 |
Types
of Cyber Attacks
There are many times of Cyber-attacks which is
compulsory to know for the network security experts. We will discuss few
attacks here in detail.
1.
DOS
Attack: -
This is called Denial of Service attack. This attack caused to over whelm the device with multiple requests in a second. This attack frequently sends packets to the target device or server which caused the denial of service for the other users or the clients. In a few seconds device or server cannot be reachable for the others. It is over whelm the response of the server or device in which it is unable to serve the request of actual clients or requests.
2.
DDOS
Attack:-
This is called Distributed Denial of Service it is advance form of DOS attack. In this attacks multiple infected arrays use by the hackers to attack on the target server. In this attack target device gets over whelmed with the illegitimate request and unable to respond to the legitimate requests. DOS and DDOS attacks only use to damage the target device or service.in this attack hacker only can busy the device to serve the requests of the other clients.
3.
Phishing
Attack: -
Phishing attack is the type of attack where someone or hacker sends malicious file or email that seems to be coming from legitimate source. In this attack, attacker will show himself as a trustworthy sender to infect the system. This attack can lead to any website link where they offer to download any malicious software or file which will harm the system.
4.
Ransomware
Attack: -
It is most commonly used attack now a days. Hacker use any malicious software or virus to hack the system for the sake of money and demand the ransom for the data. With the help of this attack, attackers encrypt the data of the system and demand ransom from the victim for the decryption of data.
5.
DNS
Spoofing Attack: -
In this attack hackers alter the DNS records to divert the traffic towards the fake site but showing it as legitimate resource. This act can do for the sensitive information or data. It can be divert to the spoofed website where any fraudulent activity can be performed.
6.
Trojan
Horse attack: -
This type of attack commonly use to hide something. In this attack, hackers hide the virus or malicious content in the other legitimate file or resource which is hard to identify easily. Malicious program will be hide in any legitimate file which seems to be legitimate for the target sites.
7.
Man
in a Middle Attack:-
It is the type of the attack where hacker can get the information from the network when it will travel from resource to the destination.
8.
Eavesdropping
Attack: -
This attack is like man in a middle attack. In this attack, hacker will steal information in the network while it is travelling from resource to the destination it can be password or any other sensitive information.
9.
Malware
Attack: -
Malware is a general type of the virus or malicious software which can harm the computer in many ways like destroyed its functions or data.
10. Brute Force Attack: -
This kind of attack work on simple methodology. In this attack, hacker do the hit and try approach to gain access of any target system. Hacker tries to guess the passwords of the system once it matched access will be granted. For this purpose hackers usually use different bots to guess the credentials instead of trying random combinations manually.
11. SQL Injection Attack:-
The majority of websites store
sensitive data like logins, passwords, and account information in SQL
databases. Hackers "trickle" the database into disclosing this
information through a SQL injection attack.
Although a little complicated, these attacks involve a hacker typing specified SQL commands into a data entry window (like a login or password field). These commands can read confidential information, alter database information, or even activate executive functions (such as shutting down the system).
12. URL Interpretation: -
Hackers want to divert you to a
phishing website or download malware so they change the parameters of a URL
address, which is known as URL manipulation.
For example, a lot of people use URL
shorteners to make it easier to remember long website addresses or particular
pages. Hackers can direct you to a phishing site intended to steal your
personal information if they "poison" that shortened URL.
In other cases, hackers change the URL to trick the server into displaying pages they shouldn't be able to see. They may type "www.thetechnetwork.org" to access your login page or "www.thetechnetwork.or" to access backup files, for instance.
13. Session Hijacking: -
It is the type of man-in-the-middle
attack which is also known as session hijacking, the attacker "takes
over" a session between a client and a server. Without requiring any kind
of verification, the attacker's machine switches its IP address for the
client's address and keeps connecting to the server.
Hackers have complete control over a session once they've taken over the client's account. Consider accessing the internal database of your business while on a business trip. A hacker can access all of your company's files if they take over your session.
14. Zero Day Attack: -
Cybersecurity flaws known as zero-day
exploits exist in a network or piece of software without the manufacturer's
knowledge. For example, yahoo might unintentionally include a way for hackers
to steal your email data in a new release of Web/App. The attacked company has
"zero days" to patch the problem after they become aware of it because
they are already exposed.
When hackers get access to a system using those flaws to steal data or inflict harm, it is known as a zero-day assault.
15. Password Attack: -
Password attack is most common type of cyber-attack which usually use to try or guess the password of the victim by using different techniques or tools. Hacker can use different bots to guess the password because it is hard to try all combinations manually.
16. Drive-By Download Attack: -
Few cyber-attacks require something from the victim or the target audience. They require any click on the malicious file or download any file in the system to exploit the system so they use different techniques to do this.
17. Inside threats: -
Insider attack is also equally
dangerous for the network. If any person purposefully steal the information or
data from the computer system for any kind of damages.
