Lec 10 Introduction to Cyber Security PDF
Document Details
Uploaded by VibrantSanDiego2924
Alexandria National University
Tags
Summary
This lecture introduces various types of cyber attacks, including phishing, denial-of-service, man-in-the-middle, and SQL injection attacks. It also covers social engineering, zero-day attacks, advanced persistent threats (APTs), and other attack methods.
Full Transcript
Types of Malwares and Attacks Lecture 10 Types of Attacks 1. Phishing Social engineering attack where attackers trick victims into providing sensitive information (passwords, credit card details, etc.). Often done through deceptive emails, messages, or web...
Types of Malwares and Attacks Lecture 10 Types of Attacks 1. Phishing Social engineering attack where attackers trick victims into providing sensitive information (passwords, credit card details, etc.). Often done through deceptive emails, messages, or websites that appear legitimate. Commonly used to distribute malware or steal login credentials. 2. Denial of Service (DoS) and Distributed Denial of Service (DDoS) DoS: An attack that floods a system, server, or network with excessive requests, making it unavailable to legitimate users. DDoS: Uses multiple compromised devices (botnets) to launch large-scale attacks. Disrupts online services, causing downtimes and financial losses. Examples: SYN flood, HTTP flood, Ping of Death. Types of Attacks 3. Man-in-the-Middle (MitM) Attack Attackers intercept and alter communication between two parties without their knowledge. Often used to steal sensitive data, eavesdrop on conversations, or inject malicious content. Can occur over unsecured networks (e.g., public Wi-Fi) or through compromised routers. 4. SQL Injection (SQLi) An attack that exploits vulnerabilities in an application’s SQL database queries. Attackers input malicious SQL code through user input fields (e.g., login forms) to manipulate the database. Can lead to unauthorized access to sensitive data, deletion of records, or control over the database. Examples: Blind SQL injection, Union-based SQL injection. Types of Attacks 5. Cross-Site Scripting (XSS) Injects malicious scripts (usually JavaScript) into trusted websites. The script is executed in a victim's browser, allowing attackers to steal session cookies, credentials, or deliver malware. Commonly affects websites that allow user- generated content without proper validation. 6. Brute Force Attack An attack that tries to guess passwords, encryption keys, or login credentials by systematically trying all possible combinations. Can be very time- consuming without additional tools but effective against weak passwords. Automated tools are often used to speed up the process. Variations: Dictionary attacks, Credential stuffing. Types of Attacks 7. Password Attack Attackers attempt to steal or crack user passwords using various techniques. Techniques include brute force, dictionary attacks, and rainbow tables (precomputed hash lookups). Can also involve phishing, keylogging, or social engineering. 8. Ransomware Attack Malware that encrypts files or locks users out of their system and demands a ransom (usually in cryptocurrency) to restore access. Typically spread via phishing emails, malicious downloads, or exploiting software vulnerabilities. Targets individuals, businesses, and critical infrastructure. Examples: WannaCry, Ryuk, REvil. Types of Attacks 9. Social Engineering Attack Relies on psychological manipulation to trick individuals into divulging confidential information or performing harmful actions. Common tactics include impersonation, pretexting, baiting, and tailgating. Often used to bypass security measures such as firewalls and encryption. 10. Zero-Day Attack Targets vulnerabilities in software or hardware that are unknown to the vendor or have not been patched. Since the vulnerability is unpatched, attacks can cause significant damage before detection or mitigation. Exploits can be sold on the dark web or used in espionage campaigns. Examples: Stuxnet, Operation Aurora. Types of Attacks 11. Advanced Persistent Threat (APT) Long-term, targeted attack in which attackers infiltrate a network and remain undetected for an extended period. Typically used for espionage, stealing intellectual property, or data exfiltration. Often state-sponsored or carried out by well-funded groups with sophisticated tools. 12. Drive-By Download Attack Occurs when a user unknowingly downloads malicious software just by visiting a compromised or malicious website. Does not require any user interaction (e.g., clicking on a link or downloading a file). Often exploits vulnerabilities in browsers or plugins (e.g., Flash, Java). Examples: Malvertising (malicious ads), Watering hole attacks. Types of Attacks 13. Insider Threat A malicious attack or data breach carried out by someone within an organization. The insider may be an employee, contractor, or partner with legitimate access to sensitive information. Can be motivated by financial gain, revenge, or corporate espionage. 14. Session Hijacking Attackers take control of a user's session by stealing or predicting session tokens. Often occurs in web applications, allowing attackers to impersonate the user. Typically happens when session management is not secure, such as in HTTP cookies. Types of Attacks 15. Eavesdropping Attack (Sniffing) Attackers listen in on network traffic to steal sensitive data like passwords or credit card information. Usually conducted on unsecured networks or via compromised network devices. Tools like packet sniffers can be used to capture unencrypted data in transit. Tools: Wireshark, tcpdump. 16. Supply Chain Attack Targets vulnerabilities in the supply chain of hardware, software, or service providers to compromise the end-user. Can involve the installation of malware during manufacturing, distribution, or software updates. Particularly dangerous as it allows attackers to infiltrate highly trusted systems or organizations. Examples: SolarWinds attack, Target breach. Types of Attacks 17. Cryptojacking Attackers hijack a victim’s computer or network resources to mine cryptocurrency. Operates in the background, often without the user’s knowledge, causing system slowdowns or overheating. Spread through malicious websites, ads, or infected software downloads. Examples: Coinhive, PowerGhost. 18. DNS Spoofing (DNS Cache Poisoning) Manipulates the DNS resolution process to redirect users to malicious websites instead of legitimate ones. Attackers inject false DNS information into the cache, tricking users into visiting phishing sites. Can be used to steal sensitive information or infect systems with malware. Tools: dnsspoof, Ettercap. Types of Attacks 19. Watering Hole Attack Attackers compromise a specific website or online resource frequently visited by a target group. When the targeted users visit the site, they are infected with malware or redirected to malicious pages. Often used in highly targeted attacks (e.g., corporate espionage, government agencies). Examples: Compromised industry-specific websites. 20. IoT-Based Attacks Exploits vulnerabilities in Internet of Things (IoT) devices (e.g., smart home devices, connected cars). Devices often lack strong security measures, making them vulnerable to botnets or remote control. Used in large-scale DDoS attacks, data breaches, or for spying. Examples: Mirai botnet.
