There are many types of cyberattacks that exploit security vulnerabilities and human error to cause damage and data corruption, steal your information, or even cause financial loss. Today, we’ll introduce 16 common types of cyberattacks that you need to be aware of. Let’s find out about them.
Table of Contents
- Zero-day attacks
- Malware attacks
- DDoS (distributed denial-of-service) attacks
- MITM (man-in-the-middle) attacks
- DNS cache poisoning attacks
- DNS tunneling attacks
- Dictionary attacks
- Rainbow table attacks
- SQL injection attacks
- Cross-site scripting attacks
- Drive-by attacks
- IP spoofing attacks
- USB drop attacks
- Juice jacking attacks
- Watering hole attacks
- Phishing attacks
Let’s explain them one by one.
1. Zero-day Attacks
Even if a user does everything right, there’s still no perfect security because of zero-day attacks. Hackers, like software developers, are always looking for vulnerabilities. If a white-hat hacker discovers the security hole and tells the developers, or if the software manufacturer finds it, the developers will investigate the issue and release an update as soon as possible. However, if attackers find the vulnerabilities, they will immediately use the method to design malware and attack users.
If the attackers find and exploit it before the manufacturer releases a patch, this is known as a zero-day attack. This is a very successful way of conducting a cyberattack because it could take a long time, maybe even years, before the software manufacturer finally discovers the security hole. At that time, the vulnerability can be actively exploited to contribute to successful cyberattacks.
2. Malware Attacks
Malware attacks are undoubtedly one of the most well-known types of cyberattacks because they can cause many kinds of damage. It involves installing malware on the victim’s computer to conduct cyberattacks. Common types of malware include:
Malicious actors can use ransomware to make your data and systems inaccessible, use spyware to collect massive amounts of information about you without your consent, and use adware and scareware to interrupt you and trick you into installing more malware.
The malware can reside on your computer in any of the five forms:
- Trojan horses
- Fileless malware
Viruses cling onto legitimate files while trojan horses pretend to be them. Worms can replicate themselves automatically without human intervention. Fileless malware uses legitimate software to conduct cyberattacks, while rootkits pretend to be part of the operating system or firmware itself to escape detection and cause damage on a more advanced level.
There are many ways for a computer to get malware, including using social engineering. Therefore, you have to avoid falling victim to those attacks and learn how to remove them in case you’ve been infected with malware.
3. DDoS Attacks
A DDoS attack is a distributed denial-of-service attack. It works by sending insane amounts of requests so that the server cannot handle it, either by making the time taken to respond to requests increase dramatically or even incapacitating the server temporarily altogether. This can cause extensive downtime, loss of reputation, and severe financial loss for the company. Moreover, the attack can become a smokescreen to even more serious attacks, such as data theft.
How can malicious actors send this large amounts of requests? The attackers create malware and distribute it through methods like phishing. They can even spread malware to other home appliances as long as they’re connected to the Internet. After that, an attack is initiated. Thousands, or even millions of computers in the same botnet send requests to the same website in order to overload it and take it down.
If you have a website, you should consider DDoS protection solutions, such as Cloudflare DDoS protection, and take action immediately once you suspect that your website is under active attack and legitimate visitors are affected. Never pay the ransom if they’re issued by the attackers. Moreover, to prevent your computer from becoming part of a botnet and contribute to DDoS attacks, you should avoid falling victim to attacks such as phishing and USB drop attacks.
4. MITM Attacks
A MITM attack is a man-in-the-middle attack, which is exactly what it is. Imagine that you’re sending a message to your friend through a conveyor belt, which is two rooms away from you. However, a person in the middle picks up the message between you and your friend, turns something into offensive language, and puts it back into the conveyor belt.
What will happen? Your friend will receive the foul language that you didn’t even write in your message. But in fact, this is exactly what happens in an MITM attack. An attacker places oneself or malware in the middle of the connection for messages to be read and modified.
To avoid MITM attacks, you should browse the web on secure networks and consider investing in a VPN. Moreover, avoid sites that do not use a valid TLS/SSL certificate as unencrypted messages can be read in plaintext by someone between the sender and the receiver.
5. DNS Cache Poisoning Attacks
Attackers might maliciously redirect your web requests to install malware on your computer or steal your personal information. One way to do so is to take advantage of DNS, or the Domain Name System, which converts easy-to-read domain names into IP addresses that your browser can make requests with.
For convenient access, browsers usually store the corresponding IP addresses for websites that you’ve visited. However, attackers can exploit security vulnerabilities to change the IP address associated with a domain name, which is often a frequently visited website. Thus, once the victim tries to visit the associated website, he/she is visiting the attackers’ website, which might automatically download malware or attempt to obtain your login credentials.
You should prevent yourself from being deceived by hackers and installing malware on your computer, even unintentionally. Malware on your computer can be used to initiate many kinds of cyberattacks, including DNS cache poisoning and DNS tunneling attacks.
6. DNS Tunneling Attacks
Unlike DNS cache poisoning, which leads you to the attackers’ website, DNS tunneling uses the fact that DNS requests are usually allowed through firewalls.
To successfully conduct the attacks, the hackers set up web servers, DNS servers, and a domain name, and infect victims with malware. After that, when a DNS query is made to the attackers’ DNS servers, which will pass through most firewalls. However, the website is actually malicious. The DNS query is redirected to the command-and-control server, which establishes an indirect connection between the attackers’ website and your computer. If your computer is hit with a DNS tunneling attack, hackers might be conducting other types of cyberattacks or even remotely controlling your device with malware.
To avoid falling victim to these attacks, avoid being tricked into installing malware from attackers. Moreover, consider setting up a DNS firewall to provide extra protection to DNS tunneling attacks.
7. Dictionary Attacks
A dictionary attack is a way to guess passwords. It guesses through common passwords, hoping that one will match the correct answer. Therefore, accounts with common or predictable passwords are very vulnerable to this type of attack. Bad passwords include:
- Any word you can spell
- Any password shorter than 12 characters
- Variants of any of the passwords above (e.g., substituting a character or spelling them backward)
To be safe, use random password generators whenever possible. You shouldn’t see any obvious pattern as the password length increases. Moreover, use passphrases that are easier to remember for master passwords. This can ensure that the password is long and unpredictable enough so that it’s virtually impossible to break into your personal information.
8. Rainbow Table Attacks
Here comes the more advanced way to guess passwords. Passwords are stored in hashes that are irreversible, but the hashes can still be exploited to obtain the users’ passwords. Firstly, the hackers store lots of strings and their corresponding hashes in an enormous database. After that, if a data breach discloses the hash of the password, a quick lookup on the database might reveal the password in plaintext.
Therefore, keeping your passwords long and arbitrary is crucial. Probably no one’s going to store a rainbow table for every combination of 12-character passwords. Instead, they probably use a strategic way to hash common and short passwords first. Another way to prevent rainbow table attacks is by adding “salt”. It’s basically an extra, randomly generated component of the password. Once a password is submitted, the server will add the “salt” before verifying the hash, making these attacks unreliable.
9. SQL Injection Attacks
SQL injection attacks are a way to steal, modify, or delete databases without permission. An attacker enters a valid SQL query in input fields to manipulate databases or gain unauthorized access to systems. For instance, when an attacker tries to log in, he/she might add another condition, such as letting the user log in when the password and the username match, or if 4 equals 4. Since the latter condition is always satisfied, the attacker could log in. Moreover, if an attacker visits a form but maliciously changes the results instead of adding new data, it could ruin the entire research!
For website owners to combat SQL injection attacks, make sure you sanitize user input. Your website should escape special characters from user input, and invalidate it if necessary before it is considered user input.
10. Cross-site Scripting Attacks
Cross-site scripting attacks, or XSS attacks, involve injecting malicious code into a legitimate website so that users can be compromised.
One type of XSS attack is the reflected XSS attack. It involves encoding script into an URL like this:
After that, the attacker tries to distribute the URL through methods like social engineering so that people can fall victim to the attack.
However, one even more dangerous type of XSS attack is the persistent XSS attack because the malicious script is integrated into the database. Therefore, whenever users access this part of the database, the script will be executed if the website cannot resist it.
Again, sanitizing inputs is a practical way to avoid XSS attacks. The process ensures that if valid code is inside the user input, it cannot run because special characters are escaped.
11. Drive-by Attacks
Will just visiting a website install malware on your computer? The answer is yes, and that’s thanks to drive-by attacks. Remember that if a script is inserted into a website, it will run automatically unless a condition has been specified. If the part of the script that runs when you start your session is malicious, it might download malware on your computer without your consent.
The best way to avoid drive-by attacks is to not visit unknown or insecure sites, or click on any links on emails or messages. These are all pathways that lead your computer to a program that downloads something nefarious on your device.
12. IP Spoofing Attacks
IP spoofing involves using tools to fake the sender’s IP addresses to bypass protective layers and conduct other cyberattacks, such as DDoS attacks.
Suppose a botnet wants to amplify the DDoS attack. In that case, IP spoofing will be used to pretend to be the victim, and then the computers in the botnet will ask for large amounts of DNS records. In this case, instead of the botnet, the victim will have to process the entire list of DNS replies, potentially incapacitating it.
13. USB Drop Attacks
If you’ve ever seen a USB lost in the public, never pick it up. It is likely part of a USB drop attack, in which external storage devices are left in the public and attract victims to plug them in. The storage device is likely infected, so connecting it to your device might result in data theft or malware execution.
14. Juice Jacking Attacks
Have you ever used a public phone charger? If so, you might be at risk of juice jacking attacks. This type of attack uses charging ports to transfer data. This can open up opportunities for data theft, which can be used to reveal all sensitive data on your device. Moreover, juice jacking attacks can also be used to install malware on your phone, leading to all kinds of trouble.
To be safe, never use public charging ports. They might support data transfer, and cybercriminals might exploit it without you even knowing.
15. Watering Hole Attacks
If someone wants to poison a large number of people, he/she won’t reach out to every single victim to try to convince them to consume the poison. Instead, he/she will try to contaminate the water source with poison so that people will get poisoned without them even realizing it.
Although it sounds insane, this is actually how watering hole attacks work. Instead of targeting one victim at a time, an attacker could infect a website that the targets usually visit so that visitors will be compromised without them even clicking on something suspicious.
To avoid watering hole attacks, make sure you use tips to prevent your systems from being compromised, like installing antimalware solutions and firewalls and keeping your software up-to-date. Being subject to these attacks might be inevitable for a user who visits the infected website, but resisting the attack is possible unless you’re also hit with a zero-day attack whose vulnerability has never been discovered or considered.
16. Phishing Attacks
Phishing attacks are social engineering attacks that persuade victims to download malware, provide personal information, or succumb to other types of cyberattacks through malicious messages. Remember that phishing messages are very well-crafted and resemble official messages very much, so you will have to look for something wrong with the details.
For instance, if a message just looks wrong (e.g., if you’ve won a lottery that you’ve not signed up for, or if you receive a message requiring you to take immediate action to save your account), this is probably a scam. If the salutation is too generic, like (Dear Customer), that means the sender doesn’t know much about you and is not the company that the scammers are pretending to be from. Moreover, spelling mistakes might be deliberately included in the message to bypass anti-spam filters. Besides, if the domain name in the sender’s email address is not what it should be (like email@example.com for an email that’s seemingly by Microsoft), even if it’s just a little off, you can be certain that it’s a scam.
Here are just some of the signs of phishing attacks, but sometimes the signs are just so subtle that you can’t detect them. Therefore, a better way to prevent these attacks is to simply not click on links. For instance, if your email mentions a problem with your account, it’s better to manually log in to your account instead of clicking on the link. The only exception to this rule is when both the sender and receiver have confirmed that a message will be transmitted and that there is no other way to obtain the information but to click on the link or open the attachment.
There are many ways for a cyberattack to hit your business, but there are also ways to combat it. Find out what to do after a cyberattack in this article. If you want to learn more about the various types of cyberattacks, you can refer to the references below. Moreover, if we have missed any important points, please leave that in the comments below.
References and Credits
- (n.d.). What is a Zero-day Attack? – Definition and Explanation – Kaspersky. Retrieved September 28, 2021, from https://www.kaspersky.com/resource-center/definitions/zero-day-exploit
- (2021, September 3). Understanding Cloudflare DDoS protection. Retrieved September 28, 2021, from https://support.cloudflare.com/hc/en-us/articles/200172676-Understanding-Cloudflare-DDoS-protection
- (n.d.). What is a distributed denial-of-service (DDoS) attack? Retrieved September 28, 2021, from https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/
- Dan Swinhoe. (2019, February 13). What is a man-in-the-middle attack? How MitM attacks work and how to prevent them. Retrieved September 28, 2021, from https://www.csoonline.com/article/3340117/what-is-a-man-in-the-middle-attack-how-mitm-attacks-work-and-how-to-prevent-them.html
- (n.d.). Man in the Middle (MITM) Attack. Retrieved September 28, 2021, from https://www.veracode.com/security/man-middle-attack
- (2020, October 19). What is DNS Tunneling? A Detection Guide. Retrieved September 28, 2021, from https://www.varonis.com/blog/dns-tunneling/
- (n.d.). What is DNS Tunneling? Retrieved September 28, 2021, from https://www.paloaltonetworks.com/cyberpedia/what-is-dns-tunneling
- (2018, November 9). Why you should pay attention to DNS tunneling. Retrieved September 28, 2021, from https://bluecatnetworks.com/blog/why-you-should-pay-attention-to-dns-tunneling/
- (n.d.). DNS Tunneling Attacks and How To Prevent Them. Retrieved September 28, 2021, from https://www.extrahop.com/resources/attacks/dns-tunneling/
- (n.d.). SQL Injection. Retrieved September 29, 2021, from https://portswigger.net/web-security/sql-injection
- (n.d.). SQL Injection. Retrieved September 29, 2021, from https://www.w3schools.com/sql/sql_injection.asp
- Adam Shepherd. (2021, April 16). How does a SQL injection attack work? Retrieved September 29, 2021, from https://www.itpro.com/hacking/34441/how-does-a-sql-injection-attack-work
- (n.d.). What is SQL Injection (SQLi) and How to Prevent Attacks. Retrieved September 29, 2021, from https://www.acunetix.com/websitesecurity/sql-injection/
- Christopher Makarem. (2018, November 8). Persistent Cross Site Scripting (p-XSS). Retrieved September 29, 2021, from https://medium.com/iocscan/persistent-cross-site-scripting-p-xss-557c70377554
- (n.d.). Cross-site scripting. Retrieved September 29, 2021, from https://portswigger.net/web-security/cross-site-scripting
- Gavin Wright, Madelyn Bacon. (n.d.). Watering hole attack. Retrieved September 30, 2021, from https://searchsecurity.techtarget.com/definition/watering-hole-attack
- (n.d.). Watering Hole Attack. Retrieved September 30, 2021, from https://www.fortinet.com/resources/cyberglossary/watering-hole-attack
- (n.d.). Ten Telltale Signs of Phishing. Retrieved September 30, 2021, from https://www.thiel.edu/assets/documents/offices/information-technology/10_tell_tale_signs_of_phishing.pdf