All about different types of cyber attacks
Familiarity with types of cyber attacks
A cyber attack refers to an action that is carried out to target a computer or any element of a computer information system and is designed to change, destroy or steal data, as well as exploit or harm an organization. Cyber attacks are on the rise along with the digitization of business which has become more popular in recent years.
There are different types of cyber attacks, and we will introduce the most important types of attacks below:
DoS and DDoS Attacks
DDoS and DoS attacks are two types of cyber attacks that aim to stop access to an online service or system. These attacks are carried out based on the occupation of the target system's resources, and may cause service or system performance disruption, complete service stoppage, or increase costs to provide the resources needed by the service provider.
DoS (Denial of Service) attacks are attacks that are carried out in order to occupy the resources of the target system and make it impossible to access services or online systems. In this type of attack, a person or a group of people tries to send a lot of requests to the service or that system by generating high and abnormal traffic to the target system. This causes the target system's resources such as CPU, memory, bandwidth to fill up quickly and gradually disrupts the performance of services.
DDoS (Distributed Denial of Service) attacks are a more advanced type of DoS attack in which attackers attack from several different sources at the same time. In this attack, attackers create abnormal traffic on a target system through multiple controlled or uncontrolled systems. This causes the target system to be stressed and its performance to be impaired.
MITM attacks
Man-in-the-Middle Attacks (MITM) is a type of attack in computer networks in which the attacker is placed between two communication parties and is able to monitor and change the communication between them. In fact, the attacker acts as an intermediary and changes and exploits the communication from one side to the other.
Below we explain some types of popular attacks:
Interception: In this type of attack, the attacker monitors the traffic between the two communication parties and saves the information sent. This can include monitoring network packets, listening to phone calls, saving input keys, etc.
Modification: In this type of attack, the attacker unauthorizedly changes the information between the two communication parties. This can include changing the content of messages, input or output information in a web connection, or rerouting network traffic.
Injection: In this type of attack, the attacker illegally injects fake information into the traffic between the two communication parties. This can include injecting fake messages into a web connection, injecting fake commands into protocols, etc
Spoofing: In this type of attack, the attacker falsifies the identity of one of the communication parties and illegally enters instead of that person and uses this fake identity to communicate and carry out their activities.
Session hijacking: In this type of attack, the attacker steals the value of the desired session ID to gain control over a communication session and uses that session illegally. This issue can lead to obtaining sensitive user information, performing unauthorized activities in the user account, or obtaining permission to access restricted resources.
Phishing attacks
Phishing attacks are a type of cyber attack in which hackers try to steal sensitive information, such as passwords, financial information, and personal information. These attacks are often carried out by sending fake and seemingly authentic messages to targeted individuals, with the aim of persuading them to provide sensitive information or perform risky operations.
Typically, phishing attacks include:
Sending phishing emails: Hackers send fake emails to thousands or millions of people, pretending to be from reputable companies or organizations such as banks, tech companies, or social networks. These emails often contain bogus requests to provide sensitive information such as passwords or bank account information.
Creating fake websites: Hackers design and create fake websites that look similar to authentic websites. They then direct people to these websites through phishing emails, text messages, or fake ads and try to get their sensitive information.
SQL Injection attack
SQL Injection attack is a type of attack in the web world that gains access to the server database by injecting unauthorized SQL queries in requests sent by web applications. This attack mainly occurs in web applications that use the SQL language to communicate with the database.
When a web application adds user parameters to an SQL query without sufficient validation and processing, an attacker can inject their own SQL query impermissibly into the submitted request. Then this SQL query is executed by the database and the possibility of performing malicious operations such as deleting, changing or accessing sensitive information in the database is presented to the attacker.
The number of cyber attacks is very large and in this article we have introduced four cases of cyber attacks. Today, with the increase in the number of crimes