Top 11 Types Of Cyber Attacks Hackers Use

A cyber attack is an exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft. It is designed to target a computer or any element of a computerized information system to change, destroy, or steal data, as well as exploit or harm a network. Here is a list of top 11 types of cyber attackes hackers use to hack.

Now a day, most people use computer and internet. Due to the dependency on digital things, illegal computer activity is growing. There are millions of cyber attacks each day and billions of dollars are stolen by hackers each year and the attacks are groing day by day. As technologists and developers who build systems, let's understand them.

Cyber-attacks can be classified into two categories: (1) Web Based attacks and (2) System Based attacks

1. Web Based Attacks

Web Based attacks occur on a website or web applications. Some of the web based attacks are as follows:

1.1 Session Hijacking

Session Hijacking is a security attack on a user session over a network. Web applications create cookies to store the user sessions. By stealing the cookies, an attacker can have access to all of the user data. It consists of the exploitation of the web session control mechanism which is normally managed for a session token.

The session can be hijacked in the following ways and may depend on the hijacker,

Session fixation

Attackers supply a session key and spoof the user into accessing a vulnerable server.

Cross-site scripting (XSS)

Attackers exploit vulnerabilities within servers or applications to inject client-side Java scripts into the users’ web pages, causing browsers to execute arbitrary code when it loads a compromised page. If server doesn’t set the HTTPOnly in session cookies, injected scripts can gain access to the session key, providing attackers with the necessary information for session hijacking.

In order to protect a user's session from getting hijacked, can incorporate certain encryptions.

SSL (Secure socket layer)

Provides security to the data that is transferred between browser and the server. It prevents hijacker from reading and modifying any information transferred, including personal details.

TLS (Transport Layer Security)

Protects data sent over the internet or a computer network. This prevents attacker (including internet service provider) from viewing or tampering with data exchanged between two nodes (usually between browser and a server).

Strengthening the mechanisms in web applications can protect from hijacking while in a session and can be done through communication and session management. Few ways to minimize the risk of session hijacking are,

HTTPS

The use of HTTPS ensures that there is SSL/TLS encryption throughout the session traffic.

HTTPOnly

Setting up an HTTPOnly attribute prevents access to the stored cookies from the client-side scripts. This can prevent attackers from deploying XSS attacks that rely on injecting Java Scripts in the browser.

Session Key

Regenerate session keys after initial authentication. This renders the session ID extracted by attackers useless as the ID changes immediately after authentication.

1.2 SQL Injection Attacks

SQL injection is a common method of taking advantage of websites that depend on databases. SQL attack uses an SQL query sent from the client to a database on the server.

The following suggestions can help prevent an SQL injection attack:

  • Avoid placing user-provided input directly into SQL statements
  • Stored procedures are safer than dynamic SQL
  • Use Parameterized queries
  • Properly escape the characters which should be escaped.
  • Encrypt private/confidential data being stored in the database.
  • Limit/Restrict database permissions and privileges
  • Avoid displaying database errors directly to the user
  • Use a Web Application Firewall that access databases
  • Keep databases updated to the latest available patches

1.3 Phishing Attacks

A Phishing attack occurs when a malicious actor sends emails that seem to be coming from trusted, legitimate sources in an attempt to grab sensitive information from the target. Scammers use email or text messages to try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could get access to your email, bank, or other accounts. Or they could sell your information to other scammers. Phishing emails and text messages often tell to open an attachment. You might get an unexpected email or text message that looks like it’s from a company you know or trust.

Ways to protect from Phishing:

  • Protect your computer/mobiles by using security software and set the software to update automatically
  • Protect your accounts by using multi-factor authentication
  • Protect your data by taking back-up
  • Don’t give your information to an unsecured site
  • Rotate passwords regularly
  • Install firewalls
  • Don’t be tempted by pop-ups

1.4 Brute force

It is a type of attack which uses a trial and error method. This attack generates a large number of guesses and validates them to obtain actual data like user password and personal identification number.

There are many methods to stop or prevent brute force attacks such as Limit failed login attempts, Use Captcha, Two-factor authentication, etc. The most obvious is a strong password policy. Each web application or public server should enforce the use of strong passwords.

1.5 Denial of Service

It is an attack which meant to make a server or network resource unavailable to the users. With a DoS attack, the target site gets flooded with illegitimate requests. The site has to respond to each request and its resources get consumed by all the responses. This makes the site to serve users abnormally and often results in a shutdown/traffic of the site. DoS attack can be prevented by:

  • Perform a network vulnerability audit
  • Secure your infrastructure - have multi-level protection strategies that use intrusion prevention and threat management systems
  • Reduce Attack Surface Area
  • Deploy Firewalls for Sophisticated Application attacks

1.6 Man in the middle attacks

It is a type of attack that allows an attacker to intercepts the connection between client and server and acts as a bridge between them - either to eavesdrop or to impersonate one of the parties. The goal of an attack is to steal personal information. Man in the Middle attacks has two phases called interception and decryption.

The first step intercepts user traffic through the attacker’s network before it reaches its intended destination.

IP spoofing involves an attacker disguising himself as an application by altering packet headers in an IP address.

ARP spoofing is the process of linking an attacker’s MAC address with the IP address of a legitimate user on a local area network using fake ARP messages.

DNS spoofing, also known as DNS cache poisoning, involves infiltrating a DNS server and altering a website’s address record.

After interception, any two-way SSL traffic needs to be decrypted without alerting the user or application.

HTTPS spoofing sends a phony certificate to the victim’s browser once the initial connection request to a secure site is made.

SSL hijacking occurs when an attacker passes forged authentication keys to both the user and application during a TCP handshake.

SSL stripping downgrades a HTTPS connection to HTTP by intercepting the TLS authentication sent from the application to the user.

Man in the Middle attacks attack can be prevented by:

  • Avoiding WiFi connections that aren’t password protected
  • Paying attention to browser notifications reporting a website as being unsecured
  • Not using public networks for sensitive transactions
  • Use SSL/TLS to secure every page of site

2. System Based Attacks

System Based attacks are intended to compromise a computer or a computer network. Some of the system based attacks are as follows:

2.1 Virus

Virus is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program. It executes instructions that cause harm to the system. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus. Computer viruses generally require a host program. The virus writes its own code into the host program. During the execution of program, the written virus program is executed first and causing infection.

2.2 Worm

A worm is a program containing malicious code that attacks host computers and spreads via a network whose primary function is to replicate itself to spread to uninfected computers. Network worms exploit security vulnerabilities in various applications. Often originate from email attachments that appear to be from trusted senders.

2.3 Trojan horse

A Trojan horse is a type of malware that downloads onto a computer disguised as a legitimate program. It made unexpected changes to computer setting and unusual activity, even when the computer should be idle. It appears to be a normal application but when opened/executed some malicious code will run in the background.

2.4 Backdoors

An undocumented way of gaining access to a computer system. A backdoor is a potential security risk. A method that bypasses the authentication process. A developer may create a backdoor so that an application can be accessed for troubleshooting or other purposes.

2.5 Ransomware

Ransomware is a type of malware that blocks access to a system, device, or file until a ransom is paid. Ransomware does this by encrypting files on the endpoint, threatening to erase, or blocking system access.

Protective measures against ransomware are,

  • Maintain Backups
  • Review port settings
  • Keep system up-to-date
  • Quarantining suspicious emails

Summary

This article talked about various types of cyber attacks. If you build websites, security is the first thing you should learn about. Here is a detailed article on How to Build Secure Websites.

To keep yourself safe, check out this article: Top 1o Tips to Protect Yourself from Online Hacking 

 


Similar Articles