CC BY
7
- TexHuuecKue HayKU -
CYBER ATTACKS AND THEIR IMPACT ON THE DIGITAL ECONOMY Abdullaev Elvin Akhmed oglu, Student
Northern (Arctic) Federal University named after M.V. Lomonosov (Russia, Arkhangelsk)
DOI:10.24412/2500-1000-2024-3-2-146-149
Abstract. In a world where the digital economy is becoming a critical part of the global infrastructure, cyber attacks pose a serious threat to computer systems, networks and equipment. This article provides an in-depth overview of different types of cyberattacks, including DDoS attacks, phishing, and SQL injection, and describes their methods and potential consequences. Particular attention is paid to various sectors vulnerable to cyberattacks, such as the financial sector, education, e-commerce and the gaming industry. It also emphasizes the importance of taking precautions and preventive measures at the individual and organizational levels. It is recommended to use strong passwords, implement multi-factor authentication, regularly update software, and increase user awareness of cybersecurity. The article provides useful information on cybersecu-rity andfocuses on preventing and protecting against cyber attacks in the digital world.
Keywords: cyber threats, attacks, data, measures, privacy, security.
Around the world, the digital economy is becoming an increasingly important part of the global infrastructure. It is closely connected with our daily lives, our businesses, government agencies and public organizations. However, with increasing dependence on digital technologies, vulnerability to cyber attacks increases [1].
First, let's figure out what cyber attacks are.
A cyber attack is an attempt to gain unauthorized access to a computer system, infrastructure, network or device with the intent to cause harm or obtain sensitive information. This may be economically motivated or have political or ideological reasons.
There are many different types of cyber attacks, each with their own methods and goals. This includes:
1) DDoS attacks. In other words, denial of service attacks are one of the most common and destructive types of cyber attacks [2]. Many computers or devices, called botnets, are used to send traffic to target systems. These devices can be infected with malware or remotely controlled by hackers without the owner's knowledge. The goal of this attack is to overload the target system with resources, processors, memory and network bandwidth.
After reaching a certain threshold, the system will stop responding to requests from authorized users or become very slow.
For example, in 2023, approximately 37% of DDoS attacks in Russia occurred in the financial sector. Information security company Qrator Labs announced this on February 14. According to the data, the five industries with the most DDoS attacks were:
- E-commerce (24.95% of total cyber attacks in 2023);
- educational technologies (9.86%);
- online games (7.34%);
- IT and telecommunications (6.01%).
Among these segments, the most likely
victims of attacks are banks, whose share in 2023 was 28.31%; also, credit institutions are usually attacked during the period of active promotion of seasonal banking products -loans and deposits. The top five included electronic bulletin boards 15.04%, educational platforms 9.57%, online stores 8%.
Figure 1 shows the number of attacks in 2023. The largest influx was recorded in November-December. This is likely due to an increase in seasonal activity by attackers during major sales. In addition, in the fall the volume of client traffic passing through the DDoS Guard filter network increased.
Figure 1. Number of attacks in 2023
2) A phishing attack is an attack in which an attacker impersonates a trusted person or organization to trick a user into gaining access to personal data, financial resources, or other sensitive information. The essence of a phishing attack is as follows:
- pretend to be legitimate organizations. Criminals create fake websites, emails or social media posts that imitate official communication channels of well-known companies, banks and government agencies.
- requests for personal information. Attempts to trick users into providing personal information such as login credentials, passwords, credit card numbers and other sensitive information under various pretexts such as security updates or account activation.
- use of social engineering. Phishing attacks can use social engineering techniques such as emergency messages and intimidation to trick users into acting quickly and recklessly.
For example, obtaining fake QR codes or vaccination certificates has become another common method used by cybercriminals to defraud Russians after certain benefits were introduced for vaccinated citizens. In the fall of 2021, due to the worsening situation due to coronavirus (COVID-19), dozens of fake sites were discovered on the Internet, for example, such as: gosuslugi-16, vyplaty, covid-vyplaty.
3) SQL injection is a type of attack on a web application in which an attacker injects malicious SQL code into database queries executed by the application. This could result in unauthorized access to data in the database, modification of data, or performance of other malicious actions.
The essence of the injection is as follows:
- the attacker inserts a specially crafted SQL query with additional commands or conditions into the web application form. It can also add conditions to bypass authentication and access protected data.
- Successful injection of malicious code causes the application to execute code as part of a database query without proper validation or filtering. This allows you to perform various actions such as: retrieving data, modifying it, and even deleting data tables.
- obtaining confidential information. SQL implementations can be used to retrieve sensitive information such as login credentials, passwords, credit card numbers, and other sensitive data stored in the database itself.
- impact on data integrity. A fraudster can use SQL injection to modify data in a database or delete entire tables, which can cause the application to crash and data loss.
4) Brute force is an attack method in cryptography and computer security based on trying all possible combinations of values in a given data space. The essence of this method is that the attacker has to try different options until he gets the desired value.
For example, in a password attack, an attacker might start with the simplest or most common character and try different combinations of characters in the password field until the correct combination is found.
These attacks are very effective if weak passwords and keys are used. However, with sufficiently long and random passwords, the search space can become very large, making the attack very slow and ineffective. However, advances in computing power and optimi-
zation techniques can make attacks more powerful, especially against weak defenses.
Consequences of cyber attacks
The consequences of a cyber attack can be devastating for everyone, both individuals and organizations. This comes with a loss of privacy and potential threats to personal and financial data. There is a risk of undermining the trust of clients and partners and creating legal problems. Additionally, cyber attacks such as denial of service attacks and attacks on network infrastructure can cause downtime for businesses and organizations. This leads to significant financial losses and reputational damage to the brand. Cyberattacks also pose a threat to cybersecurity as computers and networks can become infected with malware [3].
The economic cost of a cyber attack can be significant, with companies potentially losing millions of dollars due to data loss and business disruption. This could lead to serious disruption in financial markets and undermine investor confidence. Additionally, cyberat-tacks can have geopolitical implications, especially when they target government agencies or critical infrastructure. It is also important to note that the psychological impact of cyber attacks on individuals and companies can increase people's vulnerability. The threat of losing personal information or financial resources can cause stress and anxiety. Thus, cyber attacks have a significant impact on society and highlight the need for cybersecurity at all levels.
Ways to protect against cyber attacks
One of the most important aspects of protecting against cyber attacks is keeping your software up to date. Regularly updating your
operating system, antivirus, and other applications can help eliminate vulnerabilities that attackers can use to compromise your system.
Next, you need to use strong passwords and two-factor authentication. Complex and unique passwords for each account reduce the risk of hacker attacks. Two-factor authentication provides an additional layer of security by requiring additional verification upon login [4].
You should also be careful when using the Internet itself. Suspicious websites, emails, and attachments may contain malware or be phishing tools. Avoid opening links or files from untrusted sources and always check the authenticity of a website before disclosing your details. Installing reliable security software, such as an antivirus program or firewall, can protect your computer from malware. These programs scan and block suspicious activities and files, reducing the risk of system infection. Regular data backups also make an important contribution to security. In the event of an attack or system failure, backup copies will help restore important information.
While it's nearly impossible to completely protect yourself from threats, these steps can help you reduce your likelihood of becoming a victim and improve your digital security.
In conclusion, I would like to note that cyber attacks pose a serious threat to the modern world and that overcoming them requires cooperation and a coordinated approach of all stakeholders. Only through joint efforts is it possible to ensure the stability and security of the digital space and protect it from various cyber attacks.
References
1. Шинкарецкая Г.Г., Берман А.М. Кибератаки - противоправное использование цифровых технологий // Международное право. - 2022. - №1. - С. 40-50.
2. Кодацкий Н.М., Мотуз А.С. Кибератаки анализ и риски // StudNet. - 2022. - №1.
3. Бураева Л.А. О вопросах противодействия кибератакам, совершаемым в интернет-пространстве на современном этапе // Проблемы экономики и юридической практики. -2018. - №3.
4. Абидарова А.А. Кибератаки на информационные и автоматизированные системы и комплексы // Известия ТулГУ. Технические науки. - 2020. - №11.
КИБЕРАТАКИ И ИХ ВЛИЯНИЕ НА ЦИФРОВУЮ ЭКОНОМИКУ Абдуллаев Эльвин Ахмед оглы, студент
Северный Арктический федеральный университет имени М.В. Ломоносова (Россия, г. Архангельск)
Аннотация. В мире, где цифровая экономика становится важнейшей частью глобальной инфраструктуры, кибератаки представляют серьезную угрозу компьютерным системам, сетям и оборудованию. В этой статье представлен углубленный обзор различных типов кибератак, включая DDoS-атаки, фишинг и внедрение SQL-кода, а также описаны их методы и потенциальные последствия. Особое внимание уделяется различным секторам, уязвимым для кибератак, таким как финансовый сектор, образование, электронная коммерция и игровая индустрия. Также подчеркивается важность принятия мер предосторожности и профилактических мер на индивидуальном и организационном уровнях. Рекомендуется использовать надежные пароли, внедрять многофакторную аутентификацию, регулярно обновлять программное обеспечение и повышать осведомленность пользователей о кибербезопасности. В статье представлена полезная информация о кибербезопасности и основное внимание уделяется предотвращению и защите от кибератак в цифровом мире.
Ключевые слова: киберугрозы, атаки, данные, меры, конфиденциальность, безопасность.
