Cyber Attack, also know as computer network attack (CNA) is an international exploitation of computer systems. Such attacks use malicious code to modify computer code, data or logic which lead to destructive consequences resulting in cyber crimes.

Most common Cyber-security Attacks
– Phishing attacks
In this attack, the attacker steals user data such as credit cards numbers and login credentials, posing as a trusted individual. The victim is tricked into opening a message or an email containing malicious link that can cause the freezing of a system as part of a ransomware attack, revealing sensitive information or installation of malware.

– Spear Phishing attacks
Spear phishing is an email aimed at a particular individual or organization, desiring unauthorized access to crucial information. These hacks are not executed by random attackers but are most likely done by individuals out for trade secrets, financial gain, or military intelligence.

– Whale Phishing attack
A whale phishing attack is a type of phishing that centers on high-profile employees such as the CFO or CEO. It is aimed at stealing vital information since those holding higher positions in a company have unlimited access to sensitive information. Most whaling instances manipulate the victim into permitting high-worth wire transfers to the attacker.

– Malware attacks
Malware is a code that is made to stealthily affect a compromised computer system without the consent of the user. This broad definition includes many particular types of malevolent software (malware) such as spyware, ransomware, command, and control.

– Ransomware
Ransomware blocks access to a victim’s data, typically threatening to delete it if a ransom is not paid. There is no guarantee that paying a ransom will regain access to the data. Ransomware is often carried out via a Trojan delivering a payload disguised as a legitimate file.

– Drive-by Attack
A drive-by attack is a common method of distributing malware.
A cyber attacker looks for an insecure website and plants a malicious script into PHP or HTTP in one of the pages. This script can install malware into the computer that visits this website or become an IFRAME that redirects the victim’s browser into a site controlled by the attacker. In most cases, these scripts are obfuscated, and this makes the code to be complicated to analyze by security researchers. These attacks are known as drive-by because they don’t require any action on the victim’s part except visiting the compromised website. When they visit the compromised site, they automatically and silently become infected if their computer is vulnerable to the malware, especially if they have not applied security updates to their applications.

– Trojan Horses
A Trojan is a malicious software program that misrepresents itself to appear useful. They spread by looking like routine software and persuading a victim to install. Trojans are considered among the most dangerous type of all malware, as they are often designed to steal financial information.

These and more such cyber crimes are committed online for sake of money or information. These can be stopped or prevented to some extent by making use of cyber security tools such as:

1. IBMQ RadarAdvisor and Watson
This is one of the best security tool in use. Watson, using artificial intelligence (AI), is a self-learning and self-evolving system. It eliminates the section even before the threat is detected. The working goes as such: IBMQ Radar tracks the section. It gathers information and links online, offline and within the system with that code. It formulates a strategy to encompass it and then when an incident is raised, it kills the threat. This is one of the best online incidents – kill security tools being used.

2. Cryptostopper
It is one of the best tools available online right now to stop the ransomware or malware attacks on a system. Crypto stopper finds the bots which are encrypting the files and deletes them. It creates a pattern or a deception formula for the threat to latch it on by itself onto the formula, once it latches itself; crypto stopper detects and deletes that code. Cryptostopper makers tend to make a promise of a 9-second threat detection and elimination challenge. It isolates the workstation and the affected areas of the system so that the ransomware cannot manage to affect more and more areas.

3. N MAP
It is one of the many primary and open source utilities made available for network securities. NMAP is not only good with small but large networks as well. It recognizes the hosts and the receiver on a network. Along with it, it also runs on all the distributions of operating systems. It can scan hundreds and thousands of machines on a network at a single moment.

4. Burp Suite
It is another web scanning algorithm security tool, which helps to scan web-based applications. The main purpose of this tool is to check and penetrate the compromised system. It checks all the surfaces which might be affected along with the sender and destination’s requests and responses for the threat. If any threat is found, it can either be quarantined or can be eliminated.

5. OpenVAS
A utility of Nessus, but very different from Nessus and Metasploit though they work the same, yet different. It is considered as one of the most stable, with lesser loopholes and use of web security tools available online at the moment.
There are two major components of OpenVAS.
Scanner: It scans the vulnerable sections and sends a compiled report of all of it to its manager.
Manager: It compiles all the requests which are received from the scanner and then it makes a report of all such incidences.

6. Nessus
Nessus is a tool that checks for malicious hackers. It scans the computers on the network for unauthorized hackers who try to access the data from the internet. On average it is considered that Nessus scans for unauthorized access for 1200 times. Apart from others, it doesn’t make assumptions that certain ports are only set for web servers like Port 80 is set for Web Server only. And it is an open-source tool, which also provides a vulnerable patching assistance facility, which further helps in providing possible solutions for the affected areas.

7. Metasploit Framework
Created by Rapid7 in Boston, Massachusetts. It is considered the best open-source framework which is in use for checking vulnerabilities. It has a command shell as it runs in Unix, so users can run their manual as well as auto commands to check and run the scripts. Metasploit Framework has some inbuilt as well as some third-party interfaces, which can be used to exploit the affected areas.

8. SolarWinds Mail Assure
It is a multi-functional tool that addresses most of the email security concerns. It has data from almost 2 million domains, which comes from 85 countries. It is also offered as Software As A Service (SAAS). It helps in the protection of the user’s devices from spams, viruses, phishing, and malware.
There are a lot many other online security tools available that can help in eliminating the risk along with the above-mentioned list. They are as follows:
a) Aircrack-ng
b) Touch Manager
c) MailControl