Most common cyberattacks
Most common cyberattacks

If all the people moved to the city, what would the thieves do in village?
With increasing digitisation, cyber attacks have seen a rise in the graph too. Studies show that every 14 seconds, one ransomware attack happens in the world. Digital crimes devour anyone and everyone, from Fortune 500 companies to your clueless neighbours. It is high time that you know what these attacks are made of and how they are carried out.

1. Denial of service:

How would you feel if someone denied you entry into your own house? This is what DoS looks like. It can be of 3 types:

  • Ping of Death
    A web server can be ‘pinged’ by sending an ICMP packet that would generate a response. But your web server can only handle so much. If someone overloads it by sending oversized packets then it will crash, freeze or be rendered useless.
ping of death
  • TCP SYN attack
    It is similar to ping of death. The only difference: attacker sends continuous TCP (not ICMP) requests to overwhelm and time out the server.
TCP attack
  • Smurf attack
    Imagine getting bombarded with parcels you didn’t ask for. Soon, you’ll run out of space in your living room. Similarly, the attacker sends a large number of ICMP requests to your server and tricks it into thinking that YOU are the one who requested them. So guess who is gonna get bombarded with the responses now?
smurf attack
  • Botnet (Distributed Denial of Service attack)
    A DoS attack could be used to prepare you for another attack like turning you into a robot for the attacker. Now a group of these victims-turned-puppets make up the botnet which could be used for carrying out other DoS attacks.
botnet

2. Man in the middle:

How would you feel if someone eavesdrops on you and your friend talking about your anxiety for desserts? Well, this is how MITM works. Computers communicate like this:

 

You: Hey, I want to access my account.
Facebook server: Give me your credentials, will you?
You: Ofcourse, it is ****
Getting the gist? MITM attack is of two types:

man in the middle
  • Session hijacking
    Imagine the attacker eavesdrops on this communication and then has the guts to disconnect YOU from the equation (using DoS etc.). And the poor Facebook server is tricked into believing that it is still talking to you because the attacker is now wearing your mask (using your IP address).
Session hijacking
  • Session replay
    It is similar to hijacking. The difference is that here the attacker eavesdrop and gets your authentication tokens and then later uses those to start a conversation with the server.
Session replay

3. Phishing:

Phishing is simple. You get lured by a bait. And end up sharing your sensitive data.

 

how phishing email works

Net Phishing
Spear Phishing
Whale Phishing
Net PhishingAttacker sends a malicious mail/message to a large pool of people and wait for whoever gets tricked by the scheme.
Spear PhishingSame but here attacker targets a particular person.
Whale PhishingAlso same, but here attacker targets the big fish like CEOs, CFOs etc.

4. Drive by attack:

Ah, the drive by! Have you ever opened a website or a mail which either led you to another website or downloaded something without your permission?
That’s how drive by attacks take place. Attackers take advantage of faulty websites or outdated OS and use them to download a malware on your device.

5. Password attack:

Not gonna waste your time explaining this. It is of two types:

password attack
Brute force
Rainbow Tables
Brute forceImagine someone trying out every possible key to unlock your door. This takes time, but it is possible.
Rainbow TablesSince all passwords are encrypted, attackers used encrypted versions (hashed passwords) to unlock your account. Using rainbow tables (precompiled hashed passwords) and GPU speeds up the attack process.

6. SQL injection:

Let’s continue the previous conversation:

You: Hey, I want to access my account.
Facebook server: Give me your credentials, will you?
You: Ofcourse, it is admin and password is admin.
Facebook server: Thanks. I’ll get back to you in a second.

Facebook server: Hey DB, can you pull out the data for user= ‘admin’ whose password is also= ‘admin?
Facebook DataBase: Sure can!

This is an SQL query. Only when these two conditions are fulfilled, the DB will return with the data (*).
An attacker can insert a command here that fulfils the conditions for example, 1=1 and retrieve data about you from the database.

Authentication Bypass example:

SQL injection
Initial Unsanitized Query used by website
Select * from users where username=’admin’ and password=’admin’;
SQL injection (Magic Input)
admin’or’1’=’1 
Modified Query after injection
Select * from users where username=’admin’or’1’=’1′ and password=’admin’or’1’=’1′ ;

SQL injection can be union based, error based or blind based(time and boolean).

7. Cross site scripting (XSS):

This is best explained step by step.

1. An attacker finds a vulnerable web page.
2. (S)he injects the payload (part of malware) in the webpage’s Java script.
3. You open the webpage.
4. You receive the payload with it.
5. Your browser executes the script.
6. It sends your cookies to the attacker.
7. He uses your cookies to session hijack you.

It is of three types:

  • Reflected
    When the injection is entered in the user’s request to get a response from the server.
reflected XSS
  • Stored
    When the injection is permanently stored in the website’s database and makes its way to the victim’s system.
stored XSS
  • DOM based
    DOM is a special case of Reflected XSS where the injection is stored in the Document Object Model of victim’s browser.
DOM based XSS

8. Malware:

Malicious+software that gets downloaded to damage your system. Duh!
Malware can be of following types:

Virus
Trojan
Worm
Spyware
Ransomware
Rootkit
VirusIt attaches to a piece of code and infects your applications and files. (Usually spreads via emails or USB.)
TrojanLike the Troy story, it comes hidden in a useful program and then attacks your system.
WormIt crawls into other computers on your network by sending a copy via email.
SpywareIt spies and steals sensitive information about you. 
RansomwareSimilar to kidnapping, it blocks your access to your own data (by encrypting it) and asks for a ransom in return.
RootkitIt infects your device at the kernel level and gives control of your computer to the attacker.

9. Eavesdropping:

When someone is listening to you transferring information over the network, like your credit card details or your passwords, it is called eavesdropping attack. Two types of this are:

Passive
Active
PassiveAttacker steals data by listening to the messages being transmitted.
ActiveAttacker steals data by pretending to be a trusted party and requesting information from the transmitter. For eg. probing, tampering etc.
eavesdrop

Now that you have a working understanding of all the major cyber attacks, you can go one step further and try ethically hacking your system to find out loopholes.

Tell us if you would like us to cover any other attacks in the comments below. We will get back to you ASAP!

 

Read more. Know more. Grow more.

Learn cybersecurity inside out

0 Comments

Leave a reply

Your email address will not be published. Required fields are marked *

*


©2020 Tech Brewery. All Rights Reserved.

Log in with your credentials

or    

Forgot your details?

Create Account