1

What is a Cyber Attack?

This is said to occur when there is an unauthorized system/network access by a third

party, we term it as a cyber-attack. The person who carries out a cyber-attack is termed
as a hacker or an attacker.

Cyber-attacks have several negative effects. When an attack is carried out, it can lead
to data breaches, resulting in data loss or data manipulation. Organizations incur
financial losses, customer trust gets hampered, and there is reputational damage. To
put a curb on cyber-attacks, we implement cyber security. Cyber security is the method
of safeguarding networks, computer systems, and their components from unauthorized
digital access.

Now that you know what a cyber-attack is, let look at the different types of cyber-
attacks.

Types of Cyber Attacks

There are many varieties of cyber-attacks that happen in the world today. If we know
the various types of cyber-attacks, it becomes easier for us to protect our networks and
systems against them. Here, we will closely examine the top ten cyber-attacks that can
affect an individual, or a large business, depending on the scale. 

Let’s start with the different types of cyber-attacks on our list:

1. Malware Attack

This is one of the most common types of cyber-attacks. “Malware” refers to malicious
software viruses including worms, spyware, ransomware, adware, and trojans. 

The trojan virus disguises itself as legitimate software. Ransomware blocks access to
the network's key components, whereas Spyware is software that steals all your
confidential data without your knowledge. Adware is software that displays advertising
content such as banners on a user's screen. 

Malware breaches a network through a vulnerability. When the user clicks a dangerous
link, it downloads an email attachment or when an infected pen drive is used. 

Let’s now look at how we can prevent a malware attack:

 2

 Use antivirus software. It can protect your computer against malware. Avast Antivirus, Norton
Antivirus, and McAfee Antivirus are a few of the popular antivirus software.

 Use firewalls. Firewalls filter the traffic that may enter your device. Windows and Mac OS X
have their default built-in firewalls, named Windows Firewall and Mac Firewall.

 Stay alert and avoid clicking on suspicious links.

 Update your OS and browsers, regularly.

2. Phishing Attack

Phishing attacks are one of the most prominent widespread types of cyberattacks. It is a
type of social engineering attack wherein an attacker impersonates to be a trusted
contact and sends the victim fake mails. 

Unaware of this, the victim opens the mail and clicks on the malicious link or opens the
mail's attachment. By doing so, attackers gain access to confidential information and
account credentials. They can also install malware through a phishing attack. 

Phishing attacks can be prevented by following the below-mentioned steps:

 Scrutinize the emails you receive. Most phishing emails have significant errors like spelling
mistakes and format changes from that of legitimate sources.

 Make use of an anti-phishing toolbar.

 Update your passwords regularly.

3. Password Attack

It is a form of attack wherein a hacker cracks your password with various programs and
password cracking tools like Aircrack, Cain, Abel, John the Ripper, Hashcat, etc. There
are different types of password attacks like brute force attacks, dictionary attacks, and
keylogger attacks.

Listed below are a few ways to prevent password attacks: 

 Use strong alphanumeric passwords with special characters.

 Abstain from using the same password for multiple websites or accounts.

 Update your passwords; this will limit your exposure to a password attack.

 Do not have any password hints in the open.

 3

4. Man-in-the-Middle Attack

A Man-in-the-Middle Attack (MITM) is also known as an eavesdropping attack. In this

attack, an attacker comes in between a two-party communication, i.e., the attacker
hijacks the session between a client and host. By doing so, hackers steal and
manipulate data. 

As seen below, the client-server communication has been cut off, and instead, the
communication line goes through the hacker.

MITM attacks can be prevented by following the below-mentioned steps:

 Be mindful of the security of the website you are using. Use encryption on your devices.

 Refrain from using public Wi-Fi networks.

5. Insider Threat

As the name suggests, an insider threat does not involve a third party but an insider. In
such a case; it could be an individual from within the organization who knows everything
about the organization. Insider threats have the potential to cause tremendous
damages. 

Insider threats are rampant in small businesses, as the staff there hold access to
multiple accounts with data. Reasons for this form of an attack are many, it can be
greed, malice, or even carelessness. Insider threats are hard to predict and hence
tricky.

To prevent the insider threat attack:

 Organizations should have a good culture of security awareness.

 Companies must limit the IT resources staff can have access to depending on their job roles.

 Organizations must train employees to spot insider threats. This will help employees
understand when a hacker has manipulated or is attempting to misuse the organization's
data.

6. Zero-Day Exploit

A Zero-Day Exploit happens after the announcement of a network vulnerability; there is

no solution for the vulnerability in most cases. Hence the vendor notifies the
vulnerability so that the users are aware; however, this news also reaches the attackers.
 4

Depending on the vulnerability, the vendor or the developer could take any amount of
time to fix the issue. Meanwhile, the attackers target the disclosed vulnerability. They
make sure to exploit the vulnerability even before a patch or solution is implemented for
it. 

Zero-day exploits can be prevented by:

 Organizations should have well-communicated patch management processes. Use

management solutions to automate the procedures. Thus it avoids delays in deployment.

 Have an incident response plan to help you deal with a cyberattack. Keep a strategy
focussing on zero-day attacks. By doing so, the damage can be reduced or completely
avoided.

7. Watering Hole Attack

The victim here is a particular group of an organization, region, etc. In such an attack,
the attacker targets websites which are frequently used by the targeted group. Websites
are identified either by closely monitoring the group or by guessing.

After this, the attackers infect these websites with malware, which infects the victims'
systems. The malware in such an attack targets the user's personal information. Here, it
is also possible for the hacker to take remote access to the infected computer.

Let's now see how we can prevent the watering hole attack:

 Update your software and reduce the risk of an attacker exploiting vulnerabilities. Make sure
to check for security patches regularly.

 Use your network security tools to spot watering hole attacks. Intrusion prevention
systems(IPS) work well when it comes to detecting such suspicious activities.

 To prevent a watering hole attack, it is advised to conceal your online activities. For this, use
a VPN and also make use of your browser’s private browsing feature. A VPN delivers a
secure connection to another network over the Internet. It acts as a shield for your browsing
activity. NordVPN is a good example of a VPN.

Those were the top ten types of cyberattacks. Now, let us walk you through the next
section of our article on types of cyberattacks.

How to Prevent Cyber Attacks?

 5

Although we had a look at several ways to prevent the different types of cyberattacks
we discussed, let's summarize and look at a few personal tips which you can adopt to
avoid a cyberattack on the whole.

1. Change your passwords regularly and use strong alphanumeric passwords which are difficult
to crack. Refrain from using too complicated passwords that you would tend to forget. Do not
use the same password twice.

2. Update both your operating system and applications regularly. This is a primary prevention
method for any cyber-attack. This will remove vulnerabilities that hackers tend to exploit. Use
trusted and legitimate Anti-virus protection software.

3. Use a firewall and other network security tools such as Intrusion prevention systems, Access
control, Application security, etc.

4. Avoid opening emails from unknown senders. Scrutinize the emails you receive for loopholes
and significant errors. 

5. Make use of a VPN. This makes sure that it encrypts the traffic between the VPN server and
your device. 

6. Regularly back up your data. According to many security professionals, it is ideal to have
three copies of your data on two different media types and another copy in an off-site
location (cloud storage). Hence, even in the course of a cyber-attack, you can erase your
system’s data and restore it with a recently performed backup.

7. Employees should be aware of cybersecurity principles. They must know the various types of
cyber-attacks and ways to tackle them.

8. Use Two-Factor or Multi-Factor Authentication. With two-factor authentication, it requires

users to provide two different authentication factors to verify themselves. When you are
asked for over two additional authentication methods apart from your username and
password, we term it as multi-factor authentication. This proves to be a vital step to secure
your account.

9. Secure your Wi-Fi networks and avoid using public Wi-Fi without using a VPN. 

10. Safeguard your mobile, as mobiles are also a cyberattack target. Install apps from only
legitimate and trusted sources, make sure to keep your device updated. 

These are the tips you must implement to protect your systems and networks from a
cyber attack.

COMPROMISED URL

List of Uniform Resource Locators (URL) Shortners

https://bitly.com/
 6

www.shorturl.at

https://cutt.ly

https://tinyurl.com/app

List of Uniform Resource Locators (URL) Expander

https://urlex.org

https://urlexpander.net

2 step verification

How to set up 2 step verification on Gmail

1. Sign in to your gmail

2. By left hand side click on security or click on your profile (click manage your Google
account follow by security)
3. Scroll down and click 2step verification
4. Click get started
5. Enter your password
6. Click next
7. Input your phone number that has access to text message
8. Choose if you want to be contacted by text or call
9. Input the code that was given as above
10. Then click Turn on

How to set up 2 step verification on whatsapp

In any OS you are using, click either the setting or on the 3 dots by upper right hand side then
setting scroll down to locate two- step verification and follow the directory.

∑ Never accept any code said to be meant for a meeting you never scheduled or have prior
information of being online.
 7

∑ Consider every link as malicious even when they may not be.

∑ Expand every code with utmost carefulness before you click on then, that is if the need be.

∑ Visit websites you trust and familiar with.

∑ Never save your password in any site or system.

Check your browser settings to avoid saving your password on the computer

Password every devise you use.