4. The Need for Cybersecurity: Cyber Attacks 87 Hackers may want to get access to data to modify it in a way that benefits them. In the movie WarGames, the main character is a teenage hacker. He steals user credentials to his high school’s server, then logs in and changes his grades—an alteration attack. Criminal hackers may try to change the direct deposit information for employees to divert money into their own bank accounts. Hackers may also want to modify official records to make themselves look better or to make others look bad. In an email spoofing attack the hacker changes the “From:” field in an email to make it appear like the email came from someone else. This is similar to hacking into a person’s social media account and posting messages on their behalf. In both of these cases, the attackers alter data without authorization. An especially damaging form of an alteration attack is modifying data with the goal of undermining trust across an entire system. This type of attack could be used against electronic voting systems. The goal is not necessarily to sway the vote in one candidate’s favor or another, but to create chaos as citizens realize that the election results are not reliable. This could cause significant harm because democratic governments depend on trustworthy elections. A hacker who gains access to a system and starts changing records at random could cause significant consternation and trigger an expensive investigative process. 4.1.4.3 Denial Some cyber attacks involve denying legitimate users access to their data and computing systems, like the DoS attacks we covered in Section 4.1.2.2. Stuxnet was a denial attack that destroyed physical equipment as an act of sabotage. The Morris Worm also ended up being a denial attack because it crashed systems by exhausting their resources. Denial attacks harm victims by disrupting their ability to do business and costing them time. Ransomware is an example of a denial attack. Ransomware is a type of malware that encrypts the data on the victim’s computer or network making it inaccessible without the decryption key. The attackers then post a digital ransom note offering to provide the key in exchange for money, usually in the form of cryptocurrency. Depending on the financial capacity of the victim, ransom demands can be tens of millions of dollars. In some cases, victims of ransomware can ignore the ransom demand and recover the data themselves from backups. In other cases, the hackers are able to gain access to the backups as well and either encrypt them, too, or just delete them. Victims of ransomware attacks sometimes pay the ransom because it is cheaper than the costs they would incur to recover the data themselves. When ransoms are paid, cyber attackers usually provide the decryption key to the victims. This is just smart business—if hacking groups gain a reputation for not providing the key after payment, then future victims would not pay ransoms. Wiperware is another form of malware that falls into the denial category. Wiperware deletes (in other words, wipes) data from victim machines. In some cases, wiperware may also cause physical damage to computer systems and render them useless. Saudi
RkJQdWJsaXNoZXIy MTM4ODY=