Research of Cyber threats of 2020 or Updated Hacking process
Research of Cyber threats of 2020
This is latest cyber threats are discussed, and I tried to mention all the facts old cyber attack to new cyber attacks. Like now a days public data are collected or theft by hackers, or you can use that data to hack or sell to scam call centers. In this research I try to discuss the problems, benefits and loops of data server safety. (http://indiancyberarmys.in)
The risk and severity of cyber-attacks have clearly grown over the past few years. In fact, since the year 2018, mankind has witnessed the most horrific cases of cybercrimes related to massive data breaches, flaws in microchips, cryptojacking, and many others.
It goes without saying that the advancement of technology and the wide use of digital media is making attackers smarter by the day. Further, these cybercriminals take advantage of individuals and firms who pay less heed to cybersecurity. They target everything from a newly-launched blog to an established online store to gain access to sensitive information.
Every other day we read news related to cybersecurity threats like ransomware, phishing, or IoT-based attacks. However, 2020 comes with a whole new level of cybersecurity threats that businesses need to be aware of. In fact, a report by Threat Horizon reveals that in the coming years, organizations will face cyber threats under three key themes –
⦁ Disruption: Over-dependence on fragile connectivity will increase the risk of premeditated internet outages that compromise business operations. Cybercriminals will use ransomware to hijack the Internet of Things.
⦁ Distortion: Spread of misinformation by bots and automated sources will cause compromise of trust in the integrity of information.
⦁ Deterioration: Rapid advances in smart technologies and conflicting demands posed by evolving national security will negatively impact an enterprise’s ability to control information.
Cybersecurity is all about staying ahead of threats rather than managing them later. Read on to know and prepare for the top cybersecurity threats that organizations will face in 2020.
1. Cloud Vulnerability
The Oracle and KPMG Cloud Threat Report 2019 reveals that cloud vulnerability is and will continue to be one of the biggest cybersecurity challenges faced by organizations. This is because enterprises are leveraging cloud applications and storing sensitive data related to their employees and business operations on the cloud.
The adoption of the cloud is creating new challenges for firms and exacerbating the old ones.
Source: https://www.oracle.com/a/ocom/docs/dc/final-oracle-and-kpmg-cloud-threat-report-2019.pdf?elqTrackId=063c9f4a2a5b465ab55b734007a900f0&elqaid=79797&elqat=2
Forbes predicts that 83 percent of enterprise workload will be on the cloud by 2020. These organizations make tempting targets for malicious hackers. Data breach, misconfiguration, insecure interfaces and APIs, account hijacking, malicious insider threats, and DDoS attacks are among the top cloud security threats that will continue to haunt firms failing to invest in a robust cloud security strategy.
Finally, cloud companies like Google and Amazon storing other companies’ data are heavily investing in improving their cloud security. However, that doesn’t make them immune to deep cyber intrusions like the Operation Cloud Hopper.
2. AI-Enhanced Cyberthreats
AI and machine learning have disrupted every industry. Owing to its ability to create a significant impact on marketing services, manufacturing, security, supply chain management, and other fields, AI is finding its way into the business mainstream.
However, AI is proving to be a boon for cybercriminals too. Think about it – the AI capabilities used to identify and stop cyberattacks can also be used by hackers to launch sophisticated cyberattacks in the form of complex and adaptive malicious software.
In fact, AI fuzzing (AIF) and machine learning (ML) poisoning are all set to be the next big cybersecurity threats.
3. AI Fuzzing
AI fuzzing integrates AI with traditional fuzzing techniques to create a tool that detects system vulnerabilities. This can be a boon or a bane. Though AI fuzzing can help enterprises detect and fix the exploitable vulnerabilities in their system, it can also be used by cybercriminals to start, automate, and accelerate zero-day attacks.
4. Machine Learning Poisoning
If a hacker targets a machine learning model and injects instructions into it, the system becomes vulnerable to attacks. Machine learning models typically use data that is crowd-sourced or taken from social media. They also exploit user-generated information such as satisfaction ratings, purchasing histories, or web traffic. Cybercriminals engaging in MI poisoning could potentially use malicious samples or introduce backdoors or Trojans to poison training sets and compromise the system.
5. Smart Contract Hacking
Though smart contracts are in their early stages of development, businesses are using them to execute some form of digital asset exchange or the other. In fact, it’s smart contracts that make Ethereum famous.
Smart contracts are software programs that carry self-executing code. This code enables developers to create the rules and processes that build a blockchain-based application. Consequently, these contracts are a prime target of online criminals looking to compromise such applications. Moreover, since it’s a brand new field, technologists are just about getting to know how to design them and security researchers are still finding bugs in some of them. These vulnerabilities make it easy for criminals to hack the contracts.
As this technology continues to mature, smart contract hacking will pose a significant threat to businesses in 2020 and beyond.
6. Social Engineering Attacks
Social engineering attacks like phishing have always been used by attackers to trick victims into surrendering sensitive information like login details and credit card information. Though most organizations are enhancing their email security to block phishing attacks, cybercriminals are coming up with sophisticated phishing kits that aid in data breaches and financial fraud.
Since phishing is an effective, high-reward, and minimal-investment strategy for cybercriminals to gain legitimate access to credentials, it will continue to be a big cybersecurity threat in 2020. In fact, the 2019 Data Breach Investigations Report by Verizon reveals that phishing remains the number one cause of data breaches globally.
SMiShing (SMS phishing) is another form of social engineering attack that will gain prominence in the near future. The immense popularity of apps like WhatsApp, Slack, Skype, WeChat, and Signal among others is encouraging attackers to switch to these messaging platforms to trick users into downloading malware on their phones. According to Experian’s 2020 Data Breach Industry Forecast, SMiShing attempts from hackers will target consumers through fraudulent messages disguised as fundraising initiatives.
7. Deepfake
First coined by Reddit users in 2017, ‘deepfake’ is a fake video or audio recording that cybercriminals use for illicit purposes. For instance, amateurs and criminals have created deepfakes by swapping people’s faces in videos or altering its audio track.
Check out this deepfake video of Obama that uses AI to deliver fake news.
Embed Video – https://www.youtube.com/watch?v=cQ54GDm1eL0
This AI-based technology has made steady progress as algorithms are better able to process data today. As the technology matures, cybercriminals use it to foster disruption across various industry segments, mainly financial markets, media and entertainment, and politics. In fact, deepfake can pose a huge threat to the upcoming 2020 elections.
In the business world, these AI-generated fake videos or audios can be used to impersonate CEOs, steal millions from enterprises, spread wrong information about them, and interrupt business operations. In the coming years, deepfake will evolve into a sophisticated and convincing method of forgery, making it a huge cybersecurity threat that organizations need to be wary of.
8) HTTP/HTTPS & LOG INJECTOR : Applications typically use log files to store a history of events or transactions for later review, statistics gathering, or debugging. Depending on the nature of the application, the task of reviewing log files may be performed manually on an as-needed basis or automated with a tool that automatically culls logs for important events or trending information.
Writing invalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs. This is called log injection.
Log injection vulnerabilities occur when:
⦁ Data enters an application from an untrusted source.
⦁ The data is written to an application or system log file.
Successful log injection attacks can cause:
⦁ Injection of new/bogus log events (log forging via log injection)
⦁ Injection of XSS attacks, hoping that the malicious log event isviewed in a vulnerable web application
⦁ Injection of commands that parsers (like PHP parsers) could execute
Log Forging
In the most benign case, an attacker may be able to insert false entries into the log file by providing the application with input that includes appropriate characters. If the log file is processed automatically, the attacker can render the file unusable by corrupting the format of the file or injecting unexpected characters. A more subtle attack might involve skewing the log file statistics. Forged or otherwise, corrupted log files can be used to cover an attacker’s tracks or even to implicate another party in the commission of a malicious act.
Log Forging Example
The following web application code attempts to read an integer value from a request object. If the value fails to parse as an integer, then the input is logged with an error message indicating what happened.
...
String val = request.getParameter("val");
try {
int value = Integer.parseInt(val);
}
catch (NumberFormatException) {
log.info("Failed to parse val = " + val);
}
...
If a user submits the string “twenty-one” for val, the following entry is logged:
INFO: Failed to parse val=twenty-one
However, if an attacker submits the string “twenty-one%0a%0aINFO:+User+logged+out%3dbadguy”, the following entry is logged:
INFO: Failed to parse val=twenty-one
INFO: User logged out=badguy
Clearly, attackers can use this same mechanism to insert arbitrary log entries.
Code Execution via Log Injection
PHP code can easily be added to a log file, for example:
https://www.somedomain.tld/index.php?file=`
<?php echo phpinfo(); ?>`
This stage it is called log file poisoning. If the log file is staged on a public directory and can be accessed via a HTTP GET request, the embedded PHP command may execute in certain circumstances. This is a form of Command Injection via Log Injection.
(SourcE- OWASP)
9)Quantum Cryptography-Quantum cryptography sounds fairly complex – probably because it is. That’s why we put together this “encryption guide for dummies” as a way of explaining what quantum cryptography is and taking some of the complexity out of it.
Although the subject has been around for a couple of decades, quantum cryptography (not to be confused with post-quantum cryptography) is quickly becoming more critically relevant to our everyday lives because of how it can safeguard vital data in a way that current encryption methods can’t.
Consider, for example, the trust you place in banks and commercial enterprises to keep your credit card and other information safe while conducting business transactions online. What if those companies – using current encryption methods – could no longer guarantee the security of your private information? Granted, cybercriminals are always trying to gain access to secure data, but when quantum computers come online, that information will be even more vulnerable to being hacked. In fact, hackers don’t even need to wait for quantum computers to start the process because they’re collecting encrypted data now to decrypt later when the quantum computers are ready. With quantum encryption, that’s not the case because your information will be unhackable. Let’s explain.
*First thing is what is Quantum cryptography lets explain in simple word is Cryptography is the process of encrypting data, or converting plain text into scrambled text so that only someone who has the right “key” can read it. Quantum cryptography, by extension, simply uses the principles of quantum mechanics to encrypt data and transmit it in a way that cannot be hacked.
While the definition sounds simple, the complexity lies in the principles of quantum mechanics behind quantum cryptography, such as:
⦁ The particles that make up the universe are inherently uncertain and can simultaneously exist in more than one place or more than one state of being.
⦁ Photons are generated randomly in one of two quantum states.
⦁ You can’t measure a quantum property without changing or disturbing it.
⦁ You can clone some quantum properties of a particle, but not the whole particle.
All these principles play a role in how quantum cryptography works.
Even Quantum Cryptography have two phase- First one is POST Quantum Cyptography and second one is Quantum Crytography.
Unlike mathematical encryption, quantum cryptography uses the principles of quantum mechanics to encrypt data and making it virtually unhackable.
How quantum cyptography works lets discuss –
Quantum cryptography, or quantum key distribution (QKD), uses a series of photons (light particles) to transmit data from one location to another over a fiber optic cable. By comparing measurements of the properties of a fraction of these photons, the two endpoints can determine what the key is and if it is safe to use.
Breaking the process down further helps to explain it better.
⦁ The sender transmits photons through a filter (or polarizer) which randomly gives them one of four possible polarizations and bit designations: Vertical (One bit), Horizontal (Zero bit), 45 degree right (One bit), or 45 degree left (Zero bit).
⦁ The photons travel to a receiver, which uses two beam splitters (horizontal/vertical and diagonal) to “read” the polarization of each photon. The receiver does not know which beam splitter to use for each photon and has to guess which one to use.
⦁ Once the stream of photons has been sent, the receiver tells the sender which beam splitter was used for each of the photons in the sequence they were sent, and the sender compares that information with the sequence of polarizers used to send the key. The photons that were read using the wrong beam splitter are discarded, and the resulting sequence of bits becomes the key.
If the photon is read or copied in any way by an eavesdropper, the photon’s state will change. The change will be detected by the endpoints. In other words, this means you cannot read the photon and forward it on or make a copy of it without being detected.
An example of how quantum encryption works:
Imagine you have two people, Alice and Bob, who want to send a secret to each other that no one else can intercept. With QKD, Alice sends Bob a series of polarized photons over a fiber optic cable. This cable doesn’t need to be secured because the photons have a randomized quantum state.
If an eavesdropper, named Eve, tries to listen in on the conversation, she has to read each photon to read the secret. Then she must pass that photon on to Bob. By reading the photon, Eve alters the photon’s quantum state, which introduces errors into the quantum key. This alerts Alice and Bob that someone is listening and the key has been compromised, so they discard the key. Alice has to send Bob a new key that isn’t compromised, and then Bob can use that key to read the secret.
10)Old technique but most powerfull attack SQL INJECTION –
First thing types of SQL injection is below:
Error based Injection:
The attacker sends some malicious query to the database which results in errors. The errors should be very generic, otherwise, they may give useful hints to the attacker.
Comment-Line: Using comment line to cause the database to ignore a part of a valid query.
E.g. Select * from stores where product_id = blah’ or 1=1-- (everything after this will be neglected)
Tautology: There are a lot of strings which always evaluates to be true, like ‘1’ = ‘1’ ‘a’ = ‘a’, etc., using them in the query to create constantly true conditions.
E.g. Select * from users where username=’blah’ or ‘a’=’a’ -- and password=’pass’
Union Based SQL injection:
Using union command in SQL query to execute additional queries; thereby, modifying/inserting/deleting or dropping the contents of the table.
E.g. Select * from stores where product_id=1 union select 1,database(),user(),4#
Stored procedures: Creating malicious inputs to execute malicious queries.
Incorrect queries: Coming up with logically incorrect queries to see the error messages to get more information about the target database.
Select * from stores where id=1’
The above query will result in a syntax error and might reveal the backend database type.
Blind SQL injection:
This is a type of SQL injection where we don’t have a clue as to whether the web application is vulnerable to injection attack or not.
Types:
Boolean:
Only correct queries show the result, wrong queries do not return anything. Attackers should try to generate logically correct queries
If suppose the original query to the database is
Select * from users where id=’id.txt’
If we give blah’ and 1=1# as input which evaluates to be a right query
Select * from users where id=’blah’ or 1=1#, we will see the user results.
If we give blah’ and 1=2# as input which is a wrong query then we don’t see any results.
Select * from users where id=’blah’ or 1=2#
Time delay: Depending on some conditions, setting a time delay. If that condition is satisfied, we can observe the time delay; thereby, concluding that the input we gave produced a positive result. This is a time consuming process.
Tools:
For Linux base SQLMAP, Marathon tool, Zanti & Windows Os Kitsploit,BSQL Hacker, Havji and many more.
Perimeter tools (IDS) Evasion Techniques:
⦁ Use encryption.
⦁ Obfuscate string to avoid pattern matching.
⦁ Use Concatenation to confuse the IDS.
⦁ Use encoding like ASCII encoding, hexadecimal encoding to avoid detection.
⦁ Insert inline comments between query.
Quick Tips to Brace Yourself Against Cyberthreats
⦁ Prioritize cybersecurity by setting up a ⦁ security strategy to assess and classify the data you handle and the type of security you need to protect them. Run a security audit on a regular basis.
⦁ Focus on ⦁ cybersecurity awareness. Educate your employees on the importance of data protection and security protocols.
⦁ Create a unique and strong password combination and complement it with two-factor authentication to access the system.
⦁ Invest in cybersecurity tools like antivirus software, firewall, and other privacy tools to automatically scan threats. Install and update your antivirus software.
⦁ Have a strong backup policy. It will protect you from ransomware attacks.
⦁ Apply end-to-end encryption to all your confidential files.
⦁ Hack yourself! This will help you identify the vulnerabilities in the system.
⦁ Not use any free wifi without trusted because every hacker’s share wifi network and the person who connect their device by middle man attack.
⦁ Change your password regularly.
⦁ Awareness of cyber threats normal people by informing that how they can use internet.
Summing Up
In this age of digital transformation and globalization, cybercriminals are constantly looking for fresh exploits and coming up with advanced strategies to defraud and damage institutions and organizations. In light of this fact, businesses should be mindful of not just the ever-growing number of vulnerabilities but also of the cybersecurity threats that are in store.
The information shared in this post will enlighten you of the upcoming threats in 2020 so that you can proactive measures to reduce their risk.
Post a Comment