The first and most relational step in responding to an attack incident is to check and find out what type of attack is happening. This is very vital because if we guess wrong in making decisions, the consequences can be fatal.
Before we get into the list of common computer attacks, it is important to know about the type of cybersecurity attacks. Basically, there are 2 types of cybersecurity attacks:
- Passive attacks, passive attacks are the type of attack in which the attackers will only doing some recon and data gathering (or even stealing some data) on the target device.
- Active attacks, active attacks are the type of attacks in which the attackers will do some data modification (create, edit, delete) on the target device.
Without further ado, let’s get started on the list of common attacks in cybersecurity!
In a nutshell, here is the list of attacks that will be explained next:
- Trojan Horse
- Logic Bomb
- Data Modification
- Password-Based Attacks
- Denial-of-Service Attack
- Man-in-the-Middle Attack
- Compromised-Key Attack
- Application Layer Attack
Trojan horse is also abbreviated as a trojan. Is a form of the program (malware) that looks like it’s running normally to perform the functions we want, when in fact it is dangerous. Trojans usually come sneaking up on other software that we install. Worms and computer viruses can be Trojan horses.
A virus is a form of trojan, which is a program that can copy and paste itself into another program, to infect data on a computer without the owner’s knowledge. Computer viruses come in many forms and functions and have cost millions of dollars to computer users around the world. Viruses are constantly evolving from time to time, created by people for various purposes: malicious intent/destruction, profit, hobby, or show off.
At its core, a worm is a program that can duplicate itself. It usually uses a network connection to send a copy of itself to other nodes (computers on the network). All these activities are carried out without human involvement.
Unlike viruses, worms do not attach themselves to other programs. Worms almost always interfere with the network, mainly consuming bandwidth. The virus always corrupts the files on the victim’s computer. Worms are usually spread through the address book of e-mail addresses.
A logic bomb is nothing but a piece of code that is inserted intentionally into a system software so that it can perform erroneous, harmful, or even dangerous functions. For example, a programmer inserts a hidden piece of code that can delete files or data (such as payroll databases or tax reports), which the company is not aware of.
In general, network communications are in an insecure position and format. There are so many opportunities where someone can secretly “peek” or read data packets that go back and forth in a network.
Once the attacker has successfully read the data, the next logical step is to change it. Attackers can modify data without the knowledge of the sender or recipient. Again, the tools often used by attackers for this purpose are trojan programs
A spoofing attack is a situation where a person or a program successfully disguises itself as another person or program by falsifying data to gain access to a system to perform activities that are not their authority.
The most common methods of most security attacks are sabotage and access control. That is, our access rights to a computer or network are determined by our identity, in this case, our username and password.
DoS attacks in principle are attempts to make computer or network resources unavailable to serve users. Unlike password-based attacks, denial-of-service attacks try to prevent users from enjoying computer or network services.
Man-in-the-middle is where someone actively assists, captures, and controls communication between a user and other users who communicate transparently.
As we know, in the context of computer and network security, a key is a secret code or number needed to translate secure/secure information. While trying to obtain the key is a difficult and resource-consuming process, it still has the potential to happen. After the attacker obtains the key, the key is referred to as a compromised key.
A sniffer is a type of application/device that can read, monitor, and capture data exchange in a network. If the data packet is not encrypted, the sniffer can easily read and reveal all the data it gets.
Application layer attacks are usually targeted at application servers. Attacks intentionally cause errors to the operating system or application server. This causes the attacker to gain the ability to bypass normal access control. From this situation, the attacker takes many advantages: gaining control over applications, systems, or networks.
Sometimes administrators get the wrong idea of what’s going on. A small activity, he thought was normal. Though it could be a great attack action. Therefore, knowing the types and indications of attacks is important for every administrator to master.