Usually, when the average person hears 'hacker', they automatically think 'cyberattack'. Of the malevolent kind. That kind of thinking isn't exactly correct, nor is it fair to the hordes of benevolent hackers who do good deeds.

They're called white hat hackers, by the way. Their 'white hat' designation mirrors the 'good guys wear white' motif from Hollywood Westerns of yore. There are black hat hackers and hackers of other-coloured hats, too. You can read all about them and their various functions in our companion article.

Back to today's topic, now.

It might help to explain things if we understand cyberattacks and hacking this way: all cyberattacks are hacks but not every hack is a cyberattack.

For instance, an organization might hire a certified hacker or hacking team to probe their computer systems for vulnerabilities. Those blue-hats (or white-hats) would spend hours going through that network's code, looking for open ports or gaps in security protocols that could allow a malicious hacker entry into that system.

Besides being contracted to hack a network or system to ensure its continued safety, how does a hacker decide which systems to attack?

Besides the obvious motives - having their demands met, whether a political action or just a big payday, cybercriminals consider three factors when choosing their targets.

The Vulnerability Factor

As alluded to above, if any part of a prospective target's computer network is weak - lax security protocols, outdated and/or poorly maintained equipment, cybercriminals will spend a bit of time investigating that entity's profile to find out what they can gain from their attack.

Even if their aim is to simply disrupt service or crash the targeted system entirely, the more vulnerable and poorly maintained the network and infrastructure is, the more likely it is to be attacked.

A target must meet a hacker's thresholds of vulnerability, excitability and fear before they will attack.
Hackers spend a lot of time investigating systems to find the ones that will meet their thresholds. Photo by Kevin Ku on Unsplash

The Spectacularity Factor

Deeper into this article, you'll learn about some of 2021's most notable cyberattacks. As you read about them you'll note that some are rather mild while others are dramatic, with far-reaching consequences and ramifications.

Cybercriminals gauge a target's suitability by the impact they wish their attack to make. Some attacks are only about stealing data and reselling it; obviously, the attacker wouldn't want to highlight their deed lest they be too quickly caught. Or, lest that databank be too quickly secured, causing them to lose their chance at earning piles of cash.

Other cybercriminals want their attacks to garner a lot of publicity so they can be feared and reviled and, more importantly, ensure quick payment of ransom. Or whatever other demand those malevolent hackers want in exchange for surrendering control of the captured website or system.

The Fear Factor

Fear is a powerful motivator; never more so than when everything you have - from customer trust to financial strength, is on the line. Attackers know that, so they choose their targets based on how much fear their attack will create. The higher the fear factor, the more they can demand and the quicker the pay-out.

Often, attackers like the public to be afraid, too. A scared citizenry might push their elected officials to dedicate extra resources to catch the criminals - another challenge for the intrepid attacker to dodge and overcome. They may also forget cybersecurity on their own devices. A fearful/forgetful person might more easily fall for a phishing scam that popped up in their email, giving those criminals full access to their computers, passwords and even files they store in the cloud.

However, the attackers themselves likely don't feel fear.

When a targeted system or network meets the attackers' threshold for these three factors, the process of interrupting services, disabling infrastructure and initiating ransomware begins.

The best Computer Programming tutors available
Priyanka
5
5 (158 reviews)
Priyanka
$99
/S£/h
Gift icon
1st lesson free!
Suman
5
5 (69 reviews)
Suman
$60
/S£/h
Gift icon
1st lesson free!
Kishore
5
5 (16 reviews)
Kishore
$60
/S£/h
Gift icon
1st lesson free!
Adi teja
4.9
4.9 (27 reviews)
Adi teja
$50
/S£/h
Gift icon
1st lesson free!
Deepak
4.8
4.8 (15 reviews)
Deepak
$70
/S£/h
Gift icon
1st lesson free!
Piyush
5
5 (30 reviews)
Piyush
$45
/S£/h
Gift icon
1st lesson free!
Callum
4.9
4.9 (11 reviews)
Callum
$60
/S£/h
Gift icon
1st lesson free!
Chris
5
5 (10 reviews)
Chris
$60
/S£/h
Gift icon
1st lesson free!
Priyanka
5
5 (158 reviews)
Priyanka
$99
/S£/h
Gift icon
1st lesson free!
Suman
5
5 (69 reviews)
Suman
$60
/S£/h
Gift icon
1st lesson free!
Kishore
5
5 (16 reviews)
Kishore
$60
/S£/h
Gift icon
1st lesson free!
Adi teja
4.9
4.9 (27 reviews)
Adi teja
$50
/S£/h
Gift icon
1st lesson free!
Deepak
4.8
4.8 (15 reviews)
Deepak
$70
/S£/h
Gift icon
1st lesson free!
Piyush
5
5 (30 reviews)
Piyush
$45
/S£/h
Gift icon
1st lesson free!
Callum
4.9
4.9 (11 reviews)
Callum
$60
/S£/h
Gift icon
1st lesson free!
Chris
5
5 (10 reviews)
Chris
$60
/S£/h
Gift icon
1st lesson free!
Let's go

Types of Attacks

Broadly speaking, cyberattacks fall into two categories: passive and active. Data collection (for later resale), wiretapping and tapping into fibreoptic cabling to intercept traffic are all examples of passive attacks.

By  contrast, an active attack may involve something like ransomware - when a gang of cybercriminals lock users out of their computers until a ransom is paid, Denial of Service (DDoS) attacks and spoofing are all active attacks.

Spoofing involves the attackers disguising their activity as legitimate to get past authentication and security protocols.

Other types of active attacks include:

  • man-in-the-middle: attackers insert themselves between two parties that believe they are communicating directly
  • man-in-the-browser: a proxy Trojan horse that modifies transactions or adds extra transactions
  • a ping flood overwhelms a system by continuously sending requests without waiting for them to be resolved.
    • ping floods are denial-of-service attacks
  • the ping of death: a malicious ping; it doesn't just overwhelm, it crashes entire systems and may allow attackers to take it over
  • smurf attack: a large number of error control messages (ICMP) sent to all computers on a network, to which the machines will automatically respond, causing the hacked computer to slow down to the point of failure.

All of those are active attacks on networked computers. Other cybercriminals may launch buffer or stack overflow attacks on a network host or server.

Note that a hacktivist group might launch such an attack to see their political demands met but an ethical hacker would do their best to thwart them. That's the difference between ethical hacking and hacktivism.

Every software engineer dreads finding random code in their systems.
It's terrifying to discover that a network has been infiltrated and compromised. Photo by Arget on Unsplash

Notable Attacks

On April 12 of this year, the American news media reported the seizure of a website where hackers advertise the sale of data they stole from consumers. Law enforcement in Germany, Sweden and the UK were also involved in thwarting this international hacking initiative.  

The news media touts this endeavour as remarkable; a giant step towards quashing all cybercrime and data theft. The truth is much more painful: for every advance law enforcement makes in combatting cybercrime, cybercriminals make three or more. And this data marketplace, while outrageous, isn't the worst that cybercriminals can do.

Just consider these massive incursions and their implications.

SolarWinds Hack

In December 2020, several Fortune 500 companies, as well as the US government were horrified to discover that their network and infrastructure monitoring company had been under attack for more than a year. Fifteen months prior, a group of hackers inserted malicious code into SolarWinds' expansive network, giving them access to the US Treasury and the Department of Commerce.

At first glance, that seemed to be the extent of it but the attack was much broader and far more devastating, affecting Microsoft, NATO, the European Parliament and the UK government.

Water Supply in Florida

In February 2021, an unknown hacker took control of that state's water purification and supply systems, dialling up the level of a toxic chemical in the water treatment process. To this day, that perpetrator has not been caught.

When we think of cyber warfare, this is the type of attack that we envision. A terrifying instance of malicious intent destabilising critical infrastructure and threatening life.

Fortunately, the attacker backed out of the system after boosting the lye content some 100 times higher than safe levels dictate and a keen-eyed employee spotted the breach almost immediately. Nobody was harmed as a result of this attack but, if any hack could serve as a warning for the danger to life hacking could cause, this would be it.

This isn't exactly Mass Effect hacking but this hack could have had a massive effect.

JBS Foods Attack

Threats to life aren't limited to water supplies; food production has also been cyber-attacked.

In May 2021, this international meat processing corporation fell victim to ransomware that locked their systems up for several days; long enough for Australian meatpackers to stand thousands of employees down. A ransom of $11 million was paid, much to the dismay of those who believe that paying ransoms incentivises hackers to hack more.

The JBS attack - and, later, the COVID-driven supply chain issues have shown the spotlight on the dangers inherent in our increasingly consolidated food production systems.

Keeping your identity secret is essential in cybercrime
As much as possible, individual hackers keep their identities secret. Photo by Setyaki Irham on Unsplash

Prevalence of Cyberattacks

These are just three of the many, many cyberattacks of 2021. Some forgiving souls blame the pandemic and everyone sitting at home for the explosion of attacks that year but, in truth, cyberattacks have been going on for about as long as there have been networked computers.

The earliest of such attacks, in the late 1980s, was crude but effective. That had nothing to do with attackers' skills but rather with the limitations of technology at that time. Now, as we revel in all the wonderful tools and utilities at our disposal, cybercriminals are cackling with glee and cracking their knuckles as they prepare for yet another foray into our personal data, our civil infrastructure and our governments.

Corporate entities fear the next attack. They look at JBS, a company that spends hundreds of millions on security each year - none of which kept them safe from hacks, and frankly wonder how much of their budget must be spent to prevent an incursion into their systems.

And the average user: do they fret over another Facebook data harvest like the one in April 2021, when personal information from users across 106 countries was exposed? If they're security conscious, they should fret very hard indeed.

Now, learn what hacking is... and isn't.

Enjoyed this article? Leave a rating!

4.00 (3 rating(s))
Loading...

Dan

A student by trade, Daniel spends most of his time working on that essay that's due in a couple of days' time. When he's not working, he can be found working on his salsa steps, or in bed.