Know Different type of Cyber Attacks:
Attacks in which computer devices are used as tool and internet as medium, are considered as cyber-attack. Cyber-attacks occur when an individual, group, or organized gang attempts to maliciously breach the security system of another person or organization.
Main motive of cyber-attack is to disrupt/damage or have unauthorised access of network or system or may be:
- Steal valuable files like personal identifiable information, passwords, financial records, etc. and ask for a ransom under the threat of data leakage.
- Collect valuable data and sell it on the Dark Web.
- Expose business secrets such as a patent or code.
- Destroy systems and delete data as a form of “hacktivism.”
- Steal personal data and commit identity theft.
There are multiple types of Cyber-attacks were done regularly.
Some of the different types of Cyber attacks are :
- Malware-based attacks (Ransomware, Trojans, etc.)
- Phishing attacks (spear phishing, whaling, Smishing etc.)
- Man-in-the-middle attacks(MIM attack)
- Denial of Service attacks (DOS and DDoS)
- SQL Injection attacks (SQLi Attacks)
- DNS Tunnelling (DT Attacks)
- Zero-day exploits and attacks (Z-Ex Attacks)
- Password attacks (Pwd Attacks)
- Drive-by download attacks
- Cross-site scripting (XSS) attacks
- Rootkits (RK Attacks)
- DNS spoofing or “poisoning”
- Malware-Based Attacks (Ransomware, Trojans, Viruses, etc.)
1. Malware-based attacks
Malware is malicious software executable files that disrupts or steals data from a computer, network, or server. On the targeted system, malware programs were forwarded. Once the malware program was installed on the targeted system, script become active and perform any of the following actions:
- Deny access to a critical system or data.
- Steal files.
- Damage data integrity.
- Spy on user activity.
- Disrupt or even render the system inoperable.
- Hijack control of the target device.
While some malware exploits system vulnerabilities these programs typically breach a system through human error, like when human:
- Clicks on a suspicious link.
- Opens an infected email attachment.
- Plugs in a corrupted USB like pen drive or portable hard drive.
- Visits an infected website that runs a drive-by download.
Malware is one of the most common types of cyber-attacks and has multiple variations like,
Spyware
Spyware is a type of malware that spies on the infected device and sends info to the hacker. Most attackers use this tactic to silently spy on user data and browsing habits. Through this criminal gather sensitive information without the victim knowledge.
Keyloggers
Keyloggers are similar to spyware, through this they spy the logs which victim has created through keyboards.
Viruses
A computer virus is a malicious program capable of replicating itself by across programs on the target device. If you activate a virus-infected file, the malicious software self-replicates across the device, slowing down performance or destroying data.
Worms
A worm is a standalone malware that replicates itself across different computers. Worms move around via a network, relying on security failures to spread and steal data, set up backdoors, or corrupt files.
Trojans
A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your computer. Unlike a virus or a worm, a trojan does not replicate itself. The most common goal of a trojan is to establish a silent backdoor within the system that enables remote access.
Adware
Adware is malware that displays marketing content on a target device, in the form of banners or pop-ups when you visit a website. Some adware also monitors user behaviour online, which enables the malicious program to “serve” better-targeted ads.
Ransomware
Ransomware is a type of malware that encrypts files on a target system. Once the program encrypts data, the hacker demands a ransom (usually requested in cryptos) in exchange for the decryption key. Ransomware is a threat to both individual users and organizations.
2. Phishing Attacks
A phishing attack happens when someone tries to trick a target with a fraudulent email, text (called SMS phishing or “smishing”), or phone call (called voice phishing or “vishing”). These social engineering messages appear to be coming from someone official (like a colleague, bank, a third-party supplier, etc.), but the imposter is actually trying to extract sensitive info from the recipient. Some criminals do not ask for info directly. A hacker might try to get the victim to click on a link or open an email-attached file that:
Downloads and installs malware on the device.
Leads to a phishing website typically a fake login page through that they steals data when you type in credentials.
Spear Phishing Attacks
Spear phishing is a common type of cyber attack in which attackers take a narrow focus and craft detailed, targeted email messages to a specific recipient or group. This requires the attacker to research their target to find important details that can give their messages a thin veneer of plausibility—all in the hopes of fooling and ensnaring a valuable target into clicking or downloading a malicious payload, or into initiating an undesired action such as a wire transfer.
Angler Phishing Attacks
Angler phishing is the practice of masquerading as a customer service account on social media, hoping to reach a unsatisfied consumer. About 55% of such attacks last year targeted customers of financial institutions, trying to lure victims into handing over access to their personal data or account credentials.
Whaling Attacks
Whale phishing happens when an attacker goes after a high-profile employee, such as the CEO, COO, or CFO. The idea is to target someone who has the authorization to make major money transfers.
While harder to pull off than trying to trick a lower-ranking employee, whale phishing is the most profitable form of phishing. Profits often reach millions of dollars, so C-level executives must always be on guard for such tactics.
3. Man-in-the-middle attacks :
In this type of attacks, attacker must be able to intercept all relevant messages passing between the two victims and inject new ones. One example of a MITM attack is active eavesdropping, in which the attacker makes independent connections with the victims and relays messages between them to make them believe they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.
4. Denial of Service
A DoS attack is a denial of service attack where a computer is used to flood a server with TCP and UDP packets. A DDoS attack is where multiple systems target a single system with a DoS attack. The targeted network is then bombarded with packets from multiple locations. All DDoS = DoS but not all DoS = DDoS.
5. SQL Injection attacks (SQLi Attacks)
SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details.
6. DNS tunnelling Attacks
DNS Tunnelling is a method of cyber-attack that encodes the data of other programs or protocols in DNS queries and responses. DNS tunnelling often includes data payloads that can be added to an attacked DNS server and used to control a remote server and applications.
7. Zero-day exploits and attacks (Z-Ex Attacks)
A Zero-Day Exploit is the technique or tactic a malicious actor uses to leverage the vulnerability to attack a system. A Zero-Day Attack occurs when a hacker releases malware to exploit the software vulnerability before the software developer has patched the flaw.
8. Password attacks (Pwd Attacks)
It involves exploiting a broken authorization vulnerability in the system combined with automatic password attack tools that speed up the guessing and cracking passwords. The attacker uses various techniques to access and expose the credentials of a legitimate user, assuming their identity and privileges. The username-password combination is one of the oldest known account authentication techniques, so adversaries have had time to craft multiple methods of obtaining guessable passwords.
9. Drive-by download attack:
A drive-by download attack refers to the unintentional download of malicious code to your computer or mobile device that leaves you open to a cyberattack. You don’t have to click on anything, press download, or open a malicious email attachment to become infected.
A drive-by download can take advantage of an app, operating system, or web browser that contains security flaws due to unsuccessful updates or lack of updates. Unlike many other types of cyberattack, a drive-by doesn’t rely on the user to do anything to actively enable the attack.
Drive by downloads is designed to breach your device for one or more of the following:
- Hijack your device — to build a botnet, infect other devices, or breach yours further.
- Spy on your activity — to steal your online credentials, financial info, or identity.
- Ruin data or disable your device — to simply cause trouble or personally harm you.
10. Cross-site scripting (XSS) attacks
XSS Attacks are a kind of vulnerability attack that allows hackers to inject code into the output application of a web page that’s further sent to the site visitor’s web browser. Then the injected code automatically executes malicious functions, such as stealing sensitive information through the visitor’s input. Hence, mainly Cross-site Scripting (XSS) is a type of code injection attack that targets web applications for delivering malicious client-side scripts to the user’s browser for execution.
11. Rootkits
A rootkit is a type of malware designed to give hackers access to and control over a target device. Although most rootkits affect the software and the operating system, some can also infect your computer’s hardware and firmware.
