What Are the Most Common Types of Cyber Attacks?

Tech Takes - May 23, 2019

What Are the Most Common Types of Cyber Attacks?

1. Malware

Malware is an umbrella term for viruses, worms, trojans, ransomware, adware, and spyware. One of the worst types of malware is hybrid attack malware that may be part trojan and part virus. These hybrid attacks can have devastating effects on the end user’s device.

One such hybrid attack was detailed on an episode of RadioLab. The victim’s computer was taken over by malicious files called CryptoWall via a trojan attack and all files on the computer became totally inaccessible. The only message the user could see was a message that informed the user that all the files were encrypted and $500 in Bitcoin were required to get the files back.

This particular malware has caused up to $325 million in damages. Hackers use this malicious software to steal, encrypt, delete, alter, and hijack user information and compromise core computing functions.

2. Phishing

Cybercriminals utilize phishing tactics to distribute malicious links and attachments via fraudulent emails or other electronic communication methods. This allows hackers to gain access to user login credentials and other confidential information.

According to the 2019 Verizon Data Breach Investigations Report, almost a third of all data breaches in the past year were phishing-based. Phishing cyber criminals trick unsuspecting users with lookalike sites to places like PayPal or Dropbox to gain login credentials.

Another phishing scam involves ransomware where a user accidentally downloads a malicious file from a seemingly real sender.

3. Man in the Middle (MITM)

Also known as eavesdropping attacks, MITM attacks happen when a hacker inserts themselves in the middle of a two-party transaction to gain access to information such as banking credentials. MITM attacks commonly happen on unsecured WiFi networks or malware-breached devices.

Cybercriminals aim to disrupt web traffic and pilfer data which is why connecting to a public, open WiFi network should be done with care.

4. Denial of Service (DoS)

Denial of service attacks typically flood servers, networks, or systems with traffic to overwhelm user resources and bandwidth. Users are rendered completely unable to access infected servers, networks, and systems.

5. Structured Query Language Injection

SQL attacks are characterized by an attacker's malicious code insertion into an SQL server. What’s the risk? This damaging code forces the infected server to reveal otherwise secure information.

What do cyber criminals want?

Every hacker is after something different. It’s important to recognize that there are different types of hackers in order to understand their many varied strategies and methodologies.

Cyber criminals may try to steal computer infrastructure and gain control over PC storage and network resources, for instance. Other hackers want to create a botnet, or a network of malware-infected computers used to commit mass cyber crimes.

There are others who want to disrupt and shut down web servers to render them useless, sometimes for political aims in state-sponsored attacks from other countries.

And finally, some hackers commit identity fraud by pilfering personal information like social security numbers or banking credentials to make unauthorized purchases or to claim certain benefits.

Am I at risk for a cyber attack?

All web and email users are subject to cyber attacks if you don’t use safe web-browsing practices on a daily basis. Stronger protection and wider-spread awareness about the dangers of cybercriminals has only made the modern hacker more creative and sophisticated. And cybercrime isn’t going anywhere: it’s expected to cost the world $6 trillion by the year 2021.

Is my business at risk for a cyber attack?

Businesses and corporations have a number of valuable assets and information that hackers want in on. 43% of cyber attacks in 2018 targeted small businesses, typically because they have less robust security systems in place than big businesses.

According to the Information Security Forum’s 2019 Threat Horizon report: business cybersecurity threats will only increase with time.

How can I prevent becoming a victim of cyber attacks?

Whether you’re a single user or a business, there are preventative measures you can use to protect against cyber attacks. Follow the tips below and never click on a link that seems suspicious or download files from a site you don’t trust.

Tips for casual users

Step 1: Keep your computers, tablets, and smartphones updated with the latest software

Step 2: Use strong encryption methods for WiFi

Step 3: Avoid unsecured public networks. If you must use them, avoid logging in to sensitive sites

Step 4: Change default passwords and usernames frequently

Step 5: Install a trusted anti-virus protection software on your PC

Tips for business owners

Step 1: Implement a well-configured firewall and perimeter security

Step 2: Increase response rates to security alerts

Step 3: Manage user privileges to ensure protected information stays protected

Step 4: Employ proper web and network security training procedures

Step 5: Proactively install security patches and updates to bar unauthorized access

Stay secure long into the future

Cybercriminals are locked in an arms race with digital security systems. As computers and security technologies advance, hackers adapt and change as well. But with the right knowledge and habits, you are your tech can stay safer online.

What Are the Most Common Types of Cyber Attacks?

1. Malware

What is it? An umbrella term for viruses, worms, trojans, ransomware, adware, and spyware.

What’s the risk? Hackers use these malicious softwares to steal, encrypt, delete, alter, and hijack user information and compromise core computing functions.

2. Phishing

What is it? Cybercriminals use phishing tactics to distribute malicious links and attachments via fraudulent e-mails or other electronic communication methods.

What’s the risk? Hackers want to gain access to user login credentials and other confidential information.

3. Man in the Middle (MITM)

What is it? Also known as eavesdropping attacks, MITM attacks happen when a hacker inserts themselves in the middle of a two-party transaction. MITM attacks commonly happen on unsecured WiFi networks or malware-breached devices.

What’s the risk? Cybercriminals aim to disrupt web traffic and pilfer data.

4. Denial of Service (DoS)

What is it? Denial of service attacks typically flood servers, networks, or systems with traffic to overwhelm user resources and bandwidth.

What’s the risk? Users are rendered completely unable to access infected servers, networks, and systems.

5. Structured Query Language Injection

What is it? SQL attacks are characterized by an attacker's malicious code insertion into an SQL server.

What’s the risk? This damaging code forces the infected server to reveal otherwise secure information.

What do cyber criminals want?

Every hacker is after something different. It’s important to recognize that there are different types of hackers in order to understand their many varied strategies and methodologies.

Cyber criminals may try to:

Steal computer infrastructure and gain control over PC storage and network resources
Create a botnet; a network of malware-infected computers used to commit mass cyber crimes
Disrupt and shut down web servers to render them useless
Enact identity fraud by pilfering personal information like social security information
Swipe user credit card information and steal money

Am I at risk? Yes

Stronger protection and wider-spread awareness about the dangers of cyber criminals has only made the modern hacker more creative and sophisticated.

All web and e-mail users are subject to cyber attacks if safe web-browsing practices aren’t employed on a daily basis.

What about my business? Yes

Businesses and corporations have a number of valuable assets and information that hackers want in on
58% of cyber attacks in 2018 targeted small businesses [2]
According to the Information Security Forum’s 2019 Threat Horizon report, business cybersecurity threats will only increase with time [3]