What is Cyber Attacks?

A cyber-attack is any attempt to gain unauthorized access to a computer,

computing system or computer network with the intent to cause damage. Cyber-
attacks aim to disable, disrupt, destroy or control computer systems or to alter,
block, delete, manipulate or steal the data held within these systems.

A cyber-attack can be launched from anywhere by any individual or group

using one or more various attack strategies.

People who carry out cyber-attacks are generally regarded as cybercriminals.

Often referred to as bad actors, threat actors and hackers, they include
individuals who act alone, drawing on their computer skills to design and
execute malicious attacks. They can also belong to a criminal syndicate,
working with other threat actors to find weaknesses or problems in the computer
systems -- called vulnerabilities -- that can be exploited for criminal gain.

Types of Cyber-attacks: -

Cyber-attacks most commonly involve the following:

1. Malware, in which malicious software is used to attack information

systems. Ransomware, spyware and Trojans are examples of malware.
Depending on the type of malicious code, malware could be used by
hackers to steal or secretly copy sensitive data, block access to files,
disrupt system operations or make systems inoperable.
2. Phishing, in which hackers socially engineer email messages to entice
recipients to open them. The recipients are tricked into downloading the
malware contained within the email by either opening an attached file
or embedded link.
3. Man-in-the-middle, or MitM, where attackers secretly insert
themselves between two parties, such as individual computer users and
their financial institution. Depending on the details of the actual attack,
this type of attack may be more specifically classified as a man-in-the-
browser attack, monster-in-the-middle attack or machine-in-the-
middle attack. It is also sometimes called an eavesdropping attack.
4. DDoS, in which hackers bombard an organization's servers with large
volumes of simultaneous data requests, thereby making the servers
unable to handle any legitimate requests.
5. SQL injection, where hackers insert malicious code into servers using
the Structured Query Language programming language to get the
server to reveal sensitive data.
6. Zero-day exploit, which happens when a newly identified
vulnerability in IT infrastructure is first exploited by hackers.
7. Domain name system (DNS) tunnelling, a sophisticated attack in
which attackers establish and then use persistently available access --
or a tunnel -- into their targets' systems.
8. Drive-by, or drive-by download, occurs when an individual visits a
website that, in turn, infects the unsuspecting individual's computer
with malware.
9. Credential-based attacks happen when hackers steal the credentials
that IT workers use to access and manage systems and then use that
information to illegally access computers to steal sensitive data or
otherwise disrupt an organization and its operations.