Cyberattack

A cyberattack (or cyber attack) occurs when there is an unauthorized action against computer infrastructure that compromises the confidentiality, integrity, or availability of its content.

Cyberattacks can cause a variety of harms to targeted individuals, organizations, and governments, including significant financial losses and identity theft.

They are usually illegal both as a method of crime and warfare, although correctly attributing the attack is difficult and perpetrators are rarely prosecuted.

[10] Despite developers' goal of delivering a product that works entirely as intended, virtually all software and hardware contains bugs.

[17] The Vulnerability Model (VM) identifies attack patterns, threats, and valuable assets, which can be physical or intangible.

It addresses security concerns like confidentiality, integrity, availability, and accountability within business, application, or infrastructure contexts.

[20] Formal risk assessment for compromise of highly complex and interconnected systems is impractical[21] and the related question of how much to spend on security is difficult to answer.

[22] Because of the ever changing and uncertain nature of cyber-threats, risk assessment may produce scenarios that are costly or unaffordable to mitigate.

[43] Ransomware is software used to encrypt or destroy data; attackers demand payment for the restoration of the targeted system.

In addition, unlike other forms of crime, cybercrime can be carried out remotely, and cyber attacks often scale well.

"[46] Many cyberattacks are caused or enabled by insiders, often employees who bypass security procedures to get their job done more efficiently.

Depending whether the expected threat is passive espionage, data manipulation, or active hijacking, different mitigation methods may be needed.

[52] The lack of transparency in the market causes problems, such as buyers being unable to guarantee that the zero-day vulnerability was not sold to another party.

[54][55] Because of the difficulty in writing and maintaining software that can attack a wide variety of systems, criminals found they could make more money by renting out their exploits rather than using them directly.

[56] Cybercrime as a service, where hackers sell prepacked software that can be used to cause a cyberattack, is increasingly popular as a lower risk and higher profit activity than traditional hacking.

[60] Malware and ransomware as a service have made it possible for individuals without technical ability to carry out cyberattacks.

[21] Understanding the negative effects of cyberattacks helps organizations ensure that their prevention strategies are cost-effective.

[28] One paper classifies the harm caused by cyberattacks in several domains:[62] Thousands of data records are stolen from individuals every day.

[67] Opportunistic criminals may cause data breaches—often using malware or social engineering attacks, but they will typically move on if the security is above average.

[70] State-sponsored hackers target either citizens of their country or foreign entities, for such purposes as political repression and espionage.

[74] Critical infrastructure is that considered most essential—such as healthcare, water supply, transport, and financial services—which has been increasingly governed by cyber-physical systems that depend on network access for their functionality.

[77] These extreme scenarios could still occur, but many experts consider that it is unlikely that challenges in inflicting physical damage or spreading terror can be overcome.

[78] There is little empirical evidence of economic harm (such as reputational damage) from breaches except the direct cost[79] for such matters as legal, technical, and public relations recovery efforts.

[81] Some experts have argued that the evidence suggests there is not enough direct costs or reputational damage from breaches to sufficiently incentivize their prevention.

[93] Once the exact way that the system was compromised is identified, there is typically only one or two technical vulnerabilities that need to be addressed in order to contain the breach and prevent it from reoccurring.

[108] International courts cannot enforce these laws without sound attribution of the attack, without which countermeasures by a state are not legal either.

Timeline of a software vulnerability that is discovered by attackers prior to a vendor ( zero day )
Intrusion kill chain for information security
Another model of the cyberattack chain
Website defacement : Lapsus$ hackers replaced the content of a website
Top ten industries targeted by cyberattacks in the United States in 2020
Total annualized cyberattack cost by attack type, 2016–2017
Out-of-service gas pumps due to panic buying after the Colonial Pipeline cyberattack in Oak Hill, Virginia
In 2022, government websites of Costa Rica were down because of a ransomware attack.
vectorial version
vectorial version