Blog / Common Cyber Attacks You Should Know About
If you’ve ever overheard computer experts talking amongst themselves, then you know it can often seem like they are speaking a different language. The world of computers has always been a hotbed of acronyms, abbreviations, and strange names. Sometimes there’s a clever joke involved, like how the acronym GNU which stands for “GNU’s Not Unix!” references itself. Other times the name is just so long it’s a painful mouthful demanding an abbreviation, like how “What you see is what you get” gets shortened to WYSIWYG (which is pronounced Wizzywig and is fun to say). It’s easy to get lost with all these shenanigans. It’s important to understand technical language and jargon so you can understand your technicians. That’s why, from a cyber security perspective, I figured it was time to talk about a few of the most common cyber attacks, what they actually are, and how their abbreviations (if they have one) relate back to the attack itself.
Denial-of-Service/Distributed-Denial-of-Service (DoS/DDoS)
Denial-of-Service attacks prevent legitimate users from accessing a particular service, whether it’s a webpage, VPN login, email, or virtually any other service. In this way, DoS attacks are perhaps the most aptly named, since that’s exactly what they do. The most common DOS attack is a flood of traffic that simply overwhelms the target servers with requests. A distributed DOS (DDoS) attack is use the exact same principle (overload and crash servers so a service is taken offline) but originates from multiple locations (hence the addition of “Distributed” to the name).
Man-in-the-Middle (MitM)
Communications between computers don’t just have a source and a destination. There’s almost always at least one device traffic must pass through to reach its target. Those intermediate devices are supposed to play nice and just look at the traffic destination and send it on its merry way. When one of those intermediary devices starts making changes to it, they are performing a Man-in-the-Middle attack. These attacks are just one reason why encryption is so important; intercepting and editing unencrypted traffic using an MitM attack is a trivial affair.
Phishing and Spear Phishing
Phishing occurs when attackers impersonate an organization or its representatives in an attempt to harvest valuable information. It most commonly seen in email or text messages encouraging the recipient to follow a link or expose credentials like their username and password combination, but social media chats are another common attack vector. It’s called a phishing attack because the hacker is “fishing” for information, but the f has been replaced by the ph as a callback to a similar old-school phone attack called “phreaking.” Phishing attack are usually intended to harvest credentials, but they can also deliver malware or be used for any number of other possibilities. Spear phishing is just a targeted version of phishing.
Drive-by
During a drive-by cyber attack, bad actors look for insecure websites and modify them. They can replace a download with their own payload, inject some malicious code, or redirect people to an entirely different website than intended. Anyone visiting this website becomes a target of opportunity, much like a drive-by shooting.
SQL injection
Structured Query Language (SQL) is commonly used to enter and retrieve information stored in a database. Unfortunately, sometimes a database interface like a website or application assumes innocent intentions for users. Exploiting such an assumption can lead to hackers entering data that either returns all the information in the database (potentially compromising user accounts, passwords, credit card numbers, or sensitive data etc.), erases everything in the database, or even potentially delivers malware.
Cross-Site scripting (XSS)
Cross-Site Scripting is used by hackers to trick browsers into executing code that doesn’t actually exist on the site you’re visiting. Instead, hackers are running scripts inside web applications to deliver malicious payloads. They also differ from other common cyber attacks in that they target web application users directly, rather than the host. If your organization is running a web application that displays content from users or untrusted sources, it’s imperative you have proper validation measures to keep the bad guys from hijacking your application.
There are other common cyber attacks but this list reflects the ones that either have odd abbreviates or odd names. Understanding what technicians and news outlets are talking about will help you understand the situation and refocus your own defenses to better defend yourself. Of course, if you have any questions about common cyber attacks, please reach out to your TRINUS account manager.
I’ll pull a bit out of Hamlet to give you a bit of Shakespearean culture for this week’s newsletter: “The violence of either grief or joy, their own enactures with themselves destroy.”
Be kind,
Courtesy your friendly neighbourhood cyber-man.