18 OCT 2017

What is it a cyberattack?

A cyberattack can be defined as a hostile activity towards systems, instruments, applications or elements that have an IT component. It is an activity that aims to obtain a benefit for the attacker to the detriment of the attacker. There are different types of cyberattacks, they depend on the objectives to be achieved and on the technological and context scenarios.

There are cyberattacks to prevent the operation of a system, attacks that point to the compromise of a system, attacks that aim to capture personal data held by a system or a company, cyber-activism attacks to support causes or information or communication campaigns. In recent times, among the most widespread attacks, there are economic attacks and data flows attacks, called Man-In-The-Middle: an attack that targets a popular website or a database to steal financial data.

Those who operate a cyberattack, alone or in groups, are called Hackers.

How to prevent attacks if you become a hacker’s target

In a first phase, the hacker performs a silent reconnaissance activity using online tools and he collects meaningful information through systems that is not exposed, but accessible. Since this research is passive, the victim cannot intervene. This first phase is followed by an active reconnaissance in which the hacker confronts himself with the system to be attacked looking for vulnerabilities and errors: if the victim is equipped with appropriate technological defense tools, can be able to identify the attack.

A high number of attacks happens exploited a technological weakness, such as a programming error, or a human weakness, such as a default password that the user has not changed. A good strategy to prevent a subsequent attack or identify the responsible may be to store access data not only locally, but also on a storage system that allows to store it outside. The hacker tends to erase his tracks, but having duplicate data allows to restore it and also to have a trace of the accesses.

In most cases of cyberattacks, the strategy is silent and we do not notice the attack until it has happened and has compromised the system. Another issue is the case of attacks that want to create an image damage: the attack is going to be visible with the appearance of error or complaint screens, with the blocking of pages and with other methods which hackers decided to use to make clear their attack.

What is a back door and how it works

A backdoor is a vulnerability that has been specifically created and inserted into an information system. Backdoor has been deliberately inserted into the system to make it fallacious, so it is always very difficult to be sure that there is not a backdoor in a software. An example that has attracted a lot of interest about backdoors, was the case of WhatsApp.

For a company is difficult to predict an attack, but it is important that every company is equipped with data protection systems, safe software and tools, to protect its business and its value.

Edited by Lucia D’Adamo, supervised by Marco Pirrone