Cyber attacks you need to know about.

malicious-code-4036349_1920.jpg
 

Cyber Attacks are occurring every minute. As technology is rapidly progressing, so is the thinking to exploit this technology to steal information and sensitive data. Cyber attacks are designed to fulfill an objective by affecting a vulnerable target, concealing its identity, and eventually damaging or disrupting operations.

Here are the cyber-attacks you need to be aware of :

Man In The Middle (MiTM): This type of cyber attack happens when a hacker introduces him/herself between your network and a server interjecting and stealing information. Better security technologies have made MiTM attacks more complex; the only groups attempting these attacks are sophisticated hackers and state actors.

Phishing: A phishing attack is where an attacker sends you fraudulent emails with clickable links. It compels the user to open the malicious attachment or click links that lead the user to web pages (bogus sites) identical to the legitimate website. Do not click any links from unknown or untrusted emails.

SQL Injection: An SQL Injection attack is when an attacker injects malicious SQL queries into the database to manipulate it and exfiltrate sensitive data. SQL statements control your web application database and can be used to bypass security measures if user inputs are not properly sanitized. A SQL injection attack consists of the insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection can read sensitive data from the database, modify database data, execute administration operations on the database, recover the content of a given file present on the DBMS file system, and, in some cases, issue commands to the operating system.

Cross-Site Scripting: This type of attack uses a third-party website to inject malicious Javascript code into the target's web browser to steal data. The code is run within a user’s browser. Upon initial injection, the site typically isn’t fully controlled by the attacker. Instead, the bad actor attaches their malicious code on top of a legitimate website, essentially tricking browsers into executing their malware whenever the site is loaded. There are two types of XSS attacks: stored and reflected. Stored XSS attacks occur when an injected script is stored on the server in a fixed location, like a forum post or comment. Every user that lands on the infected page will be affected by the XSS attack. In reflected XSS, the injected script is served to a user as a response to a request, like a search results page.

Social Engineering: Social engineering uses psychological manipulation to trick users into making security mistakes and give away sensitive information. Phishing is one of the most common types of attack used in this case. A delinquent first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols needed to proceed with the attack. Then, the attacker gains the victim's trust and provides stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.

DNS Hijacking: The DNS is the protocol used to map domain names to IP addresses. The attack works when hackers exploit the way DNS communicates with an internet browser. The system acts as a phone book, translating a domain, e.g., "byte.net," into an IP address. The DNS then looks up and finds which global server is hosting that site and directs traffic. The attack happens when a hacker can disrupt the DNS lookup and then either push the site offline or redirect traffic to a site that the hacker controls.

Drive-By Attacks: These attacks are used to spread malware by targeting insecure websites with unintentional file/software downloads. Simply accessing or browsing a website can activate the download. The malicious code is designed to download malicious files onto the victim's device without the user's knowledge.

Water-Hole attack: These attacks compromise a specific group of end-users by infecting a user's computer with malicious code to get access to the network. The attackers will first profile their target to determine the websites they frequently visit, and from there, will look for vulnerabilities they can exploit. By exploiting these vulnerabilities, the attacker compromises these websites and waits, knowing it is only a matter of time before the user in question visits. The compromised website will, in turn, infect their network, allowing attackers to gain entry into their system and the ability to move laterally to other systems.

Denial of Service (DOS) & Distributed-DOS: This attack is one of the most widespread attacks, which is done by making a resource unavailable to the user by disrupting the user's services connected to the internet. A distributed DOS is when multiple machines are operating to attack one target user. Either flooding networks can execute doS attacks with traffic or send information that triggers a system slowdown or complete crash. As with DDoS attacks, DoS attacks tend to focus on high-profile organizations or ones with popular, public-facing websites such as banking, commerce, media, or government institutions. DoS attacks can originate from anywhere in the world. Malicious Actors can easily mask their whereabouts so they can overwhelm victim computers.

Redirection: The malicious actor might make a phishing attempt, sending an email that includes a copycat of the web site's URL, e.g., "linkedin.com, "to the unsuspecting victim. If the website appears legitimate, users might inadvertently share personal information by filling out any prompts or forms that appear.

Password Attacks: Attackers leverage password authentication mechanisms to gain access to a user's data. These could be online or offline attacks.

Malware Attacks: These are attacks where any unwanted software is injected into your system with your approval. An example here would be a Trojan.

Insider Attack: These attacks are caused through the activities of a disgruntled employee or ex-employee. These could be very dangerous and cost you heavily.

Crypto-Mining Attacks: In this kind of attack, crypto criminals hack into computer systems, laptops, mobile devices, or tablets to install software that uses the computer's power to rob or steal the owner's cryptocurrency.

Botnet Attacks: Botnets are a collection of system networks in which attackers have been infected with malware, and it allows these attackers to control them remotely. They can perform coordinated attacks at a mass scale.

Cyber attacks do not just affect one person; they affect us all. They cause massive damages to businesses concerning capital as well as jobs. They can take on many forms and attack in different ways. If one person is targeted, the chances are most likely you will be too. A user should remain in a continuous education loop to maintain a strong security stance against cyber attacks.

References:

https://blog.sucuri.net

https://owasp.org/

Previous
Previous

Hack The Box Edition: Teacher

Next
Next

The Revil Ransomware - “Kaseya”