A cyber attack is a type of attack that targets computer systems, infrastructures, networks or personal computer devices using various methods at hands.
There are many types of Cyber Attacks each capable of targeting a specific computer system for a variety of purposes. The type of Cyber Attacks currently known will be highlighted in this article.
The information in this article will be useful in the Science and Technology segment of the UPSC 2021.
Overview of Cyber Attacks
Depending on the context, cyberattacks can be part of cyberwarfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, society, or organizations, and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyberweapon.
A cyberattack may steal, alter, or destroy a specified target by hacking into a susceptible system.
Candidates can read similar articles from links below:
Methods of Cyber Attacks
There are many ways hackers can exploit, infiltrate or attack a computer system. Some of the well known techniques are given in the data below
Malware is a form of application that performs nefarious activities. Some types of malware are designed to create access to networks, some to spy on credentials while others are simply used to cause disruption
Malwares can be used for extortion as well. An example of it can be found in Ransomware attacks of 2017 where a program was designed to encrypt the victim’s files and then ask them to pay a ransom in order to get the decryption key.
Latest Update about Malware Attacks in India
Mobile Security Report 2021 asserted that mobile malware attacks in India are on rise (845 percent increase) since October 2020.
In Phishing, an attacker tricks an unsuspecting target into handing over valuable information, such as passwords, credit card details, etc.
An example of this is a message regarding One-Time Passwords (OTP). A hacker using a phishing method will send a clickable link where a user can submit their OTPs. Once the link is clicked a hacker will have access to the users personal information.
Phishing is the common form of cyber attack due to its effectiveness and simplistic execution pattern.
Latest Update about Phishing in India
- Indian Computer Emergency Response Team (CERT-In) released a public advisory to alert citizens against all attempts of phishing through fake domains, emails and text messages that promise registration for a jab against the pandemic.
3. Man-in-the-middle attack (MITM)
A man-in-the-middle attack (MITM) consists of a message interception between two parties in an attempt to spy on the targets.
Due to the advent of end-to-end encryption, MITM attacks have taken a dip in frequency of attacks. Such encryptions prevent third parties in intercepting or tampering data transmitted in the network. Whether the network is secure or not is hardly a factor.
4. Distributed Denial-of-Service (DDoS) attack
In a DDoS attack, an attacker floods a target server with traffic that will disrupt it. Since most servers cannot handle it, it may lead to services slowing down on the website and if it eventually crashes.
Unlike standard denial-of-service attacks, DDoS uses multiple compromised devices to bombard the target server, which sophisticated firewalls cannot respond to or are unable to.
Update about Distributed Denial-of-Service attack in India
- In August 2020 the number of Distributed Denial of Service (DDoS) incidents in India hit a record high in terms of total DDOS packets, which were well in excess of 10 billion as per a study by global cyber security firm Radware
5. SQL Injection
This type of cyber attack targets specific SQL databases. These databases use SQL statements for data query. In case permissions are not set properly, a hacker can manipulate SQL queries into changing the data if not deleting them altogether.
6. Zero-day exploit
When cyber-criminals learn of a vulnerability in a frequently used software application they target users and organizations using the software to exploit it until a fix is available. This is called a Zero-day exploit.
7. DNS Tunnelling
A DNS Tunnelling provides attackers with a stable and consistent line of communication to the given target. The malware used will gather information as long as the DNS tunnelling is active. Chances are that firewalls won’t be able detect such an attack.
Update about DNS Tunneling in India
- India saw the highest number of domain name system or DNS attacks in 2020 with 12.13 attacks per organisation, even though the cost of attacks in the country decreased by 6.08% to ₹5.97 crores, said International Data Corporation or IDC’s DNS Threat Report.
8. Business Email Compromise (BEC)
In a BEC attack, hackers target employees who have specific authority to finalize business transactions. They trick them into transferring money into an account belonging to the hacker.
BEC attacks are the most common, if not one of the most damaging attacks for a business firm.
Cryptojacking is used to target a computer in order to mine cryptocurrencies such as bitcoin. The hackers will be able to get all the cryptocurrency they can instead of the original owners. Cryptojacking is not so widely known but its severity cannot be underestimated.
10. Drive-by Attack
A website is loaded with a malware, and when a visitor happens to come across such a website their device is infected with the malware. The malware will steal valuable data or crash the system.
Maharana Pratap:- Download PDF Here
Aspirants can find complete information about upcoming Government Exams through the linked article. More exam-related preparation materials will be found through the links given below