Cyber Attack Cheat Sheet Infographic
Cybercrime is the fastest kind of crime growing in the United States. $1.5 trillion of revenue was generated in 2018 by criminals relying on cybercrime. It is estimated that over 4 billion records were exposed to hackers in the initial months of 2019. By 2021, Cybercrime is expected to cause damage totaling US$21 trillion.
It is difficult to prosecute hackers legally. Most of the time the victim and attackers live in different jurisdictions. When dealing with other nations, the paperwork and the formal processes take a toll. Most victims do not know where to start and never do anything, leading to under-reported statistics.
In the case of cyber attacks, prevention is the best option. Securing the networks, data, and devices from attack requires knowledge of how these different kinds of hacks work.
To help you understand the different types of cyber attacks, we have outlined several of them below and replicated that into a downloadable Infographic that you can share. An embeddable format is also provided so that you can embed this on your website and blog.
Everything you wanted to know about Cyber Attacks that you were afraid to ask, in one Infographic
Everything you wanted to know about Cyberattacks
Types of Cyber Attacks
- Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attack
- Man-in-the-middle (MitM) Attack
- Phishing Attack
- Drive-by Attack
- Password Attack
- SQL injection Attack
- Cross-site scripting (XSS) Attack
- Eavesdropping Attack
- Birthday Attack
- Malware Attack
- Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attack
How does a DoS and DDoS attack work?
A denial-of-service (DDoS) attack is a cyberattack that paralyzes a network’s resources so that it cannot respond to user requests. The services become unavailable or unresponsive to the end-user temporarily or indefinitely.
What sub-categories does a DoS and DDoS attack have?
TCP SYN flood attack: The attacker overflows the requests to the target server to consume enough server space, which can lead to the system becoming unresponsive.
Teardrop attack: This attack sends packets that overlap one another. The attacked system attempts to reconstruct packets but fails. The target system then becomes confused and crashes.
Smurf attack: The attack spoofs a target IP and causes multiple IPs to respond to the intended target. The target IP is saturated and slows down or crashes.
Ping of death attack: This type of attack uses IP packets to ‘ping’ a target system with a packet size over the maximum of 65,535 bytes. IP packets of this size are not allowed, so attacker fragments the IP packet. Once the target system reassembles the packet, it can experience buffer overflows and other crashes.
Botnets: Botnets are the millions of already compromised systems around the world with infected malware under the hacker’s control. They are then instructed to carry out DDoS against the target systems, often overwhelming the target system’s bandwidth and processing capabilities.
How can you protect yourself from a DoS or DDoS attack and its sub-categories?
TCP SYN flood attack: Place the servers behind a firewall and stop inbound SYN packets Teardrop attack: Disable SMBv2 and block ports 139 and 445 Smurf Attack: Disable IP-directed broadcasts at the routers Ping of death attacks: Use a firewall that checks fragmented IP packets for maximum size Botnets: Use Black hole filtering, which drops undesirable traffic before it enters a protected network
Famous DoS or DDoS attacks
On Feb. 28, 2018, GitHub—a popular developer platform—was hit with a sudden onslaught of traffic that clocked in at 1.35 TBPS.
The PopVote DDoS attack was carried out in 2014 and targeted the Hong Kong-based grassroots movement known as Occupy Central. The movement was campaigning for a more democratic voting system.
In 2012, not one, not two, but a whopping six U.S. banks were targeted by a string of DDoS attacks. The victims were no small-town banks either: they included Bank of America, JP Morgan Chase, U.S. Bancorp, Citigroup and PNC Bank.
The financial impact of DoS or DDos attacks
The financial impact of reacting to a DDOS attack for a small business in 2017 was estimated at USD 123k. For large businesses, this number is estimated to be USD 2.3 MM in 2017.
Man-in-the-middle (MitM) Attack
How does a Man-in-the-middle (MitM) attack work?
A man-in-the-middle (MitM) attack requires three players: The victim, an entity that is communicating with the victim, and the ‘man-in-the-middle’ hacker. The MitM hijacks the victim’s communication at the appropriate time.
What sub-categories does a Man-in-the-middle (MitM) attack have?
Session Hijacking: A hacker takes over an exchange of information with a trusted source in the middle of the information exchange. IP spoofing: Every device capable of connecting to the internet has an IP. By impersonating a trusted IP address, a hacker can try and gain sensitive information from a user. Replay: These attacks occur when a user saves old messages and then re-surfaces them at a later date, acting as a valid participant in the conversation.
How can you protect yourself from a Man-in-the-middle (MitM) attack?
Neutral third-party certificate authorities and hash functions might solve this problem. The authorities practice the hashed algorithm to verify if the websites are genuine.
Famous Man-in-the-middle (MitM) attacks
Superfish was an advertising company that detected the images of products on a web page being surfed by a user and then replaced that with pictures and ads from its network of advertisers. This was done over HTTPS pages, too, via using the same root certificate across all laptops. In Feb 2015, Microsoft released an update for its Defender product, which would block Superfish.
The financial impact of Man-in-the-middle (MitM) attacks
Lenovo finalized with a legal settlement of $8.3 million.
How does a phishing attack work?
A phishing attack is a type of social engineering attack with the idea of using the users’ personal details to send malware software through email, instant message, or text message.
What sub-categories does a phishing attack have?
Email Phishing: This is the main tactic used by hackers, where a fake email appears to be sent from a trusted source. This tricks the victim into providing sensitive information.
How can you protect yourself from a phishing attack?
The attacks can be prevented through precautions like monitoring the email sender’s name, domain and other elements where some hackers fall short.
Famous phishing attacks
In 2013 the retail giant ‘Target’ was attacked, and the personal information of the consumers and their payment details were stolen.
The financial impact of phishing attacks
Target had to settle its several lawsuits by paying out $18.5 million. The breach had stolen information of over 41 million customers.
How does a Drive-by attack work?
A Drive-by attack focuses on spreading malware software when a potential victim visits an insecure web page or reads a non-secure email. No download is needed.
How can you protect yourself from a Drive-by attack?
To protect yourself from drive-by attacks, you need to keep your browsers and operating systems up to date and avoid websites that might contain malicious code.
Famous Drive-by attacks
No information available as hackers like to keep the names of such sites a secret.
How does a Password attack work?
Hackers look for patterns to determine the password that is being used based on a variety of inputs.
What sub-categories does a Password attack have?
Dictionary Attack: The hacker uses all the words in a dictionary to try and guess a combination that will work. Brute force: Uses a program to enter different passwords and in different cases. Traffic interception: The hacker uses software to monitor the system and track information. If the password is shared in an unencrypted manner, the hacker then uses such passwords to access the network.
How can you protect yourself from a Password attack?
Implementing standard best practices of account lockout, frequent password expiry, and forcing users to pick complex passwords are some of the recommended ways to protect against such attacks.
Famous Password attacks
No information is available. But this is a real weakness as in 2018 the most common password was to be revealed as ‘123456’.
SQL injection Attack
How does a SQL injection attack work?
A SQL injection can allow the database of an application to output sensitive data that the hackers could then use.
What sub-categories does a SQL injection attack have?
Unsanitized Input: The attacker provides the user input that is not sanitized for any special characters or characters that should be escaped. Blind (Inferential) SQLi: asks the database true or false questions to find database vulnerabilities. Out-of-Band SQLi: A SQL command is injected into the system, which triggers the database to set-up a connection with the external database, controlled by the attacker.
How can you protect yourself from a SQL injection attack?
Avoid the use of dynamic SQL in stored procedures. The code received can be compared to a whitelist to reduce the chances of malicious code querying the database.
Famous SQL injection attacks
In 2011, Sony Pictures was hacked using an SQL injection attack. Passwords, home addresses, and other personal information relating to several thousands of the accounts were released online.
The financial impact of SQL injection attacks
The breach ultimately cost Sony Pictures more than $600,000.
Cross-site scripting (XSS) Attack
How does a Cross-site scripting (XSS) attack work?
A malicious script is injected into the website and is downloaded to the victim’s browser when a visitor visits it. The website/game/email still functions as expected by the user.
What sub-categories does a Cross-site scripting (XSS) attack have?
Persistent XSS: A user visits what they think is a trusted resource, and a virus is transmitted from the server of this resource to the visitor. The server provides both the valid response as well as some malicious code. Reflected XSS: These kinds of attacks trick a client into sending a malicious script to the server, unknowingly. The hacker then gains access to the user’s device through the browser. DOM-based XSS: This attack renders a user page differently than what the server sends back to the client.
How can you protect yourself from a Cross-site scripting (XSS) attack?
Encourage users to block the use of scripts in their browsers. All special characters received should be converted into their HTML or URL encoded elements.
Famous Cross-site scripting (XSS) attacks
The financial impact of Cross-site scripting (XSS) attacks
While the financial impact of an XSS attack on eBay is not available, it took the company three months to recover from the attack.
How does an Eavesdropping attack work?
An eavesdropping attack is the quiet monitoring of information on a compromised network. The hacker waits for the appropriate moment to act.
What sub-categories does an Eavesdropping attack have?
Passive Eavesdropping: By listening to the message transmission over a compromised network, the hacker waits for the right opportunity to act. Active Eavesdropping: It involves modification of the information by the hacker over a network. The hacker may also impersonate a friend or trusted source.
How can you protect yourself from an Eavesdropping attack?
Data encryption is the best defense against both kinds of eavesdropping attacks.
Famous Eavesdropping attacks
In 2017, in the UK, a hacker monitoring the email conversation between a couple and their solicitor sent out their own bank account for payment instructions.
The financial impact of Eavesdropping attacks
A couple in the UK lost £340,000 and even the bank couldn’t help as the hackers had withdrawn all of it by then. This is just one example of the financial impact on a family.
How does a Birthday attack work?
A birthday attack is where a hacker will try and find two messages that have the same hashed output. That way, a hacker can reverse engineer the original message.
How can you protect yourself from a Birthday attack?
If you hash the hash of your messages or critical data, you significantly reduce the probability of someone being able to find a matched hash and being able to reverse engineer your data. The number of times you hash your data to address this risk is related to the value of the data and the resources at your disposal.
How does a Malware attack work?
An unauthorized software installed to a device without consent (explicit/implicit) with an intent to hack into your device or data.
What sub-categories does a Malware attack have?
Macro Viruses: The virus is embedded in the commonly used programs like excel, word, and others to increase the chances of users opening the attachment. File Infectors: Files with a .exe extension. The virus will launch if the attachment is opened. System or Boot-record infectors: Virus is attached to the boot record and later infects other disks and computers in the network. Polymorphic Viruses: These viruses encrypt and decrypt themselves with changing algorithms so that no single solution can eliminate them. Stealth Viruses: These viruses detect the anti-virus software on a device and infect it so that their presence is not reported. Trojans: These viruses that hide in a useful program masking themselves as harmless. Logic Bombs: A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when a specified condition is met. Worms: These viruses are typically email attachments, and they send out an email and try and infect everyone in an address book of a device. A dropper: This is a program and not a virus. It sits on your device and waits for the right opportunity and then calls the virus from the web to instigate the attack at the right time.
Ransomware: These viruses lock or encrypt your files and make them unavailable without a decryption key. A user typically is asked to pay to secure the decryption key.
How can you protect yourself from a Malware attack?
A multitude of virus-detection programs and user awareness are required to detect, report, and fight against the installation of this kind of malware.
Famous Password attacks
WannaCry, is probably the most famous malware attack that was introduced via phishing emails in 2017. More than 200,000 people have been affected worldwide, including hospitals, universities, FedEx, Telefonica, Nissan, and Renault. The threat exploits a vulnerability in Windows.
The financial impact of Malware attacks
Wannacry, the most famous attack alone, caused more than an estimated USD 4 billion worth of damage.