Full Stack / 7 min read
Are You Protected? Exploring Different Cyber Attacks and Their Prevention
Nowadays hacking a website, exploiting its vulnerabilities is a common practice for an attacker to gain unauthorised access for various…
Are You Protected? Exploring Different Cyber Attacks and Their Prevention
Nowadays hacking a website, exploiting its vulnerabilities is a common practice for an attacker to gain unauthorised access for various reasons and benefits.
Table of content
- What is a cyber attack
- Most common cyber attacks and their prevention
a. Phishing
b. Malware
c. DOS & DDOS Attacks
d. MITM (Man in the middle attack)
e. Code injection attacks (Must-know for Software Developers)
What is a cyber attack?
Any activity that is performed to gain unauthorised access over the IT systems/people to gain ransom or disrupt the functioning of the system or its operations.
Cyber attacks can lead to:
- Loss of Trust: Damaging reputation and eroding customer confidence.
- Financial Losses: Theft of funds, ransom payments, and costly remediation efforts.
- Disruption of Operations: Downtime, compromised productivity, and service interruptions.
- Intellectual Property Theft: Loss of valuable trade secrets and innovation setbacks.
- Legal and Regulatory Consequences: Fines, lawsuits, and compliance breaches.
- Identity Theft and Fraud: Personal and financial exploitation of individuals.
- Credential Compromise: Unauthorised access to sensitive accounts and systems.
- Supply Chain Risks: Cascading effects from breaches in interconnected systems.
- Human Error and Insider Threats: Exploitation of employee mistakes or malicious insiders.
Overall, cyber attacks pose significant risks to organisations and individuals, necessitating robust cybersecurity measures and proactive risk management strategies.
Most common cyber attacks
There can be different ways of how an attacker gain access to your system/application/software to disrupt its operations and compromise its security.
Here are some of the most common cyberattacks that you should be aware of.
Phishing
In Phishing attacker tries to exploit the user by appearing as a legitimate source. The attacker tricks the user by sending SMS, Emails, Text Messages which appear as if they have originated from a legitimate source and contain links or some malicious email attachments.
The goal of the attacker is to divulge sensitive information from the user like passwords, credit card or bank account details etc.
Phishing attacks often include urgent or enticing messages to prompt victims to act quickly without questioning the legitimacy of the request.
There can be different types of phishing like,
Spear phishing, Whale phishing, Smishing, Vishing
How to prevent yourself from Phishing attacks?
- Be sceptical of unsolicited emails, messages or phone calls asking for personal & financial information.
- Always verify the sender’s email address before clicking on any links or downloading any email attachments. It may contain any malicious software which can lead to compromised security or loss of personal information.
Malware
Malware refers to any sort of harmful/malicious software like viruses, trojans, worms etc that once gets inside your computer can compromise it. It can take control of your system, monitor your activity, can send confidential information from your system to attackers.
How can malware get inside your system (computer)?
Attackers can make a user download malicious files/software by clicking on some link or document that may seem harmless or legitimate but can contain a hidden malware installer.
How to prevent yourself from Malware attack?
- Installing anti-malware software which can detect any malicious software harming your system.
- Keep all the software updated with the latest ones for the latest security patches.
- Take caution while downloading anything from the internet or unknown sources.
DOS & DDOS Attacks
DOS stands for Denial of service, which means when the application server starts denying the requests due to extensive load or server shut down.
How this situation occurs.
In this type of attack, an attacker floods the server with lots of illegitimate requests because of which the server/application slows down or even shuts down and is unable to serve even the legitimate or genuine requests.
If the originating source of these illegitimate requests is one system then it is called a DOS attack.
If the requests originate from multiple compromised systems/machines controlled by an attacker then it is called a DDOS attack (Distributed denial of service).
How to prevent it?
DDOS/ DOS attacks can be segregated based on which layer of the OSI model (Open system interconnection) has been attacked.
Infrastructure layer attack (Network & Transport Layer)
Application Layer Attack (Presentation & Application Layer)
- Firewalls — One of the most common mechanisms of detecting where the illegitimate traffic is coming from is through firewalls and blacklisting them so they can’t make further requests.
- Server Scaling — Configuring the server so it can scale up & down based on the incoming traffic and doesn’t burst out when there is a sudden jerk in traffic.
- Real-time, Adaptive threat monitoring — Using real-time, adaptive threat monitoring which can detect the unusual activities on the server and adapt it on a similar basis.
- Caching — Caching the static requested content on CDN so that load on the server can be reduced thus making it more difficult to overload the server by both legitimate or malicious requests.
MITM (Man In the Middle Attack)
As the name suggests, the attacker sits in the middle of a client & server to eavesdrop on the communication channel through which he/she can modify the incoming data packets, steal the data or hamper the requests.
In MITM both parties feel like they’re communicating with each other but in reality, the attacker in the middle is hijacking the communication.
How to prevent MITM?
- Secure connections — Websites providing secure HTTPS connection using SSL (Secure Socket Layer) Technology.
- Using strong encryption- Using the `HSTS` header policy in the applications i.e., HTTP Strict Transport Security. HSTS is a widely supported standard to protect visitors by ensuring that their browsers always connect to a website over HTTPS.
Here you can read more about HSTS. - Public WIFI — Avoid using public Wifi’s or any insecure network connection.
Code Injection Attacks (Must-know for Software Developers)
As the name suggests when an attacker injects some malicious code in an application using its vulnerabilities or security holes to disrupt its functionality or operations those types of attacks are called Code Injection Attacks.
There can be various types of code injection attacks.
- SQL Injection — To inject the malicious SQL statements into data-driven applications which allows the hacker to extract information about the database or delete, or modify the existing database. Attackers use this type of attack to erase, steal or alter data from the database.
- Cross-Site Scripting (XSS) — The attacker injects malicious scripts or Javascript code in a web application through its input or security loopholes which once executed can lead to compromised user’s data security or other sensitive information.
- The attacker identifies the vulnerable input.
- Then injects the malicious payload into the vulnerable input let’s say the attacker injects the JS code into a comment section of an application instead of normal text.
- When another user views the page containing the attacker’s comment the malicious JS code will execute within their browser leading to compromised data security.
3. Malvertising — This type of attack starts from a third-party server/website.
Ex- The attacker injects some malicious code within an ad or banner & once the application loads those ads, banners from a third party which has been compromised will corrupt the user system once the user clicks on the ads, banner, video etc.
How to prevent Code Injection Attacks?
- Implement Input validation & sanitisation — It ensures that the input adheres to the expected format while sanitisation removes potentially harmful elements.
- Apply Escaping techniques — The escaping techniques involve modifying user’s input to neutralise the special characters that could be used for malicious code injection.
- Output Encoding — While displaying any dynamic context on the website (like comments, messages) need to encode special characters to harmless equivalent so the browser doesn’t interpret them as code.