A cyberattack is a malicious and deliberate attempt by an individual or organization to infiltrate or disrupt the information systems of another individual or organization.
Usually, the attacker seeks some type of benefit from the attack. While many modern attacks are carried out for monetary gain, some attacks are simply meant to shut down the target’s technology, create chaos, or steal data that will then be used to execute future attacks.
There are many types of cyberattack, the nature and sophistication of which seem to be evolving by the day. Let’s begin our exploration by looking at some of the most common cyberattacks we’re facing.
Common Types of Cyber Attack
Malware is a term used to describe a wide range of malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link, file download, or email attachment. Once inside the system, malware can:
- Block access to key components of the network (ransomware)
- Install additional harmful software and propagate it to other devices and networks
- Transmit data from the hard drive (spyware)
- Log user behavior and capture login data (keyloggers)
- Disrupt certain components and render the system inoperable
Ransomware is a type of malware used mainly for monetary gain. It encrypts a victim’s data, after which the attacker demands a ransom to restore access. The ransom can range from a few hundred dollars to millions of dollars and is usually requested in the form of untraceable cryptocurrency.
Phishing involves fraudulent communications that appear to come from a reputable source. Typically, phishing emails are sent blind and in bulk. They appear to come from a shipping company, payment company, or other reputable source with messages that compel the user to click a link. Doing so initiates the download and installation of malware. Phishing is an increasingly common cyberthreat, which is why cybersecurity awareness training is becoming an absolute necessity.
Man-in-the-Middle (MitM) attacks, also known as eavesdropping attacks, occur when attackers infiltrate the data travelling between two points of communication. This gives them access to any information passed between the two parties or organizations. A common example of this involves breaching a public WiFi network and capturing all data traveling between the public internet and the connected devices.
Denial of Service
A denial-of-service attack floods systems, servers, or networks with traffic to overwhelm resources and bandwidth. A simple example is forcing a web page to load over and over again using scripts, which can cause the site to crash to prevent legitimate visitors from reaching the site due to load time issues. These attacks require massive amounts of traffic to execute, which is why multiple compromised devices are often used to send traffic — this is called a distributed-denial-of-service (DDoS) attack.
A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL, often using seemingly mundane forms or search boxes on a website. If successful, these injections can force the server to display information or alter its behavior.
A zero-day exploit is carried out in the window of time between a network vulnerability being discovered and a patch or solution being implemented. Zero-day vulnerability threat detection requires constant awareness and rapid remediation.
Domain name system, or DNS, is the protocol that translates human-friendly URLs, such as noftek.com, into machine-friendly IP addresses, such as 184.108.40.206.
Because DNS is widely used and trusted, it can provide a reliable and stealthy avenue for bad actors to carry out attacks or transmit data. Because DNS is not actually intended for data transfer, many organizations don’t monitor their DNS traffic for malicious activity.