In the world of information security, there are many different types of cyber attack, some being more common than others. A cyber attack is any type of malicious act that uses technology to steal, alter or destroy data stored in computer systems, networks, and devices. Cyber attacks are extremely commonplace. Every single day millions of systems are under attack all over the world. What are the most common types of cyber attack change as hackers develop new techniques and as new technology emerges. In this article, we will take a look at the top 10 most common types of cyber attack seen by information security today so that you can take steps to guard against them.
Different types of cyber attacks
Hackers use thousands of different tools and techniques to attack systems. As an example, there are over 100,000 known computer viruses, and many more are being developed every day. While the detailed attacks take many forms, the different types of cyber attacks tend to fall into a common pattern. This list of types of cyber attacks contains the ten most often seen:
- Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
- Malware attack
- Man-in-the-middle (MitM) attack
- Phishing and spear-phishing attacks
- Password attack
- Drive-by attack
- SQL injection attack
- Cross-site scripting (XSS) attack
- Eavesdropping attack
- Birthday attack
We will now look into more of the details of the top 10 most common types of cyber security attacks that impact information security. Hackers use these every day in attempt to access data. Most hackers are very well acquainted with these types of cybersecurity attacks, although some are easier to execute than others.
10 Most Common Types of Cyber Attacks
1. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
This is one of the most common types of cyber attacks and is aimed at disrupting the business of an organization. A DoS attack is an attack from one source that tries to overwhelm a system’s resources, such as an internet site so that it cannot respond to service requests. A DDoS attack does the same, but it is launched from a large number of sources controlled by the attacker.
This one of the top ten most common types of cyber attacks is done to disrupt the target company, either to stop them trading, damage their reputation, or for mischief. Many government departments have been subject to mischievous denial of service attacks. A denial of service attack can also be used to keep the target organization’s information security team busy while a different type of attack is launched.
There are a few different ways to execute a denial of service attack, including a TCP SYN flood attack, teardrop attack, smurf attack, ping of death attack, and botnets. Ways to counter these types of cyber attacks include:
- Install a firewall and put all servers behind it.
- Configure the firewall to block inbound SYN packets.
- Increase the size of the connection queues and decrease the timeout on open connections.
- Disable SMBv2 and block ports 139 and 445 on all routers.
- Disable IP-directed broadcasts in the routers.
- Configure end systems to stop them responding to ICMP packets from broadcast addresses.
- Use firewalls to check fragmented IP packets for maximum size.
- Implement RFC3704 filtering to deny traffic from spoofed addresses.
- Use black hole filtering to drop undesirable traffic before it enters the network.
Installing firewalls together with anti-virus software are the best approaches for protecting information security, provided that they are kept up-to-date.
2. Malware attack
In information security malware is unwanted software that is installed in your system without your consent. Malware is the most prevalent in the common types of cyber attacks, many of the other types are used to spread it. Malware can be easily spread through attachment to legitimate code, and can soon affect thousands of victims after an initial infection. Here are some of the most common types of malware:
- Macro viruses: The hacker puts a virus into a macro within a Word or Excel file. When the victim opens the file, the malicious code is executed.
- File infectors: File infector viruses are attached to .exe executable code files. The virus is installed when the .exe is run by the user.
- System or boot-record infectors: The virus is attached to the master boot record on a disk drive and is loaded when the computer is booted up.
- Trojan horses: This type of malware hides inside a non-malicious application. Trojans are often used to set up a back door that hackers can use to gain access to systems.
- Polymorphic viruses: These can be difficult to detect. The virus hides using encryption. The virus and an associated mutation engine are initially decrypted by an associated decryption program. The virus then infects an area of code. The mutation engine then develops a new decryption routine, and the virus encrypts the mutation engine and a copy of itself, which is attached to new code. The cycle then repeats, rapidly spreading the infection.
- Stealth viruses: These take over system functions to hide from anti-virus software by hiding changes to file size and modification dates.
- Adware: Adware displays advertising banners while any program is running. It is usually secretly downloaded when browsing an infected website.
- Spyware: Spyware collects data and information about users, their computers, and their browsing habits without the knowledge of the user. It can also download other malicious code. Spyware is often installed unwittingly when a user downloads and installs a freeware application.
- Logic bombs: This is malicious software appended to an application and triggered by a specific action, such as on a defined date and time.
- Worms: Worms don’t attach to a host file; they are self-contained programs. They are most commonly spread using email attachments, and once triggered, propagate themselves by sending a copy in an email to everyone in the target’s contact list.
- Droppers: A dropper is a program that is used to install viruses. They have been known to downloading fake updates to anti-virus software that contain malware.
- Ransomware: Ransomware blocks access to the victim’s data and threatens to publish or delete it unless a ransom is paid. Many use complex methods to encrypt the data that makes it nearly impossible to recover without the hackers decryption key.
3. Man-in-the-middle (MitM) attack
This one of the top ten most common types of cyber attacks happens when an attacker puts themselves between a client and its server. The most seen types of man-in-the-middle cyber attacks include:
- Session hijacking: the hacker hijacks a session between a trusted client and a network server. The attacking computer then substitutes its own IP address for the trusted client’s. The server carries on sending messages incorrectly thinking that it is communicating with the trusted client.
- IP Spoofing: this type of cyber attack is used by an attacker to convince a host system that it is communicating with a known and trusted client. To do this, the hacker steals the IP address of the client, which tricks the host to compromise information security.
- Replay: In a replay type of cyber attack, the attacker first intercepts and saves messages between a client and a server. The hacker then later resends them, pretending to be one of the trusted parties. Using timestamps or checksums that use time in the number generation can easily counter this one of the top 10 types of cyber attacks.
Using encryption, digital certificates, public keys, hash functions, and certificate authorities are all information security techniques that are used to counter the MiTM types of cyber attacks.
4. Phishing and spear phishing attacks
This is probably the most common of the types of cyber attacks that many people experience almost daily. The attack on information security happens when the hacker sends out emails to many addresses that pretend to be from a trusted source, such as a bank, retail outlet, or government agency. The email uses social and psychological tricks to influence the recipient to take actions that harm the security of their personal and confidential information. Common types of phishing cyber attacks include email attachments containing malware and links to hackers websites or applications, which then surreptitiously download the malware and infect the target’s computer. The malware can take many unwanted actions; one of the most common is to capture personal information and send it to the hacker.
Spear phishing is a subtly different type of cyber attack. It uses the phishing approach but loads the email with information relevant to the user so that it appears more genuine. Attackers can purchase information such as names and who someone banks with from other hackers and can also use social media tools to get it for free. Because of this, spear-phishing attacks on information security can be very difficult to spot. Hackers use techniques such as email spoofing which uses a senders email address that seems to be genuine, and website cloning when a hacker copies a legitimate website to fool the target into entering login credentials and confidential information.
These techniques can be used to reduce the risk of being phished:
- Read every email carefully, and look for anything unusual such as spelling mistakes or telling you you’ve missed a parcel delivery when you weren’t expecting one.
- Expand any links by hovering the mouse over the link without clicking. Review the URL to decide if it’s genuine. Hackers often use what looks like a genuine URL but use extra characters or misspelling.
- Check the full sender address e.g. xxx@abcd . This can help to identify if email spoofing has been used to combat your information security.
5. Password attack
Stealing passwords is an easy way for attackers to earn money, effectively stealing the identity of the person to take money out of their bank or make purchases. Hackers can also use this one of the top 10 common types of cyber attacks to sell the password information to other hackers. There are even databases on the dark web containing hacked password information. Non-cyber forms of information security password attacks rely on techniques including guessing the information, overlooking the target when they log on, or looking for bits of paper with the login information on it.
Common types of cyber attacks on passwords include the use of malware to capture keystrokes, hacking into password databases, “sniffing” network connections, and trying a series of intelligently auto-generated passwords using information about the target acquired through social engineering techniques, such as spouses name, pets name, or birthplace.
6. Drive-by attacks
Most people trust every website they visit. But websites can contain malicious code that you can’t easily spot. Hence drive-by attacks are one of the top 10 most common types of cyber attacks that lure the unwary, especially those who regularly browse the far corners of the internet or happily download applications from websites. Hackers look for insecure websites and applications then insert a malicious script into the code. When someone visits the page or runs the application, either the script secretly installs malware onto the victims computer, or the victim is redirected to a site controlled by the hackers.
These common types of cyber attacks represent a very high risk to information security as the victim isn’t aware of the hidden dangers that lurk in the website. Drive-by attacks take advantage of information security vulnerabilities in applications, plug-ins, operating systems, webpages, and web browsers.
Useful information security approaches to guard against drive-by attacks include fully-featured anti-virus software that checks apps and websites for malicious code, patching applications, browsers, and operating systems to keep them up-to-date, and staying away from non-mainstream websites that could contain malicious code.
7. SQL injection attack
This is one of the less common types of cyber attacks against individuals but is a common issue with the information security of websites that run on databases. The hacker executes a SQL query to the database, which inserts malicious SQL commands into it. Successful attacks of this type can do just about anything with the database and the information it contains, bypassing any security measures. This includes data deletion, modification, and insertion as well as running administrative commands such as shutdowns or cloning the entire database contents to the hackers system.
Hence this common type of cyber attack can be extremely disruptive to an organization. Protecting information security against SQL injection attacks requires good management of database permissions, staying away from dynamic SQL, and using stored procedures parameterized queries.
8. Cross-site scripting (XSS) attack
9. Eavesdropping attack
In this form of the most common types of cyber attack, network traffic is intercepted by the hacker so that they can steal confidential data, including passwords and credit card information. Encrypting data before transmission using a strong technique is the best way to strengthen information security against this type of cyber attack.
10. Birthday attack
This type of cyber attack attempts to breach the information security of messages and signatures encrypted using hashing techniques. Hashing algorithms are used to check the integrity. A message processed by a hash function generates a fixed-length message digest (MD) with the size independent of the length of the message input. The attacker uses tools to try and find two random messages that generate the same MD when processed by a hash function. If they are successful, then the hacker can replace the user’s message with their own, which can then transport malicious code to the victim.
The top 10 most common cyber attacks affect many thousands of individuals and organizations every single day. Putting very stringent information security in place has never been so important. Not only are hackers using every technique in this list of types of cyber attack, but they are also coming up with new ones. Facebook is a good example of this. Viruses can now be easily spread using this popular social media tool, stealing identities and disrupting normal life.
Everybody needs to adopt the basic principles of information security to keep their data and information safe. Strong firewalls should be installed on every system. Commercial anti-virus programs must be installed and kept up-to-date. Users should be trained to be vigilant against social engineering attacks. Passwords should be strong, routinely changed, and not shared across systems and applications.
Hacking is now an industry. Deploying many different types of cyber attacks is all in a days work for many hackers. State-sponsored hacking groups have developed the common types of cyber attack into large scale weapons of disruption and theft. Cyber threats are here to stay.