Cyber-attacks 101: what are they, their motives, and real-life examples.

In my attempt to understand the world of cybercrime, I decided the best place to start is understanding the most common types of attacks — how they work, what the motivations are behind each attack, and review some real-life situations involving them.

So, let’s start out by defining what a cyber attack is. The National Institute of Standards and Technology defines a cyber attack as “an attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.”

Simply put, a cyber attack is an attack that takes place via technology, like the internet or mobile phones, for the intent of stealing and manipulating information or for financial gain. It can be perpetrated by an individual or, in some cases, a state-sponsored agency.

Here are the five most common types of cyber-attacks.

1. Malware.

According to CSOonline.com, Malware is a type of software that breaches a network through a weak spot — think clickbait or an email attachment — that installs software that hackers can then use to access sensitive information. If you’ve heard of terms like viruses, trojans, or worms, these are all types of malware, each with their own distinct personality, or way of infecting a computer.

One example of malware is called spyware. Spyware’s purpose is gathering data (passwords, usernames, email addresses) from the infected device without the owner knowing. Another example is Ransomware. As the name so subtly hints at, this malware essentially encrypts your computer’s files and demands payment in exchange for your information.

In 2020 alone, the US has seen 140 ransomware attacks, with October having the highest number of attacks ranging from whole counties, multinational companies, hospitals, and a gaming equipment supplier.

In March of 2020, an app called CovidLock was launched as “a new type of ransomware attack” that, once installed, encrypted user data and demanded the user pay a ransom to regain access.

2. Phishing.

Phishing is one of the more common and easier forms of cyber attacks and continues to be one of the easiest for the average person to fall for. Typically carried out through email but becoming more and more common over phone calls, social media, and messaging services, the goal is to trick the target individual into giving over whatever the hacker wants. Those phone calls telling you that your social security number has expired is a phishing scam to gain personal information.

Phishing scams can be as simple as a phone call asking for information to larger-scale attempts by state-backed groups targeting opponents of a presidential election.

One of the more recent and notorious phishing attacks was in 2016. As The Guardian reports, the US Democratic National Convention received numerous phishing emails from Russian government hackers — one of those emails was sent to John Podesta, the chairman of Hilary Clinton’s campaign requesting that he reset his password. The attack gave the hackers access to almost 60,000 personal emails that were then leaked to WikiLeaks, and used by the Trump campaign as amo against Hilary Clinton.

3. Man-in-the-middle attack (MitM attack)

A Man-in-the-middle attack is the technological version of eavesdropping or secretly listening in on a conversation. But rather than listening, the hacker has put themselves between you and a conversation with your friend or a real-time transaction. This process allows the attackers to intercept, send, and receive data. The motive behind this type of attack can range from intercepting log-in information to stealing bank account information and money.

According to InternetSociety.org, in 2019, when users of mobile service providers in Kazakh tried to use the internet, they were sent a text message telling them to download a government-issued app to continue using the internet. The installed program manipulated the trust of the internet and secured sites by showing up as encrypted and secure when, in reality, the sites were not secure.

4. Denial-of-service attack or Distributed denial-of-service attack (DoS or DDos attack)

In essence, this attack looks like a Black Friday crowd trying to get into a store, but rather than a brick-and-mortar store, the intended target is high-profile web servers (banks or credit card payment sites). The attack’s goal is to disrupt trade by flooding the server or network target with excess requests.

In June 2019, the German app Telegram was the victim of a DDoS attack during the Hong Kong anti-extradition protests. The goal of the supposedly China state-sponsored attack was to prevent protestors from coordinating movements during the demonstrations.

5. SQL injection (SQLI)

According to the website Learn to Code With Me, SQL, or Structured Query Language is the standard language that databases use to communicate. An SQL injection happens when an attacker inserts code into a Web input box (or search box) that forces the server to give up information or allows the attacker access to make changes. The motive behind these attacks is to gain access to data like intellectual property, personal information, or company data.

This type of attack occurred in 2014 when hackers used an SQL injection to leak the information of over 20,000 Bell Canada customers. The information leak included usernames and passwords, email addresses, and credit card details. For those that don’t know, like me, Bell is Canada’s largest telecommunications provider, providing everything from mobile and home telephone services to internet access.

There are many other types of cyberattacks, but these are the most common and the ones to be alert to in your daily life.