In this note I have made an attempt to describe and categorise a number of typical cyber security attack methods

social attack types

  • Social Engineering: Manipulating individuals into sharing confidential information or performing certain actions.
  • Business Email Compromise (BEC): An attack where attackers impersonate executives or employees to trick companies into making unauthorized financial transactions.
  • Phishing: An attack that uses deceptive emails, messages, or websites to trick individuals into divulging sensitive information like usernames, passwords, or financial details.

destructive

  • Distributed Denial of Service (DDoS): attacks that overwhelms a website or service with excessive traffic, causing it to become slow or unavailable.
  • Defacement: where an attacker gains unauthorized access to a website and alters its visual appearance or content.

code execution attack

  • Malware: Malicious software designed to harm, exploit, or otherwise compromise a device, network, or service.

eavesdropping

  • Man In The Middle: the attacker secretly intercepts and possibly alters the communication between two parties.
  • Session Hijacking: An attack that involves stealing or predicting a valid session token to gain unauthorized access to a web session.
  • DNS Spoofing: An attack where false DNS information is inserted into the cache of a DNS server, redirecting traffic to malicious sites.

application exploitation

  • SQL Injection: SQL code is inserted into a query to manipulate a database, allowing unauthorized access to data.
  • Code Injection: An attack where an attacker inserts malicious code into a program, which is then executed by the host.
  • Zero-day: exploiting a previously unknown vulnerability in software before the vendor can issue a patch.

webbased attacks

  • Watering hole attack: attacker infects a website frequented by a particular group, aiming to compromise that group.
  • Cross-Site Scripting: Injecting malicious scripts into otherwise trusted websites, which get executed in a user’s browser.
  • Clickjacking: attacks that tricks users into clicking something different from what they perceive, potentially revealing confidential information or taking control of their device.
  • Cross-Site Request Forgery (CSRF): An attack where a user is tricked into performing actions they didn’t intend to by exploiting their authenticated session with a website.

enumeration

  • port scanning: determining which ports on a network host are open and could be receiving or sending data.
  • Forced browsing: is an attack where the aim is to enumerate and access resources that are not referenced by the application, but are still accessible.

credentials attacks

  • Brute force: attackers attempt to gain access to an account by systematically trying all possible passwords or keys.
  • Password Spraying: An attack method where the attacker attempts to access a large number of accounts using a few commonly used passwords.
  • Credential Stuffing: Credential stuffing is a cyberattack method in which attackers use lists of compromised user credentials to breach into a system.

advanced attacks over longer period of time

  • Advanced Persistent Threat (APT): A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.

finding vulnerabilities

  • Side-Channel Attack: extract information from a system by analyzing physical phenomena such as timing, power consumption, or electromagnetic leaks.
  • Heap Spraying: exploit memory corruption vulnerabilities by flooding the memory with payloads in the hope that the attacker’s code will be executed.

wireless attacks

  • Wardriving: attack involving the search for Wi-Fi networks by driving around with a wireless-equipped device.
  • Replay Attack: An attack where valid data transmission is maliciously or fraudulently repeated or delayed.