We often get asked, “How many types of cyberattacks are there?” and “how can I protect my business from them?” so we thought it would be great to share some cyberattack examples here on the blog.
As well as the types of cyberattacks explained, you’ll also get our quick guide to what you can do to protect your business.
Table of contents
1. Malware
A Malware attack, also known as Malicious Software is one of the oldest forms of cybercrime, thought to have originated in the 1970s. It’s a very common threat to your business because it’s easy for cybercriminals to create and spread.
The majority of malware is delivered as an infected file to its target via a phishing email to gain access to data, systems and sometimes entire networks of PCs, laptops, phones and tablets. Although in recent years scam websites using malware have also popped up posing a different way to scrap your personal data.
In 2020 malware attacks rose by 62%, relying heavily on people’s attention being squarely placed on Covid-19.
2. Phishing Attack
Phishing Attacks are heavily reliant on human error. Used as tools to deliver malware-infected files and links, phishing emails can cause not only financial loss but far-reaching reputational losses too.
Phishing scams are often created in batches, allowing cyber criminals to reach vast numbers of users in one phase. They will often misrepresent themselves as emails from legitimate companies or brands. We’ve all seen those ‘Amazon gift card’ emails hit our junk folders!
In recent years you may have noticed that phishing has grown to include text messages, phone calls and even social media direct messages. Whichever method they contact you with the aim is always the same, acquiring access to your data to make easy money from you.
Once the malware is delivered it works within your system to spread more phishing scams via your network data and contact lists.
3. Ransomware Attack
Ransomware or Ransom Malware, to give it its full title, is a type of malicious software created to infiltrate a computer network and block file access. The attack will include a threat to withhold user access to files and networks, as well as the release of sensitive data via the internet (based on the target’s identity and notoriety). The aim is always the same, to hold your systems, networks and files to a ransom payment.
This type of scam relies heavily on phishing emails to deliver a download, attachment or website link to the email recipient’s computer, the threat is often triggered by the recipient through human error. Although it shouldn’t be forgotten that hacking someone’s login credentials or guessing passwords is still a cybercriminal’s preferred second choice of access.
Once the ransomware is in your network it starts to copy and encrypt targeted files with a control key, removing the original files from your system. This is where the ransom demand is prompted. You might see this as an automated screen lock note, or scareware (see the link above for our full guide to ransomware and scareware). More often than not ransom is expected to be paid in cryptocurrency.
4. Password Attack or Password Cracking
Password Cracking (or password hacking) is the attempt to determine password information.
Hackers often use automated password cracker software to make their hits. Once a password attack is successful the threat actor can steal login credentials and use them to access your accounts and sensitive data. They can also try to gain entry to other accounts they know you might have.
61% of data breaches were a result of cracked passwords.
5. Cloud Attack
Cloud-based cyberattacks or a cloud attack is an illegal entry to cloud-based data storage, computing, or hosting software.
Hackers aim to steal sensitive data on entry from the host: their stored files or other documents that can be used to exploit both the hosting company and its users. 73% of business users dealt with some form of cloud-based attack in the first six months of 2022.
6. Man-in-the-Middle (MITM)
A man-in-the-middle-attack (MitM) is the act of a hacker who sits between you and a software or app to gain your sensitive or personal data.
There are two main types of MitM attack. Firstly a hacker creates malicious software or a website and sends the link to it via a phishing scam. The email is then automated to users in a way that feels like legitimate contact.
The second type is a lot more worrying because the cybercriminal has to be close to you and/or your software or app. Here the hacker relies on poor WiFi security to intercept your communications and gain your data.
Whilst attacks are mostly opportunistic, an intended target can also be hit by this method of attack.
7. SQL Injection Attack
An SQLi attack is where a hacker exploits a cybersecurity weakness to gain access to a database (written using standard query language). The malicious SQL code targets the backend of your database to give the hacker entry to your system through false administration rights and manipulate or hold your sensitive data. Often subject to subsequent ransom demands.
What are the main means of entry to a database? Weak security.
8. Denial of Service Attack (DoS) or Distributed Denial of Service Attack (DDoS)
Denial of Service (DoS) is a type of cybercrime that renders service provision temporarily or permanently inaccessible to users. The malicious program runs from a single computer through several servers and compromised terminals to flood the internet with requests directed at a single target. The overloaded system crashes, causing users to lose access.
Banks, payment gateways and eCommerce websites are typical targets and the aim is that by disrupting trade, attackers can force temporary or ongoing financial issues for the victim.
9. Insider Threat
An insider threat attack is a data breach by someone who has authorised access to your business networks and systems. They could be an employee, a contractor, or a supplier.
A threat actor chooses to use their authorised access to harm your business. How is this attack commonly termed? As an act of theft, espionage, sabotage or corruption that leads to the damage of your business or its means to do business, or to enhance the competition’s business.
An unintentional insider threat attack is also possible and is often due to negligence or accidental data breaches. These are cybersecurity issues that can cause leaked information to reach third parties or expose your company to third-party threats from phishing or malware scams.
Alarmingly up to 80% of businesses will suffer this type of cyber event in their lifecycle.
10. Zero-Day Exploit
Zero-day exploit attacks are worm programs that are embedded into the software before its release day. These are unknown to the software team and do not show in antivirus scanning. Because the software and antivirus companies do not know of their security flaw, they have no ‘patch’ to correct or mitigate the problem. On release, the worm spreads through user systems.
With the rise of new apps and software downloads, start-ups and even bigger, trusted companies are potential targets and zero-day exploits are growing year after year.
11. Watering Hole Attack
A watering hole attack is malicious software installed on a target website that its organisation’s users often frequent. The aim is to infect users' computers, devices and systems with malware that scrapes personal identifiers and business data for financial gain.
This type of attack can also be a threat to entire industries if hackers can guess which websites or software organisations favour outside of their internal and intranet systems.
Whilst these types of attacks are less common and not as easy for opportunistic cybercriminals, they do pose a significant threat nonetheless if larger organisations are caught in the attack net.
12. Cross-site Scripting (XSS)
This is a specific type of injection code, where scripts are added to existing and trusted sites. It enables an XSS attacker to gain user access privilege information, personal identifiers or even cookie session data.
XSS is extremely common and it is thought that one in three websites is vulnerable to cross-site scripting.
13. URL Interpretation or URL Poisoning
URL poisoning is where a hacker hijacks a legitimate URL to divert traffic (victims) to a malicious site to gain personal identifiers or login credentials for the original website. It is thought that these types of attacks account for around 17% of malware globally.
Delivered by a phishing email, poisoned URL links often appear to be from legitimate and trusted sources.
14. DNS Spoofing, DNS Tunnelling, DNS Hijacking
DNS spoofing, the act of purchasing a domain name that appears to be legitimate, or DNS Hijacking, a coded redirection to a false website, is a cybercrime that attempts to divert a trusted website’s traffic to a malicious website.
The attacker then infects the user’s computer with malicious code to scrape and report your sensitive back data to the attacker (DNS Tunnelling).
The crime itself is very difficult to detect because accessed data and malicious program commands are hidden in seemingly ‘normal’ server queries and commands. Therefore the crime is often missed by firewalls.
In recent years, this has become alarmingly popular among cybercriminals.
15. Botnet
A Botnet is a hacker’s tool that utilises a linked group of bots or devices to hide an attack that distributes at scale. These are large-scale events that deliver malware via phishing scams, DoS or DDoS attacks, or password cracking attempts.
16. Cryptojacking
Crypotjacking is the attempted and successful hijacking of devices to ‘mine’ (steal and use) a user’s cryptocurrency. Access to cryptocurrency is gained through malware delivered usually by phishing emails or text scams.
According to many sources, this type of crime has seen a significant rise in recent years, which has caused people to become wary of crypto investment and worried about cybersecurity.
17. Clickjacking
Clickjacking (also known as a “UI redress attack”) is a coded attack that exists on a malicious site or a trusted site where a hacker has gained control. The premise is that the attacker overlays a false button on a website or payment form, redirecting your details to the hacker. They can use this type of redirect on many clickable page elements, redirecting you to alternative sites, or gathering your cookie information.
18. Drive-by Attack
Often thought of as a “spray and pray” attack, drive-by attacks spread malware via phishing emails that leave code on your device for future attack opportunities. This might be to gain personal identifiers or access your device for data, files and databases they can hold for ransom.
19. AI-powered Attack
An AI-powered attack is a cyber threat posed by the use of AI technology. This can include AI like deep fakes to produce content that someone feels is legitimate to deliver the scam. Whilst AI is already prevalent in the phishing scam arena it is becoming common elsewhere, especially in socially engineered attacks via social media.
20. Internet of Things (IoT) Attack
An “internet of things device” (IoT) is any technology that we carry with internet access, like mobile phones, tablets and laptops, that also have the capability to connect with each other.
Cyber threat intelligence tells us that hackers aim to gain control of apps, or entire devices through the use of malware delivered (mostly) by phishing scams or eavesdropping (MitM attacks). The aim is simple, to either harm the device, hold data for ransom, or use data collected (personal identifiers and such) to commit fraud.
21. Supply Chain Attack
Since 2020 supply chain attacks have grown wildly and it is something that is becoming more of a concern for organisations who rely on integrated supply chain access and reporting. You see, one attack can infect every section of your chain and its networks.
This type of cyber attack usually occurs in government and civil service sectors, financial institutions and healthcare or utility industries. As with any other type of attack, hackers are looking for a weakness either in firewall security or human error, to allow them to deliver their malicious software.
22. Formjacking
Form of code injection hack, formjacking attacks are the process of using javascript code on a target’s website to skim form entries for personal identifiers. Typically threat actors will target payment gateways specifically to use card details to commit fraud, but they can also skim data to sell it on the dark web.
Thousands of attacks happen each month, usually through a website’s use of unsafe third-party forms or plug-ins. Generally, targets are eCommerce sites.
23. Targeted Attack
This is a particularly nasty form of cyber attack, because rather than relying on a hacker’s usual “spray and pray” formula, an individual hacker targets one specific organisation. It might be that the cyber criminal was a former employee or other insider threat actor with a grudge. It sadly could also be someone outside the organisation who either holds a grudge or sees the prize as worth the effort.
The aim here is to damage the infrastructure, finances and reputation of the target.
Whilst this type of attack is less common, you would be surprised to hear that as many as a few hundred organisations are targeted every month. Sometimes, multiple times a month.
How to prevent Common cyber attack types in your business
There is a strong chance that in the time it takes you to read this blog post your business has already been attacked by several phishing emails and firewall threats. Whether they get through or not depends on your approach to cyber security.
We recommend some precautionary steps
Understand your industry and data protection compliance measures and document your protocol
Invest in good firewall protection with a good device and network security with antivirus software
Configure your email accounts to reduce phishing attacks via the SPAM settings
Use 2-factor authentication for all business email accounts, including the ‘info@’ contact email
Make sure all of your passwords are different from site to site
Create a safe list of email addresses
Train staff to recognise the different types of cyber-attacks
Create a staff protocol document for flagging and dealing with cyber attacks, including recognising and isolating phishing emails
If you use business mobiles, tablets and laptops create a protocol for scam alerts by phone, app, or text and train staff on how to deal with them
Make sure you have something similar set up for social media attacks
Understand the security cloud solutions offer as we move into hybrid work
Understand protection levels integrated online software providers have in place
Check your supply chain is fully protected by using purpose-built systems - also check access points along the chain for security weaknesses
Check your database is protected
Log who has access to what type of business data
Add a kill switch protocol, so that as staff, clients or suppliers leave the network their access is terminated permanently
Check your business digital footprint regularly
Have your IT administrators scan your systems for malicious files and programs regularly
Or outsource your IT needs to an industry expert who can manage all of this for you!
If you are looking for onsite assistance in the central London area contact us today and let us help you prevent cyber threats by implementing full cyber security throughout your business.