A cyber attack is an action which targets computer systems, infrastructures or networks with the motive of stealing, modifying or destroying data without the user’s consent. In this article, I will take you through the common types of attacks that happen online.
This happens by sending false emails to users with the intent of getting sensitive information. This is a combination of social engineering and technical trickery where the attackers pretend to be someone or something legitimate and get your details. These emails come with links which install malware on your system or redirect you to a malicious page to provide personal info.
How to not get “Phished”
- Analyze the email thoroughly before taking any actions
- Hover over the links in the email and check if the link redirects you to a legitimate site or not
In order to gain access to your systems or online accounts, a brute force attack can be used. The attackers will try all the possible ways to crack your password using various algorithms which are carried out within milliseconds. A dictionary attack is one way of trying to brute-force into your systems. The computer tests all the words in the dictionary. The best course of action in protection from brute force attacks would be to have a strong password (8 characters minimum; lowercase + uppercase letters; special symbols and numbers). You can test your password to check how long it will take to crack it.
Ransomware is a Malware which blocks the victim from accessing the system until a ransom is paid. The ransom is commonly asked to be done using cryptocurrencies. However, there’s no guarantee that the access will be granted even after paying the ransom. This malware usually enters the system through a Trojan where it looks like a legitimate file in the beginning. You must be vigilant when you download anything from the internet and keep all your data backed up in case a ransomware attack occurs.
SQL injection attack
SQL injection (SQLi) goes after vulnerable websites to target the websites' stored data. This style of attack gives the attacker control over the database server of a website or web application. With this kind of control, they can gain access to usernames, passwords and any amount of personal information stored in the database. To know in-depth of what is SQLi and how to defend yourself from it check our previous article.
Cross-Site Scripting (XSS)
Cross-Site scripting is similar to the SQL injection attack but instead of attacking the website itself, it targets a specific user who accesses the website. The website is injected with malicious code with the intention of infecting only the specific user when he/she access the site. This means that any sensitive information sent towards the site can potentially be stolen without the site even knowing it. To prevent cross-site scripting from happening, check our previous article.
Denial-of-Service (DDoS) attack
A Denial-of-Service attack floods a website with a huge amount of traffic, taking up the entire server bandwidth, thus making it inaccessible by other users. Due to the exhaustion of resources and bandwidth, the site will be unable to fulfill legitimate requests. These types of attacks are meant for either to crash the server or to introduce a different kind of attack following the Denial-of-Service attack. Read our previous blog to know in-depth about how the attacks happen and how to protect yourself from them.
Man-in-the-Middle (MITM) attack
A Man-in-the-Middle attack is when an attacker hijacks a connection to eavesdrop between two parties. The two entities will have no idea that the connection is being intercepted by a third party. Most common points for a Man-in-the-Middle attack are when connecting to an unsecured public WIFI or through a malware breach in the system.
If you want to protect yourself online, you need to know exactly what harm lies out there. Here we explained the most common attacks that can happen and how to mitigate them. To keep your system secure from most of these threats, keep your antivirus and software up to date, use strong passwords and perform regular backups.