Cyber attacks, like most aspects of the digital world, are constantly evolving in nature but there are certain types of attacks that remain ever popular. Because of this, cyber security training is seen as a worthwhile investment by most businesses as the cost is eclipsed by the damage a cyber attack would inflict.
Cyber security training aside, knowing what the most common threats are can also help prevent becoming the victim of one of these attacks. Although not an exhaustive list, here is an overview of the most common types of cyber attacks you need to be aware, both at work and at home.
Denial-of-service and distributed-denial-of-service attacks both work by overwhelming a system with incoming traffic from multiple sources until the system can no longer cope. By overloading the network source or targeted machine Dos and DDoS attacks prevent the systems from fulfilling legitimate requests, something which can greatly impact e-commerce businesses online banking platforms, and other organisations which rely on an internet connection for the business to function and for customers to be able to use the service they provide.
The difference between DoS and DDoS attacks and other cyber security threats is that the attackers have nothing to gain from it unless the leverage the denial of service for financial gain, or use it to facilitate another form of attack.
Ransomware is a form of malicious software that effectively holds either files or access to your entire computer hostage and demands payment in return for granting you access. The two most common forms of ransomware attacks are lockscreen and encryption. Lockscreen ransomware prevents you from access your entire computer while encryption ransomware, as the name implies, encrypts files on your hard drive – and shared network drives in the case of businesses – preventing any users from being able to open these.
Despite having been around for decades, phishing scams are still one of the most common cyber security threats, affecting hundreds of thousands of individuals and businesses each year. The reason why phishing scams are still so successful relies on their simplicity and the fact that many of us wouldn’t think to look twice at an email which lands in our inbox. Masquerading as messages from known contacts or trusted sources, phishing emails will often ask for personal information or trick a user into downloading malware either through a malicious attachment or by clicking on a link.
SQL injection attack
With the increasing number of database-driven websites, SQL injection attacks are now a common form of cyber attack. This form of cyber attack uses a code injection technique to exploit vulnerabilities in software and is a threat to any form of database programmed using the SQL language.
Accounting for 51% of attacks in the second quarter of 2017 – according to a report by content delivery network provider Akamai – highlighting just how popular this form of cyber attack is.
Should a database be compromised by an SQL injection attack, hackers will be able to not only read sensitive information but also modify data, set themselves as a database administrator, and render all data on the system unavailable to other users.
Password reuse is a form of cyber attack that relies on the assumption that most individuals use the same email and password combination across multiple different accounts and platforms. Unfortunately, hackers are right in this assumption as many of us use one password across all of our accounts, despite being frequently warned about the potential cyber security risk this creates.
Cybercriminals need to only hack one website database in order to gain access to user credentials. Then, they simply attempt to use your email and password on other platforms to check if they gain access to your account. Considering how many businesses and individual use online banking, money transfer sites, and other similar platforms which contain sensitive information, password reuse can have major consequences.