A cyberattack is a malicious and planned attempt by an individual or organization to breach the information system. The victims of these cyber attacks are some individuals or organizations. Usually, the attacker seeks some type of benefit from disrupting the victim’s network. Understanding the types of attack, and the stages involved will help you to better defend yourself.
Now, the attacks are of two types.
In this category of attacks, the attacker targets as many devices or users as possible. There are many machines and services with vulnerabilities all over the world. As a result, the attackers don’t care about the victims. They use techniques that take advantage of the openness of the internet. so let’s take a look at some untargeted attacks.
Phishing The attacker generates a link to get into the system of the victim. The attacker will send the link via mail or SMS. These pages look like login pages of some well-known websites. These sites will ask for the credentials of the user.
Once the victim enters the details, they reach the victim’s system. Now it’s upon the attacker that how he/she uses that information. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyberthreat.
Ransomware In this attack, the attacker somehow gets access to the victim’s data and encrypts that using encryption algorithms. The attacker encrypts the data in a way that the victim can’t use that data for some productive use and only the attacker can decrypt that.
The attacker asks for an amount of money or some assets for him in favor to decrypt that data. The only way to get rid of this attack is to keep the copy of data at a place that is away from the internet.
In this type of attack, the attacker attacks a particular person or organization because he has a specific interest in him or his business. The groundwork for the attack could take months so that they can find the best route to deliver their exploit directly to your systems. A targeted attack is often more damaging than an un-targeted one. It is specifically tailored to attack your systems, processes, or personnel, in the office and sometimes at home.
Spear Phising Here the attacker sends malicious emails to the targeted victim. That email may contain attachments or a link that downloads the malicious software. Spear Phishing attacks are carefully planned so that the specific victim will respond.
Botnet A botnet is a network of devices that contains malicious software, such as a virus. Attackers can control a botnet as a group without the owner’s knowledge with the goal of increasing the magnitude of their attacks. Often, a botnet is used to overwhelm systems in a distributed-denial-of-service attack (DDoS) attack.
Stages Of An Attack
Regardless of whether an attack is targeted or un-targeted, or the attacker is using commodity or bespoke tools, cyber-attacks have a number of stages in common. A persistent adversary will make an attack that consists of repetitive stages.
Moreover, The attacker is effectively probing your defenses for weaknesses that, if exploitable, will take them closer to their ultimate goal. Understanding these stages will help you to better defend yourself. The main stages of most attacks are:
Survey Firstly, this stage includes investigating and analyzing available information about the target in order to identify potential vulnerabilities.
Delivery Secondly, this stage is responsible for getting to the point in a system where the malware will find the vulnerability.
Breach Thirdly, this stage includes exploiting the vulnerability/vulnerabilities to gain some form of unauthorized access.
Affect In the final stage, the goal is to carry out activities within a system that achieve the attacker’s goal.
For More Information: https://www.cisco.com/c/en_in/products/security/common-cyberattacks.html