您的 IP 地址: 未知 · 您当前的状态: 受保护未受保护的未知
博客 In Depth

What is a cyber attack?

Everyday, people, organizations, and even states are hit by malware, phishing, DDoS, and countless other types of cyber attacks. And while no one thinks it will happen to them, cyber attacks can be disastrous for anyone.

Sybil Andrea

Sybil Andrea

Jul 17, 2020 · 4 min read

What is a cyber attack?

Exposed sensitive information, drained bank accounts, and stolen identities are just a few of the terrifying consequences of a cyber attack. But there are ways you can protect yourself, and knowing what's out there can help you stay safe. So let's take a look at how they work, what the most common cyber attacks are, and how to protect yourself.

Cyber attack definition

So what is a cyber attack? It's a broad term for cybercrime that covers any deliberate assault on computer devices, networks, or infrastructures. It can be carried out by an individual — like a hacker — or an organization and can target people, organizations, or even countries (this is called cyber warfare).

Types of cyber attacks

There are countless types of cyber attacks, but before getting to the most common ones, let's take a look at how they are carried out. They're broadly classified into 4 types of cyber attacks:

  • Passive attacks — usually non-disruptive operations where the perpetrators try to conceal their activities so the target never knows they happened in the first place. Passive attacks are usually used to collect or steal sensitive information in cyber espionage.
  • Active attacks — these are typically aggressive offensives meant to disrupt or destroy personal devices, networks, or even whole infrastructures. These types of assaults can target individuals, organizations, or even countries.
  • Insider attacks — as the name suggests, these types of assaults are carried out by someone who already has authorized access to the systems they're targeting.
  • Outsider attacks — outsider attacks are executed by those outside the perimeter they're attacking. Outsiders can range from petty criminals to hostile states.

Now let's take a look inside a cyber attack. While this barely scratches the surface of what's out there, it covers some of the most common ways cybercriminals do their dirty work. Here's a list of types of cyber attacks that are quite popular:

  • DDoS attack. A distributed denial of service is an internet cyber attack designed to disrupt a service, server, or network by overwhelming it with online traffic. It overwhelms the target using a network of infected computers, so the service can't accept any legitimate traffic. These types of attacks can slow service to a crawl or take it down entirely.
  • Malware. Malware is an umbrella term for any malicious software designed to harm or otherwise take advantage of whoever runs it. It can range from software that secretly collects information about the victim or bombards them with annoying ads, to encrypting and holding the user's data for ransom.
  • Social engineering attacks. A social engineering attack tricks the user into revealing sensitive data, installing malware, or transferring money to the perpetrator. Cybercriminals usually fake websites and messages, impersonating trusted figures such as bank officials or websites to manipulate the mark to carry out actions against their interests.
  • Man-in-the-middle attack. During a man-in-the-middle attack, the criminal intercepts communication between the user's computer and the recipient like an app, website, or another user. Then, the attacker can manipulate the communications and obtain the victim's exposed data.
  • Zero-day exploits. Zero-day exploits target vulnerabilities in software or networks before patches have been released.
  • Cross-site-scripting. This attack inserts a malicious script into an otherwise trustworthy website to collect its users' private data. Usually, it does so by recording the information the victims are typing into the website's login fields.
  • SQL injection. A Structured Query Language injection tricks a website into interpreting malicious SQL code as actionable. This way, perpetrators can get the site to turn over information that would otherwise be confidential.

Cyber threats prevention

Cyber attacks can be disastrous — as these cyber crime stories show. And while it may seem that cyber threats are lurking around every corner of the internet, there are some things you can do to protect yourself.

Use antimalware. Antimalware is the first line of defense against malicious software. It will protect your device, and it will help mitigate the damage if it does get infected.

Keep your software up to date. Software updates aren't just about getting new features on your app. They also contain crucial vulnerability patches that could otherwise be abused by criminals.

Avoid public Wi-Fi hotspots. Criminals love public hotspots. Weak security and plenty of victims to choose from make everyone connected to it an easy mark.

Use a VPN. There are scenarios where using public Wi-Fi is unavoidable. That’s when VPNs shine. They encrypt your internet connection so no one can eavesdrop on your online activities.

Limit information about yourself online. Your birth date or the name of the city you grew up in can be invaluable to criminals. The more information they know about you, the more ammunition they have when trying to trick you (or answering security questions).

Use browser extensions for security. There are plenty of browser extensions designed to protect you online. From ad blockers and anti-trackers to malicious website blockers, there's a lot to choose from. To make sure you get the right plugins, check out our browser extension recommendations to improve your security.

Only download apps from reputable sources. Try to download apps exclusively from secure channels like official app stores. The apps there undergo rigorous checks so they are less likely to contain hidden malware.

Don't click unfamiliar links. When it comes to social engineering attacks, keeping a cool head is vital. Before clicking on the link offering you to make a quick buck, consider whether it doesn't sound a bit too good to be true. If it does, it's probably a scam. If you absolutely must, hover over a link with your mouse before clicking on it.

Start protecting yourself against cyber attacks today. Get NordVPN now.