT * from blog where id=2;– and private=0 LIMIT 1; Since the semicolon in the URL signifies the end of the SQL statement, and the two dashes cause everything afterwards to be treated as a comment in SQL syntax, by doing this, you’re running the query:SELECT * from blog where id=2;– which will return the article with an id of 2 whether it is set to public or not. By doing this set of procedures, the attacker would now be able to see blog number 2 himself, which should normally be locked only to be seen by internal staff after log in.
SQL injections tend to be very complicated, but if successful, lead to huge an serious data and privacy breach.
-
2023-09-23 at 11:35 am #41862PhyoParticipant
I have learned about SQL injection attacks from your comment. By injection of SQL query, private data have been shared with the attacker or the public depending on the purpose of the hacker. Passwords from some weak cybersecurity enterprises can be hacked with SQL injection as well. It is surprising that the SQL injection attack started many years ago. Thank you for sharing with us.
-
2023-09-24 at 3:42 pm #41875Pyae Thu TunParticipant
Thanks for the detail explanation of an example for SQL attack and that’s interesting, Ching To Chung. Though I cannot imagine the whole process of coding, it gives me a general idea of writing a SQL statement to get a hidden blog with a simple code.
-
-
2023-09-23 at 1:03 am #41842Suppasit SrisaengParticipant
In addition to the types of cyber attacks already mentioned, a compelling example of a Zero-Day Exploit is the Stuxnet worm. This notorious malware targeted Iran’s nuclear enrichment facilities and exploited zero-day vulnerabilities in the Windows operating system. As a result, it compromised the industrial control systems and led to the destruction of nearly 20% of Iran’s nuclear centrifuges by making them spin out of control. This case serves as a stark example of the devastating impact such attacks can have on critical infrastructure. I came across this intriguing example through a YouTuber named 9arm.
-
2023-09-23 at 9:28 pm #41867Soe HtikeParticipant
I think there are some very simple ways to hack a system even without sophisticated technical skills, such as “Social engineering” which involves tricking people into giving you access to their systems or information. For example, you could pose as a legitimate IT support person and ask for someone’s password. Or, you could send a phishing email that looks like it’s from a trusted company and ask the recipient to click on a link that installs malware on their computer.
The other option is “default passwords”. Many devices and systems come with default passwords that are easy to guess. For example, the default password for many routers is “admin.” If the user hasn’t changed the default password, you can easily hack the device by simply trying the default password.
I also think of a “physical access” but I don’t want to sound ridiculous while everyone is talking seriously. -
2023-09-23 at 11:41 pm #41868Teeraboon LertwanichwattanaParticipant
I’ve come across information regarding the COVID-19 pandemic and the associated increase in cyberattacks. This period was marked by a significant surge in online activities, encompassing work, education, communication, and various essential tasks conducted in the digital realm. Many organizations opted for a work-from-home strategy to ensure the safety of their employees and to curb the spread of the virus.
However, this shift to remote work also attracted the attention of cybercriminals. One prevalent type of malware that gained notoriety during the pandemic was ransomware. Ransomware attacks have the capability to lock users out of their files, demanding a ransom payment to be made to the attacker before access is restored. These payments are often requested in the form of Bitcoin, which provides an extra layer of anonymity, making it challenging to trace the transaction. Additionally, I’ve learned that victims of such attacks may have no option but to pay the ransom to regain access to their data.
-
2023-09-24 at 2:04 pm #41872Weerapat PipithruengkraiParticipant
I agree that if the computer gets attacked by ransomware, there is very little option to do so. Since the ransomware uses a very specialized encryption technique that is very difficult to decrypt, the only way to get rid of it is to either pay the money or wipe all of the data from the hard drive. The only way to prevent this attack is to use a good antivirus and keep them updated.
-
-
2023-09-24 at 9:32 pm #41878Pyae Thu TunParticipant
From the point of non-technical knowledge in coding or programming like me, the easiest way is to get a password by taking without permission from the victim. E.g., some people use the pattern lock instead of pin or password for logging into their smartphone which is quite easy to remember at a glance of sneaking. As I learned though web, it’s still having a chance that if a user only uses plain text password, it could be hacked with a dictionary attack.
As there are so many people with poor knowledge of cybersecurity, and most of them set their password linking to their name, date of birth, email and any number which is quite easy to guess if we can find their basic information from their social media account. And generally, most of them keep the same password for different accounts on social media which is very easy for an attacker to manipulate at different sites once he got that password.
And recently, I just have an experience that some of the password can be override with a specific software easily. I had been using fingerprint option to sign in my laptop and last week I have to change the pin (another sign in option) for some reason, it requested me my original password which is link with my Microsoft account. Since it’s been a long time not using that password, I had to go to the service center and there they used a professional password recovery tool and within a minute I could reset my password again. That’s a way of simple log in and there are many tools we can use to hack into someone’s security system with a click.
Another way is to inject any virus program as an intension of destroying someone’s important data or operating system rather than getting information. That kind of attack can be as simple as putting an infected memory stick to their computer and that kind virus was familiar to me when we started to use mp3 player for copying music files from friends back in student life.
Nowadays, there are so many cases where victims were getting cyberattack with a spamming call or message that doesn’t need any technical knowledge from spammer. They can make the victim reveal their important ID and financial account password from a fake call or link that resembles the communication coming from an official site or any authorized person of a trusted organization.
-
2023-09-24 at 11:48 pm #41879Teerawat PholyiamParticipant
Many classmates above explained very well on how the attacker conduct security attack that there are many common types of cyber-attacks such as Password attack (try to guess well-known passwords), Malware attack (install themselves on a system or device surreptitiously without permission) and so on.
In past few years in Thailand, some people have been experiencing the cybercrime for mobile banking service that we can see in news every single day. So, I would like to share the ways on how hacker conduct the Mobile Online Banking.
The hacker applied with multiple security attacks types and skills to attack the users for example –
Fishing or Phishing is aim to steal sensitive information, they performed to collect information as much as they can or received hacked database from the official organizations, they will send fraudulent emails, text messages, or websites that appear to be from legitimate sources, the users may be persuaded to click for winning prize, won lottery, financial loan or provided something that is concerned to banking activities.
Moreover, the attacker may made drama situations that related to user’s personal background and issues (prohibited item from customs or money laundering calls from police station), they proceeded with collecting sensitive information from (Phishing attack) to persuade users to install a remote control application, then they will monitor phone screen and may try to guess well known password (Brute Force Attack) to access into the Mobile Online Banking app while other attacker team members may talk and discuss with the user (Social Engineering).
The idea what we can protect ourselves is to avoid clicking on any links, messages or emails that are unsured. Do not install any unknown/unsure applications. If received links, better to contact the providers.
Most of cyber attackers, they are operating outside the country, so this is one of tasks for health informaticians to think about and have awareness of cyber attacking challenge.
-
2023-09-25 at 7:26 pm #41885Panyada CholsakhonParticipant
According to my understanding, as I have a very little technical knowledge, in our everyday life, we can easily see various forms of security attack. For example, people loose savings or money to phishing scammers. This is the common situation that we can always see in the news and social media while many organisations are trying to warn people to be aware of it. It usually happen when the victim click on a link that received in emails or social media messages. The hackers trick them to share login credentials to their bank accounts and steal their money. The phishing calls, sometimes Thai people also call ‘Call Center Gang’ that also be seen in the news and is very popular these days. This way the attackers make fraudulent calls to people and pretending they are from trusted organizations such as police or government agencies and trick the victims to give their personal information.
Another way of security attack is password attack as my classmates mentioned above. Using default password and the Brute force Attack, the attackers will try to guess (using default password is very risky because it’s very easy to guess while Brute force attack might consume a lot of time to try every possible combination until discover the right password) in order to access to the victim’s account and find their sensitive information.-
2023-09-25 at 9:58 pm #41892Teerawat PholyiamParticipant
That’s an issue for notional dilemma that we have experienced for few years, I feel so sad to hear that many people lost money and they decided to suicide from the news cause of cyber attacker 🙁
-
-
2023-09-25 at 10:43 pm #41895Myat Htoo LinnParticipant
I am here to learn from all of you about the various methods that can be employed to carry out security attacks within this discussion topic.
I only have the experience of learning “Phishing Attacks” in my workplace at the IT security awareness training by the IT professionals to raise awareness regarding our use of Microsoft email, as it directly pertains to our organization. We were educated that ‘Phishing’ involves the deceptive practice of sending emails or messages that impersonate reputable companies and legitimate institutions, with the intention of tricking individuals into divulging personal information, such as passwords and credit card numbers. It was noted that such security attacks pose significant risks to any organization, and we were encouraged to remain vigilant and promptly report any instances.I also explored whether there are any other kinds of security attacks and noticed two things: the first one is “Zero-Day Exploit” which is noted as the attackers take advantage of vulnerabilities in software or hardware that are not yet known to the vendor or have not been patched, giving them a window of opportunity to attack. It is an attack that occurs before the software developer has had the opportunity to create and distribute a patch or fix for the vulnerability. Another interesting one is the “Supply Chain Attack”, in this type of attack, the attackers compromise the supply chain by introducing malicious components or software into products or services that organizations unknowingly deploy. These two would be also the possible means to conduct the security attack and we should remain informed about them.
-
2023-09-26 at 2:10 am #41900Sirithep PlParticipant
In my status as a user and not proficient in technical knowledge, the human may be the weakest point to attack. The password is one vulnerability to attack the system. Some users may use the same username and password or the password that is easy to guess. The dictionary attack is the one way that the attacker can access the system. So, the training for intradepartmental staff and password policy are essential to prevent this attack.
The phishing is another attack that creates convincing emails requesting potential victims to click a link to update their account information. The attacker receives the privacy data and can access the system. Thus, the training for cybersecurity awareness is helpful. Fortunately, the devices which are related to the health information system in my workplace, cannot be access to the internet, they may be another option to prevent this attack.
-
2023-09-26 at 2:42 pm #41907Thitikan PohpoachParticipant
Thank you for excellent examples form other classmates! As a non-IT person, I actually learned a lot from these comments.
Three commons types of cyber attacks are summarized as follows:
1. Malware attack refers to software viruses (i.e., trojans, spyware) which breaches a network through a vulnerability. We can got attack by downloading suspected email attachment or using an infected flash drive.2. Phishing attack is another cyberattack wherein an attacker acts like a trust contact and sends a victim fake links.
3. Password attack is when the hacker cracks our password with the programs or tools.
-
2023-09-28 at 12:31 am #41943Noi YarParticipant
I have learnt a lot from the video and also from you all. As non-IT person, I have only experienced phishing attacks in the form of emails. But in the past 1 or 2 years in Myanmar, I have found a lot of victims of phishing attack with elements of social engineering and potentially mobile malware. The attackers used deception to trick users into installing a malicious mobile app, which, in turn, allowed them to steal sensitive information and initiate unauthorized transactions. The attackers set up a Facebook page selling services or pretending official Facebook page of banks to lure potential victims. They then encouraged customers to install a mobile application, promising discounts as bait or ask for banking information claiming it is needed to secure the bank accounts. Once users installed the mobile application, it requested certain permissions. After gaining these permissions, the app could have started harvesting sensitive data from the user’s device. With access to sensitive data, the attackers might have used the stolen information to initiate unauthorized transactions, including mobile banking transfers, without the victims’ knowledge or consent. It’s also possible that the app contained malware designed to facilitate unauthorized access to the user’s mobile banking application. Malware can silently run in the background, allowing attackers to take control of the device.
-
2023-09-30 at 10:58 am #42023SaranathKeymaster
Great! This is a power of knowledge and experience sharing. Thank you!
-
-
AuthorPosts
You must be logged in to reply to this topic. Login here