Cyber Attack

From Open Risk Manual
Revision as of 00:13, 5 March 2020 by Wiki admin (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Definition

A Cyber Attack is a specific form of Cyber Risk/IT Security Risk that involves an attack to an organizations digital asses by an external agent

Cyber Attack Purpose

Attacks performed from the internet or outside networks for different purposes

  • fraud
  • espionage
  • activism / sabotage
  • cyber terrorism

Cyber Attack Techniques

  • social engineering
  • intrusion attempts through the exploitation of vulnerabilities
  • deployment of malicious software resulting in taking control of internal IT systems

Other Types of Cyber Attack

  • Execution of fraudulent payment transactions by hackers through the breaking or circumvention of the security of e-banking and payment services and/or by attacking and exploiting security vulnerabilities in the internal payment systems of the institution.
  • Execution of fraudulent securities transactions by hackers through the breaking or circumvention of the security of the e-banking services that also provide access to the customer’s securities accounts.
  • Attacks on communication connections and conversations of all kinds or IT systems with the objective of collecting information and/or committing frauds.

Examples

NB: The detailed examples are drawn from financial industry specifics

  • APT (Advanced Persistent Threat) for taking control of internal systems or stealing information (e.g. identity theft related information, credit card information).
  • Malicious software (e.g. ransomware) that encrypts data with the aim of blackmail.
  • Infection of internal IT systems with Trojan horses for committing malicious system actions in a hidden manner.
  • Exploitation of IT system and/or (web) application vulnerabilities (e.g. SQL injection ...) to gain access to the internal IT system.
  • Attacks against e-banking or payment services, with objective to commit unauthorised transactions.
  • The creation and sending out of fraudulent payment transactions from within the internal payment systems of the institution (e.g. fraudulent SWIFT messages).
  • Pump and dump attacks where the attackers gain access to e-banking securities accounts of customers and place fraudulent buying or selling orders to influence the market price and /or make gains based on previously established securities positions.
  • Eavesdropping/intercepting unprotected transmission of authentication data in plain-text.