Cybersecurity: Intro to Top 10 Common Types of Cyber Attacks

Introduction

A cyber attack is an action directed against a computer or any component of a computerized information system with the intent of altering, destroying, or stealing data, as well as exploiting or causing harm to a network. Cyber-attacks have increased in recent years, coinciding with the growing popularity of business digitization.

While there are dozens of different types of attacks, the following list highlights the twenty most common types of cyber attacks.

Top 10 Different Types of Cyber Attacks

1. DoS and DDoS Attacks

A denial-of-service (DoS) attack aims to overwhelm a system's resources to the point where it becomes incapable of responding to legitimate service requests. A distributed denial-of-service (DDoS) attack is comparable in that it aims to drain a system's resources. A DDoS attack is initiated by an attacker's vast array of malware-infected host machines.

• A DoS attack floods the target site with illegitimate requests. Because the site must respond to each request, the responses consume the site's resources. This makes it impossible for the site to serve users normally and frequently resulting in the site being completely shut down.
• DoS and DDoS attacks are distinct from other types of cyberattacks in that they allow the hacker to gain access to a system or to increase their current level of access. The attacker directly benefits from these types of attacks. On the other hand, with DoS and DDoS network attacks, the objective is simply to disrupt the target's service's effectiveness. If the attacker is hired by a business competitor, their efforts may result in financial gain.
• Additionally, a denial-of-service attack can be used to create a vulnerability for another type of attack. When a DoS or DDoS attack is successful, the system is frequently forced to go offline, leaving it vulnerable to other types of attacks. One common method of preventing DoS attacks is to employ a firewall that verifies the legitimacy of requests made to your site. After that, imposter requests can be discarded, allowing normal traffic to continue uninterrupted. A significant internet attack of this nature occurred in February 2020 against Amazon Web Services (AWS).
  

2. MITM Attacks

Man-in-the-middle (MITM) cyber attacks refer to security flaws that allow an attacker to eavesdrop on data exchanged between two people, networks, or computer systems. The term "man in the middle" attack refers to the attacker's position in the "middle" or between the two parties communicating. In effect, the attacker is eavesdropping on the two parties' interactions.

Relevant Reading

How to Keep Your Business Safe from Security Threats

• The two parties involved in a MITM attack believe they are communicating normally. What they do not realize is that the person who sends the message modifies or accesses it illicitly before it reaches its intended recipient. To safeguard yourself and your organization against MITM attacks, utilize strong encryption on access points or a virtual private network (VPN).

3. Phishing Attacks

A phishing attack occurs when a malicious actor sends emails purporting to be from trusted, legitimate sources to obtain sensitive information from the target. Phishing attacks combine social engineering and technology and are so named because the attacker is essential "fishing" for access to a restricted area using the "bait" of a trustworthy sender.

To carry out the attack, the bad actor may send you a link that directs you to a website that then dupes you into downloading malware such as viruses or disclosing your personal information to the attacker. Often, the target is unaware they have been compromised, allowing the attacker to target others within the same organization without suspicion of malicious activity.

• You can thwart phishing attacks by being selective about the emails you open and the links you click. Keep an eye on email headers and avoid clicking on anything that appears suspicious. Check the "Reply-to" and "Return-path" parameters. They must establish a connection to the same domain as the one specified in the email. Google applies new tactics to prevent Phishing on Chrome.

4. Whale-phishing Attacks

A whale-phishing attack is so named because it targets an organization's "big fish," or whales, which typically include those in the C-suite or other positions of authority. These individuals are likely to have valuable information to attackers, such as proprietary information about the business or its operations.

If a targeted "whale" downloads ransom ware, they are more likely to pay the ransom to prevent word of the successful attack from spreading and jeopardizing their or the organization's reputation.

• Whale-phishing attacks can be avoided by following the same precautions as with phishing attacks, such as thoroughly examining emails and their attachments and links and keeping an eye out for suspicious destinations or parameters.

5. Spear-phishing Attacks

Spear phishing is a subset of targeted phishing. The attacker spends time researching their intended targets and then writes messages that are likely to be personally relevant to the target. These types of attacks are aptly dubbed "spear" phishing due to the attacker's ability to zero in on a single target. Because the message appears legitimate, it can be difficult to detect a spear-phishing attack.

Relevant Reading

How to Choose the Right Endpoint Security for Your System?

Often, a spear-phishing attack will employ email spoofing, in which the information contained in the email's "From" section is forged, making it appear as though the email came from a different sender. This individual can be a member of the target's social network, a close friend, or a business partner. Additionally, attackers may use website cloning to create the appearance of legitimate communication. By cloning a legitimate website, the attacker can lull the victim into a false sense of security. The target, believing the website to be legitimate, then feels secure entering their personal information.

• As with standard phishing attacks, spear-phishing attacks can be avoided by thoroughly checking all fields in an email and ensuring users do not click on any link whose destination cannot be verified as legitimate.
  

6. Ransomware

The victim's system is held hostage by ransomware until the victim agrees to pay the attacker a ransom. After the payment is made, the attacker provides instructions on how to reclaim control of the target's computer.

• The target of a ransomware attack downloads the ransomware, either from a website or from an email attachment.
• The malware is designed to take advantage of vulnerabilities that have not been addressed by either the manufacturer of the system or the IT team. Following that, the ransomware encrypts the target's workstation. Occasionally, ransomware can be used to attack multiple parties by denying access to multiple computers or a critical server for business operations.
• Multiple computer infection is frequently accomplished by delaying system capture for days or even weeks after the malware's initial penetration.
• The malware can send AUTORUN files between systems via the internal network or USB drives connected to multiple computers. Then, when the attacker initiates the encryption process, it occurs simultaneously on all infected systems.
• In some cases, ransomware authors write their code in such a way that it evades detection by traditional antivirus software.
  

Users must be vigilant about the websites they visit and the links they click. Additionally, you can prevent a large number of ransomware attacks by utilizing a next-generation firewall (NGFW) that performs deep data packet inspections using artificial intelligence (AI) to look for ransomware characteristics.

7. Password Attack

Because passwords are the preferred method of access verification f    or the majority of people, determining a target's password is an appealing proposition for a hacker. This can be accomplished in a variety of ways.

Frequently, people keep copies of their passwords on scraps of paper or sticky notes scattered throughout their homes or offices or on their desks. An attacker can either discover the password on their own or pay an insider to do so for them.

• Additionally, an attacker may attempt to intercept network transmissions to obtain passwords that are not encrypted by the network. Additionally, they can use social engineering to convince the target to enter their password to resolve an ostensibly "important" problem.
• In other cases, the attacker can simply guess the user's password, especially if they use default or easily-remembered passwords such as "1234567."
• A brute-force password hack attempts to guess the user's password using basic information about the user or their job title. For instance, their name, birthdate, anniversary, or other easily-discovered personal information can be used in various combinations to decrypt their password. Additionally, information that users share on social media platforms can be used in a brute-force password hack. Individuals' hobbies, pet names, or children's names are sometimes used to create passwords, making them relatively easy to guess for brute-force attackers.
• Additionally, a hacker can use a dictionary attack to determine a user's password. A dictionary attack is a method of guessing a target's password by utilizing common words and phrases, such as those found in a dictionary.
• A lock-out policy is an effective method of preventing brute-force and dictionary password attacks as it disables access to websites, applications, and devices after a specified number of failed attempts. With a lock-out policy, the attacker has only a few attempts before being denied access. If you already have a lockout policy in place and discover that your account has been disabled due to excessive login attempts, it is prudent to change your password.
  

8. SQL Injection Attack

SQL injection is a common technique for exploiting websites that rely on databases to serve their users. Clients are computers that access information from servers and a SQL attack targets a database on the server via a SQL query sent from the client. The command is injected into the data plane in place of something else that would normally be there, such as a password or login. The database server then executes the command, and the system is compromised.

• If a SQL injection is successful, a variety of things can happen, including the disclosure of sensitive data or the modification or deletion of critical data. Additionally, an attacker can execute administrative operations such as a shutdown command, which will cause the database to cease functioning.
• Utilize the least-privileged model to protect yourself from SQL injection attacks. With a least-privileged architecture, access to critical databases is restricted to those who require it most urgently. Even if a user possesses authority or influence within the organization, they may be denied access to certain areas of the network if their job requires it.
• For instance, the CEO may be denied access to portions of the network even if they have a legal right to know what is contained within. Applying a least-privileged policy can prevent not only malicious actors from gaining access to sensitive areas but also those who mean well but inadvertently expose their login credentials to attackers or leave their workstations running while they are away from their computers.
  

9. URL Interpretation

Through URL interpretation, attackers manipulate and fabricate specific URL addresses to gain access to a target's personal and professional data. Additionally, this type of attack is referred to as URL poisoning.

The term "URL interpretation" refers to the fact that the attacker is aware of the order in which the URL information for a web page should be entered. The attacker then "interprets" this syntax, determining how to gain access to areas to which they do not have access.

• A hacker may guess URLs to gain administrator privileges on a site or to gain access to the site's back end to gain access to a user's account. Once on the desired page, they can manipulate the site or gain access to sensitive information about its users.
• For instance, if a hacker attempts to access the admin section of TheABDComapny.com, they may type http://theabccompany.com/admin, which will take them to an admin login page. In some cases, the admin username and password are set to the default "admin" and "admin," respectively, or are extremely easy to guess. Additionally, an attacker may have figured out or narrowed down the administrator's password. The attacker then attempts each one, gaining access and having complete control over data manipulation, theft, and deletion.
• Use secure authentication methods for any sensitive areas of your site to prevent URL interpretation attacks from succeeding. This may necessitate the use of multi-factor authentication (MFA) or the creation of secure passwords made up of seemingly random characters.
  

10. DNS Spoofing

A hacker uses Domain Name System (DNS) spoofing to redirect traffic to a bogus or "spoofed" website. Once on the fraudulent site, the victim may be prompted to enter sensitive information that the hacker may use or sell. Additionally, the hacker may create a low-quality website with derogatory or inflammatory content to malign a competitor company.

• The attacker uses DNS spoofing to take advantage of the user's belief that the site they are visiting is legitimate.
• This enables the attacker to commit crimes in the name of a seemingly innocent company, at least from the visitor's perspective.
• To avoid DNS spoofing, keep your DNS servers current. Attackers seek to exploit DNS server vulnerabilities, and the most recent software versions frequently include patches that address known vulnerabilities.
  

The Bottom Line

Cyber attacks are becoming increasingly complex and varied, with different types of attacks being used for each nefarious purpose. While cyber security prevention measures vary according to the type of attack, good security practices, and basic IT hygiene are effective at mitigating these attacks.