Ready to Start Your Career?
July 1, 2018
Common Types of Cyberattacks
July 1, 2018
Cyberattacks are running rampant today. It’s like an epidemic, with one major attack after another making headlines in national and worldwide news. These threats attack individuals and organizations, with mass attacks on organizations being especially catastrophic, since they compromise centralized sources of information that can impact millions of individuals and other associated entities. To the average, non-technical person, not only do all of these online attacks sound disturbing, but they may also sound like they’re all the same. Indeed, many if not all of these attacks share the ultimate goal of obtaining valuable information or money. However, these attacks come in different forms, utilizing different kinds of tactics and exploiting various vulnerabilities to strike and steal. Here is a general breakdown of some common types of cyberattacks currently existing in the cyber world.
Denial of Service (DoS/DDoS)Denial of Service (DoS) attacks serve the main purpose of disrupting a website or system so that it cannot respond to client requests from users who try to visit or request information from the site. In a DoS attack, hackers send excessive amounts of data or traffic to a website so that its server gets overloaded and crashes, not being able to operate. Although a website can crash in situations where a big scandal in the news breaks out and millions of people try to visit the site of the subject of the scandal, rushing at it with more traffic than it can handle, such crashes are usually due to bad intentions from a person or entity trying to cripple a website or the company that owns the site. Hackers behind denial of service attacks can also employ multiple computers to overwhelm a website with traffic at the same time, making the DoS attack a Distributed Denial of Service attack (DDoS). The attacker may use these computers by hijacking them, often without the computer user’s knowledge. DDoS launches are harder to battle than DoS attacks because with multiple computers flooding a website, it’s challenging to pinpoint the sole culprit device or attacker.The motives behind DoS and DDoS attacks can vary. Some attackers may be disgruntled customers who take pleasure in hurting a business’s performance, or they may attack a government site in protest of a controversial policy. In other cases, the DoS/DDoS attacks may be a preliminary step in compromising a system or website so that another type of attack, like session hijacking, can be carried out.
MalwareMalware is an umbrella term for various kinds of malicious software that is installed on a victim’s computer without his consent or knowledge. This software can perform a variety of dangerous activities, such as secretly stealing information, taking over the computer’s functions, or destroying data. Malware usually finds its way onto a computer through phishing emails or fraudulent websites. There are different categories of malware; some include
- Virus – Code that, once run, replicates itself to spread to other devices by altering computer applications or attaching itself to computer files. They cause damage such as data corruption and system failure.
- Trojan horse – Trojan programs deceive victims by appearing to serve a legitimate purpose like virus removal, but they actually perform dangerous tasks like accessing personal information or setting up backdoors for security exploits. Unlike viruses, they do not replicate or infect other files.
- Worm – Worms are standalone programs that spread like viruses, but unlike them, they do not have to attach to a “host” like a file or program in order to function. Usually spread through email attachments, worms are known for installing backdoors that give attackers remote control over a computer, using up bandwidth, and overloading network traffic, which can overwhelm email servers and result in denial of service attacks on a network.
- Spyware – Software that secretly tracks and records information, such as keystrokes, website browsing history, and personal information like credit card numbers.
- Ransomware – Ransomware is a particularly ruthless type of malware that commandeers and locks data access to a user, through encryption, until the user pays a ransom. The attackers usually threaten to delete or publish the victim’s information within a certain amount of time if the ransom is not paid.