Cyber Attack
Published Sep 21, 2022Updated Sep 7, 2023
Contribute to Docs
Cyber attacks are attempts to disrupt or disable computer systems or steal valuable data. They will usually result in a violation of one of the principles of the CIA Triad:
- Confidentiality
- Integrity
- Availability
Cyber attacks can compromise sensitive data, including:
- Personal information such as social security numbers, government-issued documents, or medical information.
- Financial information such as credit card numbers and bank account numbers.
This can lead to consequences like identity theft, which is time-consuming, frustrating, and expensive to resolve.
Types of Cyber Attacks
There are several types of cyber attacks. Some of the most common include:
- Malicious software like malware that can spy on someone unnoticed (spyware) or hijack entire systems (ransomware).
- Phishing scams where an email, text, or link could trick a user into sharing sensitive, private information.
- A “man-in-the-middle” (MitM) attack where the attacker intercepts a connection between multiple users.
- Distributed Denial of Service (DDoS) attacks that overload a system’s resources and bandwidth.
- SQL injections that corrupt or collect data from servers and databases.
- Zero-day vulnerabilities that exploit software vulnerabilities before they’re patched.
- DNS tunneling that hides and removes the data of other programs in DNS queries and responses without being detected.
Preventing Attacks
Organizations and individuals can and should take steps to prevent cyber attacks.
- Along with self-directed learning, organizations should educate employees on common cyber threats, including phishing and social engineering.
- Perimeter defenses, such as firewalls, should be installed and kept up to date.
- State-of-the-art antivirus software and malware detectors should be in place and continually updated to address threats.
- While patch management might seem tedious, it can help prevent vulnerabilities from being exploited.
- Strong user authentication and authorization practices, such as strong passwords and multi-factor authentication, should be utilized.
- Businesses should especially have a response plan to deal with security breaches.
Cyber Attack
- Cross-Site Scripting (XSS)
- Cross-site scripting is a common cyber attack where an attacker embeds malicious code on a trusted website in order to trick a user into executing it.
- DDoS Attack
- A Distributed Denial of Service(DDoS) attack occurs when resources from multiple online locations are leveraged to harm the online operations of an organization.
- Phishing
- Phishing is a form of fraud, which aims to trick users into sharing sensitive information or personal data or downloading malware.
- Spear Phishing
- Spear phishing is a type of social engineering scam that attempts to trick the recipient into providing confidential information to the attacker.
- SQL Injection
- SQL injection is a technique used to inject malicious code into a database.
- Supply Chain Attack
- A supply chain attack targets the software or hardware supply chain of an organization in order to access or gain control over their systems.
Contribute to Docs
- Learn more about how to get involved.
- Edit this page on GitHub to fix an error or make an improvement.
- Submit feedback to let us know how we can improve Docs.