Cyber attacks have come a long way from duping us into helping a Nigerian prince down on his luck. In 2023 alone, cybercrime resulted in over $12.5 billion in total victim losses — and its costs are on a trajectory to reach over $15 trillion worldwide by 2029.
Common Types of Cyber Attacks
- Malware
- Phishing
- Cross-site scripting (XSS)
- Denial of service (DoS or DDoS)
- DNS tunneling
- Drive-by download
- Man-in-the-middle (MITM)
- Password cracking
- SQL injection
- Zero-day exploits
What Is a Cyber Attack?
A cyber attack refers to any attempt to gain unauthorized access to a computer with the intent to cause harm. These unwelcome attempts steal, expose, alter, disable and destroy information through data breaches. And with new malware being created daily, these attacks aren’t stopping anytime soon.
Taking preventative measures and self-educating on the latest cyber attack trends are a user’s best bet in avoiding malicious online traps. The following list outlines cyber attacks worth keeping on your radar.
Types of Cyber Attacks to Know
1. Malware
Hackers design malware — or malicious software — to intercept data from a computer, network or server by tricking the users themselves into installing faulty programs to their devices at their own hand. Once compromised, a malicious script bypasses security protocols, allowing hackers access to sensitive data or even to hijack the system entirely.
Malware is one of the most commonly used cyber attacks, and it does not discriminate — attacks have been wagered against companies, governments and individuals, frequently partnered with phishing emails.
Types of malware include:
Ransomware
Ransomware is a form of cryptoviral extortion that encrypts files on a system. Hackers lock the original owner out of their files, threatening to destroy or publish confidential information, until a ransom is paid.
Spyware
Spyware is voyeuristic software that records a user’s activities and reports data back to the hacker. This subgenre of malware spans adware, system monitors, web tracking and trojan horses that all share the goal to install, breach the network, avoid detection and safely remove themselves from the network once the job is completed.
Keyloggers
A keylogger is malware that captures a user’s activity by recording their keystrokes. The tracked data is most often used for blackmail or identity theft purposes.
Trojans
Trojans are covert malware that hide inside a seemingly legitimate piece of software. One malware that can steal banking information and other personal credentials — Emotet — uses advanced, self-propagating and modular trojans concealed within spam emails.
Viruses
Activated by a click, these bits of software self-replicate unbeknownst to the user, slowing down a device and potentially destroying data in the process. A transient version, known as worms, move throughout infected network nodes while granting hackers remote access to the entire system.
2. Phishing
Like dangling bait to catch a fish, phishing uses fraudulent websites, emails or text messages to get unsuspecting users to reveal passwords, banking credentials, credit card details or other sensitive information. These cybercrimes usually deliver malware straight to your inbox, using false links or attachments.
Phishers often impersonate trusted parties like banks, businesses, government entities or celebrities. This is an example of social engineering — a malicious data-collection tactic that uses psychological manipulation — which tricks recipients into providing information they otherwise wouldn’t share with a stranger.
In a major phishing attack in 2020, hackers promoted a Bitcoin scam by infiltrating X’s network (formerly Twitter) and hacking 45 high-profile X accounts. Several of these compromised accounts posted tweets or sent direct messages encouraging users to send Bitcoin to a scam wallet address.
Types of phishing attacks include:
Spear Phishing
With spear phishing, hackers use personal information sourced from an individual’s digital footprint — data from a person’s online activity, often lifted from social media or bought off of the Dark Web — in order to convince a specific individual to click on a fraudulent link. This attack is typically done through email.
Vishing
Also known as voice phishing, vishing is a category reserved for hacking scams via voice calls or voicemail messages. This attack often impersonates companies or official entities to get callers to reveal their personal information.
Smishing
Smishing, a portmanteau of SMS and phishing, exploits mobile devices and is spread via text messaging. Like vishing, it attempts to trick users into providing sensitive information over a text conversation.
Whaling
Whaling or whale phishing involves curated attacks that try to reel in the biggest fish — high-profile individuals like CEOs and executives — to steal their credentials and gain backdoor access to a company’s network. Although rare, these phishing attacks can reap the highest reward when successful.
Angler Phishing
Angler phishing is a type of phishing scam reserved for social media platforms. Found in comment sections or by way of direct messaging, fraudsters rely on the trust built by popular businesses or figures and disguise themselves as customer service agents. From here, they siphon information by contacting users who have made customer complaints to these entities.
3. Birthday Attack
A birthday attack occurs when an attacker finds a hash collision — where two different data inputs have the same hash value — allowing them to bypass an associated cryptographic hash function. By finding collisions, an attacker can successfully crack a password, forge a digital signature or replace another person’s message with their own. The term birthday attack comes from the birthday paradox, which says that, in a group of 23 people, there is a 50 percent chance that at least two of them share a birthday.
4. Cross-Site Scripting (XSS)
By injecting malicious, client-facing scripts into the code of a trusted web application or website, cross-site scripting, known as XSS, offers hackers unauthorized access to user information, commonly collected from an on-site search or contact form.
Sites vulnerable to XSS include message boards, forums and web pages, which depend on user input that is not screened for malicious activity; however, this does not exclude bigger sites.
In 2014, hackers tampered with JavaScript code across eBay product listing pages, redirecting shoppers via malicious links to spoofed listing pages that would collect their credentials.
5. Cryptojacking
Cryptojacking refers to a hacker’s covert efforts to commandeer a computer’s processing power for the purpose of mining cryptocurrencies, like Bitcoin and Ether, while the user is unaware or non-consenting. Jeopardized systems suffer a slow processing speed.
6. Denial of Service (DoS)
Denial of service, or DoS, approaches cyber attacks with one singular tactic: totally overwhelm. Typically, this is done by flooding servers with traffic generated by superfluous, false requests in order to overload a system, subduing some or all legitimate requests.
The endgame for DoS hackers isn’t to steal data, but rather to shut down business operations, as demonstrated in 2017 when an attacker came for Google in the largest, publicly disclosed data breach to date at the time, measuring at 2.5 terabytes per second. In this instance, the attacker opted for a DDoS attack, or distributed denial of service, which allows multiple devices to be breached simultaneously.
7. DNS Spoofing
DNS spoofing happens when hackers send online traffic to a “spoofed” or falsified website that replicates a user’s desired destination, like a login page for a bank or social media account. That information, of course, is submitted to hackers sitting at the other end of the fabricated site linked to a fraudulent IP address.
These incidents can be used to sabotage companies by redirecting visitors to a low-grade site with obscene content or to simply pull pranks. In 2015, a group of hackers detoured Malaysia Airlines website traffic to a homepage that showed an image of a plane with the text “404 – Plane Not Found” imposed over it, in reference to controversy around Flight 370, which went missing the year prior. No data was stolen or compromised during the attack.
8. DNS Tunneling
Even the most widely trusted protocols, like the domain name system, can be subverted by hackers. DNS acts as a phonebook for the internet, helping to translate between IP addresses and domain names. Through tunneling, also referred to as hijacking or poisoning, malicious domains or servers sneak traffic past a network’s firewall to perform data exfiltration.
DNS tunneling attacks are especially hazardous as they often go undetected for an extended period of time during which cybercriminals can steal sensitive data, change code and install new access points or malware.
9. Drive-by Download
Most cyber attacks require interaction from a user — like clicking on a link or downloading an attachment. Drive-by downloads or drive-by attacks do not. They can infect unsuspecting users while browsing corrupted websites or engaging with deceptive pop-up windows.
10. Insider Threats
As the title suggests, insider threats are cybersecurity risks that originate from within an organization. These are committed by an agitated party — oftentimes a current or former employee, contractor or vendor — who misuses legitimate credentials to leak, steal or distribute internal information.
For example, in 2020, a disgruntled former staff member of a medical device packaging company used his administrator access to alter over 100,000 company records.
11. Internet of Things (IoT) Attack
An Internet of Things (IoT) attack takes on the nature of a DoS or DDoS attack that hijacks domestic, internet-connected devices such as smart speakers, TVs or tech toys to assist in data theft. Gadgets that fit within the Internet of Things usually don’t have antivirus software installed, making them easy targets for hackers.
In some instances, hackers turn entire armies of devices — dubbed botnets — against their users. Alexa, Ring doorbells and even smart fridges can be loaded with malware in one fell swoop, indicated by sluggish, zombie-like defects in performance.
12. Man in the Middle (MITM) Attack
When an uninvited third party puppeteers communication between two private parties — say, by using a public WiFi network — this is known as a man-in-the-middle attack. This may include eavesdropping attacks, where an attacker intercepts and steals information from a device when it is sending or receiving data over a network.
In this example, messages between two parties are intercepted and manipulated to fit a hacker’s motive, who is pretending to play each respective role. Meanwhile, the mutual parties are unaware that their conversation is being tampered with.
Similar to man-in-the-middle attacks, a man-on-the-side attack enables rogue intruders to read and inject arbitrary messages into a communications channel, without modifying or deleting messages sent by other parties. This tactic relies on strategic timing so that replies containing the malicious data are sent in response to a victim’s request before an actual response from the server.
13. Password Attacks
Perhaps the most direct of attempts, a password attack or password cracking is the process of recovering passwords through various techniques.
Brute Force Password Attack
A common, trial-and-error approach that includes repeatedly inputting different passphrases, checked against a cryptographic hash, until the correct character combination lands.
Password Spraying
Often automated, hackers will circulate through a list of common passphrases — such as “123456,” “qwerty” or “password” — across victimized accounts.
14. Rootkits
Often featured as a collection of tools, rootkits are a type of malware that deeply embed in an operating system upon installation. This can only be achieved after unauthorized access is gained, through means of password cracking or phishing.
Rootkits allow total administrative control over a device or system. This makes them difficult to detect as all evidence of their intrusion can be covered up, while the hacker now holds privileged access. All antivirus efforts may be subverted by the overriding malware, making rootkits nearly impossible to expunge.
15. Session Hijacking
Also known as cookie-hijacking or cookie side-jacking, session hijacking is a type of MITM attack that occurs when a hacker takes over a session between a client and the server while they are logged in.
16. SQL Injection
SQL, short for Structured Query Language, refers to a domain-specific standard that supports most websites. Attackers use SQL injection techniques to gain unauthorized access to a web application’s database by adding strings of malicious code in an effort to trick the database.
The intention here is to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, transfer administrative authority of the database server and expose, destroy or disqualify data.
17. URL Manipulation
URL manipulation, URL interpretation or rewriting, refers to the process of altering the parameters of a URL to redirect a victim to a phishing site or download malware. This tactic can piggyback off of current content management trends.
For example, many administrators trim URLs for user convenience. Hackers can easily “poison” a shortened URL, copying its likeness and redirecting users to a phishing trap. Cyber criminals, in an attack known as directory busting, can also guess common URL formats — by adding “/admin” or “/.bak” to the end of a site — to hack into the back end of a server.
18. Zero-Day Exploits
Zero-day exploits occur when bad actors find vulnerabilities in freshly launched software or networks and exploit the bugs before the unaware manufacturer can patch them. The primary goal of zero-day attacks is to steal data or cause damage. It is dubbed as “zero day” due to developers having zero days to fix the existing exploit.
How to Prevent Cyber Attacks
Because you can never be too safe, here are some best practices to consider when taking preventative action against cyber criminals:
Install Antivirus Software With Malware Protection
Even if you accidentally click on a malicious link or download a viral attachment, hackers won’t be able to touch your data with the right programs in place.
Use a Firewall
Firewalls act as the first defense between a computer and the internet. They constantly monitor flowing network traffic and can determine what traffic to block or allow based on predetermined rules.
Back Up Your Data
In a worst case scenario, having a backup can help avoid downtime, data destruction and even financial loss.
Use Complex Passwords and Enable Multi-Factor Authentication
Keep passwords complex and at least eight characters long. Combine letters, numbers, symbols and cases. Enabling multi-factor authentication as well adds that extra layer of protection.
Be Aware of Phishing Attack Clues
Unsolicited emails, texts, direct messages, attachments and calls are always suspect. Generic email domains — addresses ending in @gmail.com or @yahoo.com — are a cybercriminal’s go-to move, along with fabricated logos, poor grammar and spelling errors. More often than not, scare tactics, like urgent and threatening tones, are used to provoke a victim into action. Remember: Legitimate companies will never ask for sensitive information via email.
Keep Up With Cyber Attack Trends
It’s inevitable that phishing tactics will only become more convincing over time. Being aware of mass scams, like PayPal and Internal Revenue Service imitators, may help curb rash reactions to instigative notifications.
Check for Verification
When corresponding with an official support page or account for a company, they should be verified under their correct organization and directly linked to their main page. Cross-checking smaller businesses too young for official verification for history consisting of customer interactions is a great way to self verify. Avoid accounts with only a few followers and no posts.
Ensure Secure Web Browsing
When on a web browser, look for a locked padlock icon next to the URL in a browser’s search bar to ensure it’s secure. This indicates that the website has a valid SSL certificate and HTTPS protocol.
Keep Software Updated
Keeping up to date with software on your devices boosts security, as many hackers plot their attacks on vulnerabilities found in outdated software.
Use a VPN While on Public Wi-Fi
Whenever using a public Wi-Fi source — even checking your email — a VPN can be used as a best practice for data protection.
Avoid Oversharing on Social Media
Everything shared online becomes part of a user’s digital footprint, which hackers will use to infer passwords and security questions clues, or launch social engineering attacks.
Frequently Asked Questions
What is a cyber attack?
A cyber attack is an attempt to gain unauthorized access to a computer system in order to steal, alter, disable or destroy information.
What are the most common types of cyber attacks?
Some of the most common types of cyber attacks include:
- Malware
- Phishing
- Denial-of-service (DoS) attacks
- Man-in-the-middle (MITM) attacks
- SQL injection
- Spoofing