There are several types of cyber-attacks everyone should be aware of. Hackers are becoming more sophisticated and coming up with new methods every year. Below are the types of cyber-attacks people should be aware of and avoid.
Social engineering techniques rely on psychological maneuvering to trick individuals into downloading malicious software or into unwittingly assisting hackers with cyber-attacks.
When executing a cyber-attack, hackers rely on developing trust with individuals who have the necessary privileges to access protected data. Hackers then leverage this trust to facilitate conventional hacking, by manipulating those individuals into sharing sensitive information or performing actions that allow hackers to get around information security measures (Harnish, 2015:143). The following subsections describe various types of social engineering attacks that hackers may use to defeat an organization’s cyber-security.
Executing phishing attacks is an effective means for installing malware on an organization’s network. Phishing can also be used to collect information that hackers require to gain unauthorized access to a company’s networks. Phishing emails may include links that redirect users to dummy websites masked as legitimate web pages, where users are prompted to share confidential information to complete a certain activity, such as downloading a file.
Spear-phishing has similar goals to phishing, however, unlike phishing attacks, which are usually sent to numerous people at a time, spear-phishing is a more personalized attack that targets specific individuals (i.e., CEOs, accountants or bookkeepers). Attackers using this method frequently disguise malicious emails by including personal information that only a trusted entity would know, such as information about the target’s hometown, colleagues, etc. Although spear-phishing attacks require more effort on the part of the attacker – as they need to research and gather personal information related to the target – they are one of the more successful means of installing malware on targeted systems.
Quid Pro Quo Attacks
Quid pro quo attacks involve the promise of a service in exchange for a user’s login details or sensitive data. Hackers using this method often impersonate IT staff, requesting login details or direct access to an organization’s information system under the pretense of needing to install software or perform updates. Users may also be expected to perform a specific action in order to aid an attack, such as disabling antivirus software or alert notifications. This type of attack may happen remotely (for example, through a user interface that prompts users to enter their login credentials), over the phone, or face-to-face with the hacker.
Tailgating attacks depart from the reliance on technology required by the types of social engineering attacks mentioned in the previous sections. Also referred to as “piggybacking”, tailgating involves hackers gaining physical access to the targeted company’s facilities. Hackers using this technique may simply wait for authorized individuals to open the door, and then walk in behind them. As with quid pro quo attacks, attackers might impersonate a delivery man or a driver carrying packages, and wait for an employee to open the door for them. Without the correct physical security measures in place, hackers can use this method of attack to gain direct access to an organization’s server rooms or networks.
Distributed Denial-of-service Attacks (DDoS Attacks)
A distributed denial-of-service (DDoS) attack attempts to render a system inoperable by flooding it with more traffic or data than its server can manage. DDoS attacks generally involve hackers installing malware on multiple computers, and these then form part of the hacker’s botnet. A botnet, also referred to as a “zombie army”, refers to a group of computers that are infected with malware that allows them to be remotely controlled. The malware allows hackers to use the infected computers to overwhelm a targeted system’s networks. This is achieved by linking all infected computers that form part of the hacker’s botnet to a single controller. The controller prompts each of the infected computers to direct data through the system’s network until the amount of data becomes unmanageable and the network loses functionality. This overload of the targeted system’s networks disrupts the server’s usual services, or makes it nearly impossible to access the server’s web pages.
Application-layer DDoS attacks differ from traditional types of DDoS attacks. They are slower, and they target specific features or applications on a website. Like the tactics employed in traditional DDoS attacks, the intention is to overburden the applications with an increasing amount of traffic that replicates normal user requests, until the application eventually stops functioning.
Advanced Persistent Threats
An advanced persistent threat (APT) is a sophisticated cyber-attack that uses multiple phases to stealthily gain unauthorized access to a network to extract as much data as possible over a prolonged period. Many APT attackers pursue their objectives over months or years. APTs are considerably more complex than the attacks mentioned previously, often incorporating a number of different types of attacks to ensure that hackers can infiltrate a system while remaining undetected throughout all stages of the attack. This allows the hackers, who often function as a team, to extract as much information as possible. APT attacks require considerably more resources than other forms of cyber-attack, which is why they are most often carried out by nation states.
A brute-force attack is a method that uses trial and error to eventually guess the correct password necessary to gain access to a system. As this is an exceedingly time-consuming method, hackers generally rely on software to systematically comb through all possible passwords until the correct one is found.
Author: Will Batshoun, North Side Bank & Trust Company Network Administrator
1 Greene, S.S. 2014. Security program and policies: principles and practices. 2nd ed. Indiana: Pearson Education, Inc. 231-232.
2 Crowe, J. 2017. Must-know ransomware statistics 2017. Available: https://blog.barkly.com/ransomware-statistics-2017 [2017, September 2].
3 Harvard Online School. Cybersecurity: Managing Risk in the Information Age by Eric Rosenbach.
4 Paganini, P. 2017. The most common social engineering attacks. Available: http://resources.infosecinstitute.com/common-social-engineering-attacks/#gref [2017, October 25].