The internet has contributed to the democratization of information such that hackers and cyber thieves have access to the same information as the companies that develop defenses to thwart data breach activities. Both hackers and cyber-defenders scrutinize known vulnerabilities in systems and networks to ply their respective trades. The following five cyber vulnerabilities have kept both groups busy over the past several years.
The Heartbleed Bug
The Heartbleed Bug is a weakness in open secure socket layer (OpenSSL) encryption that allows hackers to bleed chunks of data out of an otherwise encrypted server without leaving any traces of hacking activities. A user’s computer maintains communication with a server via a series of periodic messages. Hackers use a weakness in this mechanism to draw information out of the server with each successive message communication. Changing passwords, updating to newer versions of OpenSSL, regenerating encryption keys, and requesting new SSL certificates will generally close this vulnerability.
Zero Day Threats
Zero Day threats are often the most destructive vulnerabilities for any affected system or network. This term does not refer to a single known weakness in any system or network, but is instead a general term for a cyberattack that takes advantage of a newly-discovered vulnerability that antivirus software developers have not yet discovered. Zero Day threats effectively define the relationship between hackers and cyber-defenders. Whichever group discovers the threat first can take the best advantage of it before it becomes a publicized and known vulnerability.
Rowhammer Attacks
More than any other vulnerability, the Rowhammer attacks demonstrate the creativity, intelligence, and ingenuity of the hacking community and the researchers who defend against hacking. Unlike software based malware of other code-based methodologies that exploit software vulnerabilities, Rowhammer attacks overwhelm computer hardware with electrical pulses that change security settings to give hackers access to otherwise secure data. A Rowhammer attack is analogous to breaking down a physical door with a battering ram, except the attack is carried out at a microscopic level on computer chip geometries that are measured in angstroms. Researchers and hackers had previously demonstrated an ability to attack the vulnerability of computer hardware such as cooling fans and hard drive motors. The feasibility of attacks at a chip-level may well catalyze new and more secure chip designs.
DDoS Attacks
Distributed Denial-of-Service (DDoS) attacks are another brute force method that hackers use to break into otherwise secure networks and systems. Hackers launch an attack with readily available software programs (“bots”) that infiltrate computers and internet-connected devices, causing those devices to initiate tens or hundreds of thousands of software calls to a server every second. Even large-bandwidth servers and systems will be overwhelmed by the sheer volume of calls that come from multiple different locations into a single IP address. The server then either shuts down or freezes up. Cybersecurity experts caution that DDoS attacks can be used as subterfuges to distract an information technology team from other attempts to breach a system’s security while the DDoS attack is in progress.
WhyCry Ransomware
The WhyCry Ransomware attack took the world by storm in May 2017, affecting hundreds of thousands of computers and systems in more than 100 countries in a matter of a few days. The attack was shut down when a researcher registered a domain name that was buried in the WhyCry malware code, but experts have cautioned that hackers will likely just change that code to launch similar attacks in the future.
Any business that maintains an online presence needs to remain aware of these and other vulnerabilities in their systems and networks, and to enact protections and defenses to ward off cyberattacks to the greatest extent possible. Cyber insurance companies are working hard to help businesses in these efforts. When a company suffers any losses or liabilities as a result of any cyber-vulnerabilities, cyber insurance is often the last line of defense and recovery that can help keep a business’s operations up and running.
