10 Common Types of Cyber Attacks

Home | Blog |10 Common Types of Cyber Attacks

What is a Cyber Attack?

A cyber attack is when cyber criminals try to get into a computer system or network. They want to alter, steal, wreck, or reveal information.

These attacks can go after anyone, from regular people to big companies or even governments. When they target businesses or groups, the hackers usually want to access sensitive and valuable company resources such as intellectual property (IP), customer data, or payment details.

1. Malware

Malware, which stands for malicious software, is like a digital sickness. It’s a word that covers lots of bad programs made to sneak into and harm computers, networks, and servers. Malware is tricky because it comes in many forms:

  • Ransomware – It locks up your files until you pay money to get them back.
  • Trojans – It pretends to be good software but actually harms your computer.
  • Spyware – It spies on what you do without you knowing.
  • Viruses – It spreads and wrecks things.
  • Worms – They make copies of themselves.
  • Keyloggers – It secretly keeps track of what you type.
  • Bots – It does tasks automatically.
  • Cryptojacking – It steals your computer’s power to make cryptocurrency.

2. Denial-of-Service (DoS) Attacks

Imagine your computer network being bombarded with tons of fake requests, causing it to crash and become useless. That’s what happens in a Denial-of-Service (DoS) attack. It’s like a targeted attack on a company’s computer system to disrupt its operations. The victims can’t access important digital data like emails, websites, or online accounts because the attacked network is overwhelmed. While DoS attacks don’t usually steal data or demand money, they cost organisations a lot of time, money, and effort to fix.

Now, there’s another type called Distributed Denial of Service (DDoS) attack. Here, instead of one computer, many computers join forces to attack a network at once. This makes it harder to stop because you have to find and stop all those computers at the same time.

3. Phishing

Phishing is the cyber equivalent of casting a deceptive bait to hook victims. It employs emails, SMS, phone calls, social media, and social engineering tactics to lure individuals into divulging confidential information like passwords and account numbers. Alternatively, it may coax them into downloading malicious files that unleash viruses onto their devices. Phishing is a sinister blend of technology and psychological manipulation, preying on trust to breach security.

4. Spoofing

Spoofing is a cyber deception technique where criminals camouflage as trusted entities. This act enables them to interact with targets, infiltrate systems, and ultimately, pilfer information, extort money, or plant malicious software.

Forms of Spoofing:

  • Domain Spoofing: This phishing variant involves attackers posing as legitimate businesses or individuals using counterfeit web or email domains, duping people into trust.
  • Email Spoofing: Targeting businesses, this attack uses emails with falsified sender addresses, exploiting the recipient’s trust to engage with harmful links or attachments.

Address Resolution Protocol (ARP) Spoofing: Also known as ARP poisoning, this method deceives a device into rerouting messages to the attacker, intercepting data meant for the rightful recipient.

5. Identity-Based Attacks

These attacks are notoriously elusive. When genuine credentials are hijacked, distinguishing between normal user behaviour and the hacker’s actions becomes a formidable challenge using conventional security.

Common Identity-Based Attacks:

  • Kerberoasting: A sophisticated post-exploitation strategy aimed at cracking service account passwords within Active Directory, leveraging service principal names (SPN) to obtain encrypted passwords via Kerberos tickets.
  • Man-in-the-Middle (MITM) Attack: This intrusion involves eavesdropping on a dialogue between two parties to harvest personal data, passwords, or financial details, or to manipulate the victim into actions like credential changes or financial transactions.

6. Code Injection Attacks

Code injection attacks happen when an attacker puts harmful code into a computer system or network, and alters its functionality. These attacks can happen in different ways:

SQL Injection: This attack is when an attacker puts bad SQL commands into a program that deals with data. It lets them take information from the database, like changing, stealing, or deleting stuff.

Cross-Site Scripting (XSS): This is when an attacker adds harmful scripts into a normal website. When someone visits that site, the scripts run in their web browser, letting the sneaky person steal important info or pretend to be the user. Websites where people can post things, like forums or blogs, are especially at risk.

Malvertising: In this attack, attack hack into an ad server and put bad code in online ads. When someone clicks on these ads, the bad code can put malware or annoying ads on their device.

Data Poisoning: This attack targets the training data used by AI or machine learning models. The attacker changes the data on purpose during training to make the model give wrong answers or be biassed. This affects how accurate the model is when predicting things.

7. Supply Chain Attacks

Supply chain attacks are when third party vendors try to hack into a company’s systems by going through a third-party vendor that’s part of their supply chain. They might sneak in harmful software code into a program, infecting all the people who use it. Or they could target the physical parts of the system itself. Software supply chains are especially risky because they rely on lots of different components like third-party software, open-source code, and code from vendors.

8. Insider Threats

Insider threats happen when someone from within a company causes trouble. This could be a current or former employee who has access to the company’s network, secret information, or intellectual property. These insiders might be doing it on purpose, maybe because they want money or they’re being manipulated emotionally. Or it could just be a mistake because they don’t know enough about cybersecurity. To fight against this, companies need to train everyone who works for them about cybersecurity so they know the risks of insider attacks.

9. DNS Tunneling

DNS Tunneling refers to a cyberattack method that exploits DNS queries and responses to circumvent established security protocols, allowing the transmission of data and code within a network.

When the system gets hacked, the attacker can control it. They use a sneaky technique called DNS tunneling to disseminate malware and/or pilfer data, intellectual property, or other confidential information. This works by hiding the bad stuff inside a bunch of DNS messages.

Lately, more and more attacks like this are happening because they’re pretty easy to do. You can even find how-to guides on places like YouTube.

10. IoT-Based Attacks

An IoT-based attack targets devices or networks within the Internet of Things (IoT) ecosystem. When an IoT device is breached, the attacker can take over control, exfiltrate data, or incorporate the compromised device into a botnet, which can then be used to initiate DoS or DDoS attacks.

For all your cybersecurity needs, Contact Praeferre.