Prevention of Cyber Attacks
An intruder will never know where you keep your important data unless you allow them or they voluntarily walk inside. Similar is with the website.
Unless there is no loophole found the hacker is not able to enter inside the website and steal the data that might be of your website or of your clients and do malicious activities with it or might even corrupt it.
These all the activity we term as cyber attack which may lead to a huge amount of loss for the website owners and even the security of the clients is at risk.
So it is very much important that the website takes necessary steps as precautions against the cyber attacks.
- Shield Your Website against SQL Injection
- Get website security tools
- Use HTTPS
- Protect against XSS attacks
- Watch out for SQL injection
- Avoid file uploads
But the best and simplest method to prevent the duplicity or in other word to prevent the piracy is the Checksum method.
Checksum basically means a sum or a value to check the integrity of the file or data. It is used to check whether the file is corrupt or is it altered? Here simply two files are compared.
If they are same then the file is original and if not then the file is corrupted. It might have some malicious action done on it. This checksum is computed in many different ways using different algorithms.
One of the basic ways is by comparing the bytes of the file but this may be not always true as two different files may have same bytes. So Cyclic Redundancy Check (CRC) algorithm and hash functions are some of the most popular ways used that are safe.
Nowadays you need not manually need to do the checksum but the program does it automatically by itself.
For both Mac and Windows user it is done by Apple Disc Utility and File Checksum Integrity Verifier respectively.
Now let us look at some of the cyber attack that took place
1. Gas Pipeline Shutdown in USA, by Ransomeware Attack. 19th February,2020 :
The unspecified “threat actor” behind the attack breached the facility’s network in a malicious link sent in an email, spear phishing, according to CISA (Cyber Security and Infrastructure Security Agency), through which the access to the system was granted.
The malware first infected the information technology network before spreading to the operational technology network in a natural gas compression station.
The hackers then triggered the ransomware, which encrypted data and blocked systems from running properly. The operators of the facility chose to shut down a “pipeline asset” for two days, “resulting in a loss of productivity and revenue,” DHS said. The hackers were able to get into the OT networks due the operators not properly dividing it from the IT systems, CISA said.
It was a phishing attack by the hacker. An email was received and instead of clicking link the authorities might have typed the URL in the browser and the anti phishing software would have protected from access of it.
2. Cyber Attack on Cosmos Bank, Pune, August 2018 :
A cyber attack was carried in August 2018 on Cosmos Bank’s Pune branch in which the hackers wiped out money and transferred it to a Hong Kong situated bank by hacking the server of Cosmos Bank. Hackers hacked into the ATM server of the bank and stole details of many visa and rupee debit card owners though the balances and total accounts statistics remained unchanged and there was no effect on the bank account of holders.
The switching system between the payment gateway and the bank’s centralized banking system. A fake switch was invented between the payment gateway and banking solution that did almost 14,800 transactions in India and other 28 countries which broke the communication system between gateway and bank.
This malware attack generated wrong messages regarding the payment charges for visa and cards which was raised to 94 crores of rupees. These types of issues would have been prevented by making the security systems strict by limiting its function to an authorized person only.
If there is any unauthorized intrusion a sudden alarm and blockage should be mandated. The vulnerabilities should be constantly in check.