Types of Cyber Attacks
Types of Cyber Attacks
Types of Cyber Attacks
We are living in a digital era. Now a day, most of the people use computer
and internet. Due to the dependency on digital things, the illegal computer
activity is growing and changing like any type of crime.
Web-based attacks
These are the attacks which occur on a website or web applications. Some
of the important web-based attacks are as follows-
1. Injection attacks
It is the attack in which some data will be injected into a web application to
manipulate the application and fetch the required information.
Example- SQL Injection, code Injection; log Injection, XML Injection etc.
Passwords.
Credit card details.
Personal user information.
XML Injection:
XML (Extensible Markup Language) is a markup language used to store
and transport data. It is designed to be self-descriptive and allows users
to define their own tags, making it highly customizable. XML is commonly
of service, and other potential risks to the application and its users
2. DNS Spoofing
When you type a domain name into your web browser, your computer
sends a request to a DNS server asking for the IP address associated with
that domain name. The DNS server then looks up the IP address and sends
it back to your computer, allowing you to connect to the website you want
to visit.
In above image –
1. Request to Real Website: User hits a request for a particular website it
goes to the DNS server to resolve the IP address of that website.
2. Inject Fake DNS entry: Hackers already take control over the DNS server
by detecting the flaws and now they add false entries to the DNS
server.
3. Resolve to Fake Website: Since the fake entry in the DNS server redirect
the user to the wrong website.
3. Session Hijacking
An internet user logs into an account as normal. This might be their online
bank or credit card account, an online store, an application, or portal. The
application or website installs a temporary session cookie in the user’s
browser. That cookie contains information about the user that allows the
site to keep them authenticated and logged in and to track their activity
during the session. The session cookie remains in the browser until the user
logs out (or is automatically logged out after a set period of inactivity).
What is a session?
4. Brute force
It is a type of attack which uses a trial and error method. This attack
generates a large number of guesses and validates them to obtain actual
data like user password and personal identification number. This attack may
be used by criminals to crack encrypted data, or by security, analysts to test
an organization's network security.
5. Dictionary attacks
This type of attack stored the list of a commonly used password and
validated them to get original password.
follows-
1. Virus
2. Worm
3. Ransomware attack
4. Malware