It’s unfortunate that the term “Cyber Attack” is often misused and abused by attackers & their apologists. Unfortunately this is a lot more common than one might think given the size of the global internet and the number of computers in the world. As a result it’s very important for everyone to understand the difference between “Cyber Attack” and” Cyber Crime”, so you can prevent them from being used against you. The simple truth is that an attacker doesn’t need to necessarily have specifically planned malicious intent to use Cyber Attacks. They can do it accidentally.
Just because an attack has been identified as “cyber-related” doesn’t necessarily mean that it was carried out with intent. There are many grey areas. For instance a virus could be considered a cyber attack, even though it may not have been created with the express purpose of causing destruction or harming data (e.g. a worm or virus). Similarly there could be many different motivations that a person has for using a cyber weapon or tool. This is where the difficulty comes in when trying to differentiate what is a cyber attack from what is simply a cleverly written piece of malware.
The UK government has made it extremely difficult to prosecute someone who has carried out a cyber attack. This is because in many cases if the prosecution has succeeded in convicting someone of committing such an attack they could then mount a further prosecution on the same person for “uttering inflammatory remarks” etc. Which is a worrying trend that goes someway to explaining why there is an increasing number of attacks against critical infrastructure in the UK now. Even the UK government has admitted to the potential misuse of such malware but given the problems with defining what constitutes such an attack, it is sometimes hard to know where to draw the line.
So how does malware gain access to your system? Simple – it downloads itself onto your computer and then begins to install various damaging components. In most cases this will be some kind of rogue software designed to do whatever it can to bring you harm. But more malicious programs are now also using sophisticated means to get their malware onto your PC. In fact, some people are now deliberately pushing malware onto other people’s computers. This is obviously bad news for the people whose computers have been infected with malware, but fortunately it’s also good news for security researchers and companies who are trying to stop the problem.
The most common type of UK cyber attack is known as a “malware” attack. This stands for Malicious Ware and has been used in the UK since the 80s. This is a form of malware that typically comes bundled with a software tool or toolkit and then infects your computer with the aim of stealing sensitive information or conning you into buying a fake product. There are literally hundreds of different types of malware but the most common is probably the “fake antivirus” tool that installs itself on your PC and pretends to search for viruses on your system.
Other common malware includes keyloggers, which are software tools that record your every keyboard action and send this information back to the attacker. Another very common form of malware is what’s known as a “bot” – a software program that pretend to perform regular tasks on your PC, but really downloads and installed additional malware onto your system. Many people make the mistake of thinking that if a software tool is behaving itself then it is safe, but that’s rarely the case.
The other problem associated with UK cyber attacks is what is known as a “bot army”. These are groups of phishers that are created by one person or group. These guys can create bots and send them out to attack other peoples’ systems. This can be particularly effective against businesses that deal in sensitive data (which usually equates to financial institutions).
The other major issue with UK cyber attacks is that they tend to spread really quickly. Once someone has been compromised, they have a simple but effective approach: spread themselves around the Internet. An example would be an email virus. Once the virus has been installed, it begins to spread from computer to computer. It might infect your email client, it might infect your printer, and eventually it could infect the files that you download from the Internet. So the next time you read an email from someone you do not know, keep in mind that it probably has been sent by one of these guys.