6 types of cyber attacks that threaten the cybersecurity of your company

Published in

GreyWizard

3 min readJan 9, 2018

The development of threats is included in the development of technology, and the business enters the risk of a cyber attack, data leakage or theft of the website content. Hacker attacks make a serious threat not only for large companies, but also for small and medium-sized business. In the US, as much as 43% of all security incidents are targeted at small businesses.

We present a list of the six most common types of cyber attacks that can paralyze the operation of your business.

1. Malicious software (Malware)

It’s all kinds of applications and scripts that have injurious effects for the computer and its user. After making access to the network, malicious software in the form of a virus, Trojan horses, worms and ransomware (so-called blackmail software that demands a ransom for access to data) is designed to inflict damage, block access to data, and even take control of computer.

Antivirus program is able to detect and block some types of threats. However, the most important thing is to be watchful when browsing websites and e-mails.

2.Phishing

Phishing is a method of fraud, which consists in impersonating a criminal to another person or institution. This type of cyber attack is aimed at phishing certain information such as login details, personal data, credit card details or other sensitive data.

Phishing attacks are becoming more and more advanced and use sophisticated social engineering methods. Most often, hackers try to force the recipient to disclose data under the threat of blocking or losing an account if the required actions are not met.

3. “Man in the middle” (MITM)

A “man in the middle” attack means that a hacker who attacks a system breaks into two-way communication and secretly takes their place between them.

A cybercriminal, impersonating the opposite pages (eg bank’s website, e-mail), mediates in exchanging all messages. Hacker impersonates for other people and intercepts all sensitive data.

4. Distributed Denial of Service (DDoS)

DDoS attacks consist of flooding servers with so many information or tasks (from tens or even hundreds of thousands of computers from around the world) that they can not be processed and fail.

As a result, the server is unable to respond to this amount of requests, which leads to exhaustion of available resources and interruptions in the operation of the system.

To carry out a DDoS attack, most often computers are used, which were previously controlled by infecting them with malicious bots or Trojans.

Denial of service attacks are a common method of hacking. You can buy them online for as little as $5. The best way to counteract DDoS attack is protection against that kind of attacks, which monitors network traffic, analyzes any changes in this traffic and if it detects any vulnerability, it is able to block traffic recognized as injurious.

5.Cross-site scripting (XSS)

Unlike other attacks, XSS (cross-site scripting) attacks are performed on the browser side. This is an attack on the client of a vulnerable web application. It threatens the application itself and data on its side. It consists in injecting a code fragment of the script language into the browser (eg JavaScript or VBScript), which can be run in the browser and its execution.

The effect of this action is that the hacker has the ability to execute arbitrary code in the browser. The cybercriminal, by stealing cookies, will be able to take over the victim’s logged session or replace the content of the website.

6.SQL Injection

SQL Injection (SQLi) is a cyber attack method that injects additional procedures into an SQL query that is generated by the application and transferred to the database.

Originally published at greywizard.com.