There are several types of cyber attacks that compromise the security of an information system and many of them are intended to steal the information of the attacked, whether they are users, web pages, companies, banks, among other objectives. The way in which the cyberattack is carried out will depend on the security that the cybercriminal faces and their experience as hacker and, although the vast majority choose to insert malware into the victim's device, there are several other ways to get hold of it. the precious treasure of information.
In our Master in Cybersecurity Management, Ethical Hacking and Offensive Security, you will learn the details of cybersecurity professionals. These are the 7 most prominent types of cyber attacks:
1 Man in the Middle
The concept of this attack, as the name “man in the middle” indicates, is very simple. The attacker places himself between his target and the source of the data to steal the information, impersonate it or intercept it and impersonate it.
The most common method of carrying out this attack is by configuring a router or computer as a Wi-Fi network, naming it as if it were a public network (library, hotel or cafeteria). It then waits for the victims to connect to its network and start browsing to capture their passwords.
2 BackDoor
As its name indicates, it is a “back door” through which cybercriminals They can take full control of the team. They will be able to send and receive files, install new applications, delete data, steal information and even restart the computer.
The reasons why a “backdoor” exists may vary, it may have been created by the developer himself, because it was created when installing a program or due to some vulnerability in the system.
3 Phishing
In this type of attacks, cybercriminals send emails impersonating well-known companies such as Amazon, Netflix or banking companies, among other possibilities. for like this gain user trust and thus make you download the file that has the attached email or click on the link to redirect you to a fake website and steal your credentials.
You have a very clear example in this post «Don't open Trump's video, it's a trap» from a few days ago.
4 Ransomware
It is a type of malware that blocks the infected user's computer, preventing access to your system or files and usually requiring the payment of a ransom to free the computer.
Among all types of cyber attacks, ramsonware is very well known and we have already talked about it previously in our article «Failed ransomware attack on ENDESA«.
5 DDOS ATTACK
The DDoS attack basically focuses on blocking websites or online services with the high traffic injection with the purpose of stop working and being available to users. The target of a DDoS attack can be, for example, a company mail server
6 SQL Injection
In this attack, the cybercriminal “injects” SQL instructions into the victim's database with the intention of manipulating the database at will. They could modify the results of our queries, falsify data, identities, get any information of the DB (passwords, emails or addresses), delete it, change the name of the tables, anything that comes to mind.
7 Malware Attack
The definition of Malware is “malicious software” and it fits perfectly, it is a program that is installed on our system, whether mobile phones, tablets or PCs, and whose purpose can range from spying on us to trying to get money from us with some type of blackmail as in the case of Ransomware. In the article "Malware in times of Covid» we go into detail about this type of attack.
We must keep in mind that a malware attack would not work without us, I have always said that the best antivirus is common sense, the malware can come wrapped in a program downloaded from an unsafe website, as an attachment in an email or as a gift on a borrowed pendrive, for example. If it is not executed, the malware would not be installed and would come to nothing.
