What is a Cyber Threat?
In Cybersecurity, a cyber threat could be a potential action that can be caused by a vulnerability in a network or system that results in an unwanted negative impact on a system or network. It can be both intentional or accidental. A cyber threat may result in system malfunctioning or a data breach.
What is an Attack Vector?
The attack vector is the same as a cyber threat. It’s the methodology used by an attacker. It’s the path or means by which an attacker can gain access to a system or network. After gaining access attacker tries to deliver a payload or malicious content. Attack vectors enable an attacker to exploit system vulnerabilities.
The Cyber attacks are broadly classified as :
User Based Attacks
Phishing
Suppose you are using a browser for online shopping. You found the same product over two different shopping websites. One is a well-built e-commerce website you know of e.g amazon. And the other one you don’t know. You will prefer to choose a well-known website for a transaction. So, an attacker takes advantage of this trust in phishing attacks. They impersonate themselves as a trustworthy entity to steal your personal data. In the case of a transaction, an attacker can impersonate that same trustworthy e-commerce website. Then steal your credit or debit card details.
Phishing basically is a technique of gathering sensitive information about the target such as usernames, passwords, etc by disguising as a trustworthy entity. There are tons of tools available over the internet for this kind of attack.
Social Engineering
Social engineering is an act of tricking someone to gain sensitive information. This can be action, usually through technology. The basic idea behind social engineering is to take advantage of the victim’s natural tendencies through human manipulation.
Typically, it’s done to obtain confidential information. Like passwords, financial data, company data, etc. In other instances, it’s far more serious. For example,to steal money of victim or to install malware.
The only thing you can do about securing yourselves against such attacks is by verifying the domain in which you are giving out your sensitive information. For example, some fraud calling, eavesdropping, or phishing. Recently there was a massive Twitter hack. The attack was based only on social engineering. Victims included high profile accounts like Bill Gates, Elon Musk, and President Obama.
Network and System based attacks
Malware attacks
A malware attack happens when an attacker creates malicious software and install it on victim PC without their knowledge to gain access to their personal information or to damage the device. Different types of malware include virueses, worms, trojan horses, spyware, ransomware, etc.
Malware attacks acan happen on all sorts of operating systems. This includes windows, MacOS, Linux even Android and IOS.
There are endless limits in which an attacker can script a malware. Even malware detectors of big enterprise companies won’t be able to detect viruses.
Network Based attacks
In network-based attacks, there are active attacks and there are passive attacks. Active attacks are much more common because we’re trying to get information in real-time.
So real-time attacks on the network are what we’re going to talk about when and are the brunt of the attacks. We see active attacks from the network. So active attacks are where an attacker can see or manipulate real time traffic.
Conversely, we have passive attacks. In passive attack, an attacker can read the data from an active attack and use the information obtained for further recon and exploitation.
Inactive attacks we see this in sniffing, eavesdropping, spoofing, etc. Whereas passive attacks, what is seen there is more data compromised. For example, a password is compromised.
Man in the Middle(MitM) Attacks
A man in the middle attack employs the use of an unsecured or poorly secured, usually public Wi-Fi router. The attacker will then scan the router using network scanners looking for certain vulnerabilities such as default or poor password use.
Once the attacker has found the vulnerability. They will then insert themselves in between the user’s computer and the websites that the user visits. And then intercept the messages or information being transmitted between the two, such as passwords or payment card data.
Denial of Service(DoS and DDoS) attacks
The DoS attack is kind of attack that floods the target system or network. This flooding is dynamic with more requests than the network can handle. This results in slowing down or even stopping the services provided by network.
Whereas a DDoS attack is a distributed denial-of-service attack. This is just a normal DoS attack that comes from more than one source at a time. This kind of attack can bring a server or a domain down within a matter of time.
Traditional firewalls cannot protect you from this kind of attacks. To protect yourself or a server from DDoS, install advanced firewalls.
Wireless attacks
A wireless attack is an attack that employs targets from the same network connected wirelessly. This essentially is done to crack WEP, WPA/WPA2 passwords. Other reasons might include attacking different devices on the network to gain access to them. Once, after gaining access to the Wi-Fi network an attacker can gain access to the devices of the same subnet mask in the network.
Examples of these attacks are ARP poisoning, Man in the Middle, Evil-Twins attack, etc. To secure yourself from this kind of attack, use a VPN(Virtual Private Network). VPN is an application that allows you to encrypt the traffic that flows through your device and network.
