The Internet has made life easy. There are many advantages of using the internet but cannot ignore the disadvantages. One of the biggest advantage is threat to the personal data giving rise to cyber attacks. 

What are cyber attacks?

Intentions of cyber attacks are to cause inconvenience, derange, weaken, damage, etc., to steal, delete, alter or block the data saved on the systems resulting in data loss and data breeches. Further, hampering the work and causing financial and reputational loss to the company. An individual or a group of people who carry out such actions are called as hacker(s). 

General ways hackers launch cyber attacks. 

There might numerous ways for hackers to attack a system, however, below mentioned ones are the common ones, the ones users need to be careful about. 

1. Usage of infected external storage devices such as pen drives. 
2. Using malicious or dangerous links sent on e-mail, messages or other sources. 
3. Access devices containing confidential data without any encryption. 
4. By using trial and error methods to decrypt data such as password. 
5. Using organization’s resources without their permissions.

What are different types of cyber attacks?

Below are a few type of cyber attacks.   

1. Malware Attack: When a user clicks on a dangerous link or uses an infected external storage device, malicious softwares such as ransomwares, adware, worms, trojans etc., posing as legitimates softwares downloads on the systems and starts disrupting the system. They can steal and manipulate data or blocking access to network components or start displaying ads on the system screen. Users can prevent such attacks by using antivirus softwares, using firewalls and by not clicking on suspicious links. 

2.  Password Attack: When a password is weak, predictable or repeated, it becomes easy for a hacker to crack your password and log into your bank accounts, e-mail accounts etc., The result of this is obvious loss of possible, resources and cn lead to identity theft. 

3. Phishing Attack: When hacker impersonates as a trusted contact to the victim and sends fake mails containing malicious links or attachments. This can help the hacker gain access to account details and other information. 

4. Denial-of-Service Attack or DDoS (Distributed Denial-of-Service) attack: This is the type of cyber attack where a system or device seizes the services of the system which it is intended for. Hackers bombard the system, devices, servers or networks and flood them with number of requests to exhaust the bandwidth, thus rendering the resources overwhelmed with requests and thus slowing down or shut down of the systems. Therefore causing huge loss of time and resources to the companies.

5. Insider Threat: This is when the hacker is not a third party but is inside the organization. The obvious understanding that the hacker in this situation knows a lot about the organization, means that the damages can be huge. Companies can do a lot to avoid such attacks by training the employees about privacy policies and security awareness, while adopting zero trust architecture in network security. 

6. Zero-Day Exploit: This kind of attack happens when the hacker knows about a certain software vulnerability before the software vendor or antivirus vendor. The hacker then exploits the vulnerability and plans for an attack. This can be avoided by fixing the vulnerability on priority. 

7. Watering Hole Attack: An attack is launched aiming specifically at a certain organization, group, or specific sector of people by compromising websites they visit to enable distribution of malicious softwares. Further, targeting the user’s personal information. One of the major disadvantages of this kind of attack is that the hacker can also remotely access the system that is infected. Using a VPN or using private browsing feature of the browser can help users avoid this kind of attack.

How to avoid Cyber Attacks?

Although there are many types of cyber attacks, all these could be avoided by taking care of a few personal tips

1. Keeping the OS and applications on the systems updated. 
2. Use good and trusted antivirus software.
3. Use firewalls and other security tools to avoid the attack. 
4. Ensure your passwords are strong and changed every once in a while. Also, ensure the passwords are not repeated. 
5. Avoid using malicious pen drives or other external storage devices. 
6. Do not open e-mails or click on malicious links from unknown sources. 
7. Ensure your data is properly encrypted and regularly backed up. 
8. Use log in methods such as 2FA or multi factore authentication. 
9. Educate employees about the privacy laws and other security principles. 
10.  Avoid using open or public Wi-Fi networks.