A cyber attack is an unauthorized and intentional attempt by an individual or even an organization to breach another person’s or company’s information system.
Cybercrime And Cyber Attacks
How many times have you wondered … Why do cyber attacks exist?
A cybercriminal tries to take advantage of the discovered vulnerabilities of corporate systems. The cybercrime rate is increasing yearly; in most cases, cybercriminals are trying to get a ransom. According to a statistic, 53% of cyber attacks cause damage of over $ 500,000.
What Are The Most Common Cyber-Attacks?
Below I give an overview of the most common types of cyber attacks.
As we have seen in previous articles, phishing consists in sending fake emails containing fraudulent communications that appear to come from a natural source.
This attack aims to steal the victim’s sensitive data, such as credit card and login information, install malware on the computer and then take possession of it.
Malware is defined as malicious software, such as spyware, ransomware, virus and worm.
The malware’s job is to breach a network by exploiting a vulnerability, usually after a user clicks a malicious link or opens an attachment within the received email, installing malicious software.
When software is installed, malware can block access to core network components, install malware or other malicious software, and obtain information undetected by transmitting it to the attacker.
Man in the Middle attack
The Man in the Middle (MitM) attack, translated into Italian, the man in the middle, is a type of attack that intercepts information between two parties; once traffic is stopped, cybercriminals can sort and steal data. Usually, the entry points for this type of attack are unsecured public Wi-Fi networks; the cyber criminal intercepts data or scans connected devices for vulnerabilities and installing malware.
Once the device has been hacked, the cybercriminal can do whatever he wants with it.
The SQL injection technique “Structured Query Language” occurs when a cybercriminal inserts malicious code into a server that uses an SQL database, forcing it to disclose information that should remain confidential. The SQL injection can be done directly from the site URL or through specific tools, such as the famous Sqlmap.
DNS tunneling uses the DNS protocol to transmit “non-DNS” traffic on port 53; it also uses DNS to send traffic with the HTTP protocol.
DNS tunneling was born to use the DNS tunneling services on VPN for work and private purposes, but unfortunately, they are also used for malicious purposes.
By malicious use, DNS requests are manipulated to exfiltrate the data intercepted by a system (obviously compromised) and divert the data to the attacker’s infrastructure.
Another potent type of attack used by cybercriminals is the “Denial-of-Service“, through which vast flows of requests are sent to the target systems to exhaust their resources and bandwidth.
The system under attack can no longer satisfy all the requests received and goes down.
A “zero-day” attack exploits a newly discovered flaw and has not yet been made public or reported to the manufacturer. This flaw awaiting a resolution, leaves the door open to attacks by cybercriminals.
A botnet is a network of computers infected with malicious software. Cybercriminals can control a botnet as a group without the owner noticing.
The goal is to increase the range of the attacks. A botnet is often used to carry out the famous “distributed denial-of-service” DDoS attacks.