Targeted and Untargeted Cyber Attacks
Before discussing the attack methods of hackers, targeted or untargeted, we first must understand the difference between the two.
First, untargeted attacks are when hackers have no specific vertical, business, or person they are attacking. Instead, they simply cast as wide of a net as possible, and send out the malicious email, links, etc. hoping to infect as many people as they can.
Targeted attacks are cyber attacks specifically designed to infect a particular industry, person, business, or event. For instance, the cyber attacks that hit this year’s opening Olympic ceremonies, the City of Atlanta, or Colorado’s Department of Transportation are all examples of targeted attacks. In addition, certain ransomware variants like SamSam are known to be used in a targeted fashion, with 24% of their attacks in 2018 hitting the healthcare industry.
But which is most common?
Untargeted attacks are far more common than a targeted attack, for two primary reasons. First, it is easier to execute. Instead of trying to determine how to infiltrate a specific system, hackers simply create a generic email with malicious content such as an attachment or link. From there, they will send it out to every email address they have access to. Depending on the form of malware used in the email, this may lead to extortion from ransomware, installing keyloggers to track user credentials, the installation of spyware, or breaching company and/or personal data. Since they have no targeted audience, the content in the email is kept very vague, so it may be applicable to everyone. For instance, it may be a fake tracking link for a recent “purchase”.
Which are more destructive?
Although untargeted attacks are more common, targeted attacks tend to cause far more destruction. In order for a targeted attack to occur, there must be two things — a desire to cause damage, and the knowledge to do so. In targeted attacks, hackers will often target an entire vertical, such as the financial sector or healthcare industry. The industry they opt to attack is contingent upon the type of cyber attack they’re executing.
For instance, if their end goal is to make money, they’ll likely use ransomware and go after an industry heavily reliant on IT services, such as hospitals or banks. However, if hackers are targeting credit card information to sell on the dark web, they will target a large retail store. The malware variant used is hand-picked, based on the specific target to generate the most destruction.
Avoiding Falling Victim
By clicking on a malicious email, you open yourself up to malicious cyber activity, not only on your device, but any other device connected to the network. Therefore, to keep your network secure, all users must understand the red flags to be on the lookout for. To avoid falling victim to a cyber attack, users should do the following:
- Look at the “from” address in the email and ensure it is someone you know
- Check the “reply to” address and confirm it would go to who it’s supposed to
- Look for grammatical and spelling errors within the email
- Hover over the link to see where the destination URL is going to take you
- Review recent purchases to determine if you should be expecting this “invoice” or “tracking info”
If you ever question the legitimacy of an email, call the business or person it is allegedly from to confirm its authenticity.
Also, ensure your device’s operating system and third-party applications are updated. By doing so, all known vulnerabilities will be patched avoiding the ability for them to be exploited by cyber criminals.