Cyber criminals are always in search of finding loopholes in the system to maximize their chances of making the attack successful. In this modern age the cyber-attacks are increasing day by day. Not just normal users but also big corporations are not totally protected against cyber-attacks. Some of the most common cyber-attacks known so far are as following,
Ransomware
One of themost common types of cyber-attacks is ransomware. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. Usually, the victim’s system data is encrypted. Then thevictim is demanded to pay some amount in form of crypto to get the key. With the help of the key, the data can be decrypted.
Malware
A malware describes a malicious software which changes the functionality of a computer or IT system. It includes viruses, worms, spyware, adware etc. The attacker either tries to block access to the system, installs a malicious software or covertly obtains information from the system which can cause serious harm.
Phishing
Phishing is conducted through either Emails or SMS. The attacker pretends to be sending an email or SMS from a reputable source which has a malicious link in it. When the user clicks on it then the victim’s sensitive credentials are sent to the attacker.
Because of COVID-19 pandemic, a surge in phishing attacks has been observed because a lot of people are shopping online, and the attackers are trying their best to fool innocent people in clicking malicious links.
Man-in-the-middle attack
Man-in-the-middle attack occurs when the victims are communicating through an insecure channel. The attacker can perform three different types of attacks.
First possibility: The attacker can eavesdrop on the line. This will violate the protection goal confidentiality because the personal data will be available to the attacker.
Second Possibility: The attacker can manipulate the line. This will violate the protection goal integrity because the data either sent or received by the victims can be manipulated.
Third possibility: The attacker can cut the line. This will violate the protection goal availability because the people communicating with each other will not be able to continue their communication.
Man-in-the-middle attacks can be prevented by using HTTPS protocol which provides a secure communication.
Denial-of-service attack
In denial-of-service attack the attacker bombards the system or server with unlimited number of requests. Consequently, the system or server become busy and cannot handle legitimate load of requests.
Zero-day exploit
In zero-day exploit the attackers try to exploit system’s vulnerabilities. This type of attack requires constant awareness to minimize its impact. The main aim of attackers is usually to compromise as many system integral parts as possible, before the actual vulnerability can be identified by the company or organization.
