What Is a Cyber Attack and How to Prevent One

Could a cyber attack knock out your computer?

What to Know

  • Identify threats: Scrutinize email language or structure. Check URLs (but don't click) to see if they match the sender's claimed identity.
  • General guidance: Don't share personal data, don't click or download suspicious links, keep your system updated, always back up your data.
  • Types of cyber attacks: Learn the difference between viruses, worms, and trojan horses.

Cyber attacks can take a variety of forms from compromising personal information to capturing control of computers and demanding a ransom—usually paid in the form of cryptocurrency—to release that control. The reason these attacks spread so quickly is that they are often hard to spot.

How to Identify a Cyber Attack

A cyber attack could be a message that appears to come from your bank or credit card company. It seems urgent and includes a clickable link. However, if you look closely at the email, you can find clues about its authenticity.

Hover your pointer over the link (but don't click it) and then look at the web address that shows either above the link or in the bottom left corner of your browser screen. Does that link look real, or does it contain gibberish, or names that aren't associated with your bank? The email may also have typos or seem like it's written by someone who speaks English as a second language. 

Cyber attacks also occur when you download a file that contains a malicious piece of code, usually a worm or a Trojan horse. This can happen by downloading e-mail files, but it can also happen when you download apps, videos, and music files online. Many file-sharing services where you can download free books, movies, television shows, music, and games are often targeted by criminals. They upload thousands of infected files that seem to be what you're asking for, but as soon as you open the file, your computer is infected and the virus, worm, or Trojan horse begins to spread.

Visiting infected websites is another way to pick up all manner of cyber threats. The problem with infected sites is that they often look just as slick and professional as valid websites do. You don't even suspect that your computer is being infected as you surf the site or make purchases.

An illustration of a cyberattack on a computer.
 Getty Images

How to Protect Yourself From Cyber Attacks

It seems like a massive cyber attack occurs every day in the U.S. So, how do you protect yourself? Aside from having a good firewall and antivirus installed, there are some simple ways to ensure that you don't fall victim to a cyber attack:

  1. Keep your secrets, secret. Don't share your personal information online unless you are certain that you're dealing with a safe web site. The best way to tell if the site is safe or not is to look for an "s" in the URL (the web address) for the site you're visiting. An unsafe site start with http:// while a safe site starts with https://.

  2. Don't click. Do not click links in emails. Even if you think you know who the email is from. Also, don't download files. The only exception to this rule is if you are expecting someone to send you a link or a file. If you have spoken with them in the real world and know where the link leads or what the file contains, then it's OK. For any other circumstance, just don't click. If you receive an email from a bank or credit card company that makes you wonder, close the email and type the bank or credit card company's address directly into your web browser. Better yet, call the company and ask them about the message.

  3. Keep your system up to date. Hackers live for computers that are outdated and haven't had security updates or patches installed in a long time. They've studied ways to gain access to your computer, and if you haven't installed updates or security patches, then you're opening the door and inviting them in. If you can allow automatic updates on your computer, do it. If not, then make it a practice to immediately install updates and patches as soon as you are notified they are available. Keeping your system up to date is one of your most effective weapons against cyber attacks.

  4. Always have a backup. If all else fails, having a backup of all your files ensures that you can be back to normal in no time. The rule of thumb is that you should create a backup anytime you make a change to your computer, such as adding a new program or changing settings or at least once per week. The backup should also be kept separate from your computer. Back up your files to the cloud or a removable hard drive. If your data end up encrypted, you can restore from your backup and be OK. 

How Cyber Attacks Occur

Understanding cyber threats and cyber attacks are only part of the information needed to protect yourself. You must also know how cyber attacks occur. Most attacks are a combination of semantic tactics used syntactically or, in simpler terms, an attempt to change a computer user's behavior through some shady computer tactics.

Phishing e-mails are a type of cyber attack software—viruses or worms—used to trick you into providing information or downloading a file that plants code on your computer to steal your information. These approaches are forms of cyber attack.

Understanding Cyber Threats

One of the greatest enablers of cyber attacks is human behavior. Even the latest, strongest security can't protect you if you open the door and let the criminal in. That's why it's important to know what cyber threats are, how to spot a potential attack, and how to protect yourself. 

Cyber attacks can be classified into two general buckets: syntactic attacks and semantic attacks.

Syntactic Cyber Attacks

Syntactic attacks are different types of malicious software that attack your computer through various channels.

An illustration of a destructive computer worm, which is a syntactic cyber attack.
 Marco Jeurissen / Getty Images

The most frequent types of software used in syntactic attacks include:

  • Viruses: A virus is a piece of software that can attach itself to another file or program to reproduce. This type of software is often found in file downloads and email attachments. When you download the attachment or start the download, the virus is activated, it replicates, and sends itself to everyone in your contacts file. 
  • Worms: Worms don't need another file or program to replicate and spread. These little bits of software are also more sophisticated and can collect and send data to a specified location using information about the network it's on. A worm infects a computer when it's delivered via another piece of software on a network. This is why enterprises often suffer massive cyber attacks because the worm spreads via the network.
  • Trojan Horses: Like the Trojan horse used by the Greeks in the Trojan War, a cyber Trojan horse looks like something innocuous, but is actually hiding something nefarious. A Trojan horse could be an email that looks like it comes from a trusted company, when in fact, it's been sent by criminals or bad actors.

Semantic Cyber Attacks

Semantic attacks are more about changing the perception or behavior of the person or organization that's being attacked. There is less focus placed on the software involved.

An illustration of a cybercriminal phishing for user names and passwords; a type of semantic cyber attack.
 yuoak / Getty Images

For example, a phishing attack is a type of semantic attack. Phishing occurs when a bad actor sends out emails trying to gather information from the recipients. The e-mail usually appears to be from a company with which you do business, and it states your account has been compromised. You're instructed to click through a link and provide specific information to verify your account.

Phishing attacks may be executed using software and may include worms or viruses, but the main component of these types of attacks is social engineering—an attempt to change an individual's behavior when responding to emails. Social engineering combines both syntactic and semantic attack methods.

The same is true of ransomware, a type of attack where a small piece of code takes over a users computer system or company network and then demands payment, in the form of cryptocurrency, or digital money, for the release of the network. Ransomware is typically targeted at enterprises, but it can also be targeted at individuals if the audience is large enough.

Some cyber attacks have a kill switch, which is a computer method that can stop the activity of the attack. However, it usually takes security companies time—anywhere from hours to days—after a cyber attack is discovered to find the kill switch. That's how it's possible for some attacks to reach a large number of victims while others only reach a few.

Was this page helpful?