There are different ways that a hacker can launch an attack on a system. Systems have become even more vulnerable in recent times due to social media, cloud computing and virtualization. The more advances we make technologically, the more complex the IT environment becomes, thus causing greater insecurity. There are generally three broad forms of attacks that hackers can launch against a system. These are Physical, Syntactic, and Semantic.
- A physical attack is where hackers use traditional weapons like fire or bombs to destroy data. It may also involve breaking into buildings and stealing equipment, or even rummaging through garbage cans to find valuable information (passwords, intellectual property, network diagrams, etc.)
- A syntactic attack is where a virus, worm, Trojan horse, or malware is used to penetrate and disrupt a system. One of the most common ways that this form of attack is carried out is via email.
- A semantic attack is where a hacker subtly approaches a target, gains their confidence, and then causes the system to generate errors or erratic results. The hacker is able to modify information and pass it off as genuine or disseminates inaccurate information.
These three broad classes can be broken down into specific hacking tricks. Some of them are advanced and sophisticated techniques while others are the conventional types that have been around for a long time.
- Key logging
- Denial of Service (DOS)
- Phishing Attacks
- Waterhole Attacks
- Eavesdropping and Impersonation
- Click jacking
- Man-in-the-middle Attack
1. Key logging
Key logging, also known as keystroke logging or keyboard capturing, is the practice of recording the keys that are pressed on a keyboard. Key logging can be used for a variety of purposes, both legitimate and malicious.
Legitimate uses of key logging might include monitoring employee productivity or tracking the use of a shared computer. Malicious uses of key logging might include stealing login credentials or other sensitive information, such as credit card numbers or bank account details.
There are several different ways that key logging can be implemented, including hardware-based keyloggers that are physically attached to a computer’s keyboard, software-based keyloggers that are installed on a computer and run in the background, and web-based keyloggers that operate through a web browser.
To protect against key logging, it is important to use strong, unique passwords for all accounts, avoid entering sensitive information on public or shared computers, and use security software that is designed to detect and block keyloggers. It is also a good idea to regularly review and monitor your accounts for any unusual activity.
A malicious hacker may use simple software, known as a key logger, to record every keystroke that is typed on a computer keyboard. The software then stores the information in a log file in your computer, allowing for later retrieval by the hacker. The log file may contain passwords to various accounts as well as personal email IDs.
2. Denial of Service (DOS)
This is a form of attack where a hacker floods a server or website with tons of traffic requests in an attempt to bring down the server. The target server or site will be unable to handle the large volume of requests in real time, resulting in a crash. Hackers are able to perform this kind of attack by deploying zombie computers or botnets whose sole job is to send incessant request packets to the targeted system.
A hacker may also launch a DOS attack on an individual instant messenger user. The user’s system will be flooded with messages from multiple user accounts all created by the hacker, thus causing the system to become unstable and hang.
3. Phishing Attacks
Phishing is a technique that takes advantage of people’s inattentiveness when opening emails. A hacker sends an email that looks like it’s from a legitimate source (bank or charity organization), asking the user to click on a link that will supposedly send them to an authentic website.
The link may have the same name as a website that the user frequently visits, but in reality, it leads to another website that will install a Trojan into the user’s system. In some instances, a hacker may send an email claiming to be from a financial institution, asking the user to provide confidential information such as bank account numbers and passwords; otherwise, their account will be revoked.
4. Waterhole Attacks
This is a technique where a hacker targets someone at the place where they are most accessible. For example, you may tend to frequent a specific coffee shop on specific dates or times and normally use the available Wi-Fi access point.
A hacker may monitor your schedule, create a fake Wi-Fi access point in the coffee shop, and modify your favorite websites in order to obtain your personal information. When you connect to the fake access point, the hacker will be able to grab all your data.
5. Eavesdropping and Impersonation
This is a passive form of attacking where a hacker monitors a system in order to obtain information such as passwords and user accounts. The hacker then steals the user’s identity and sends messages to people on the victim’s email contact list.
The victim’s contacts are unaware that the person they are sharing confidential information with is not the actual user. The hacker can even send them a Trojan program and request that they execute it on their computer, thus giving the hacker further access to more passwords and usernames.
This is a form of phishing attack where a hacker redirects traffic intended for a particular genuine website to another, fake website. Pharming (pronounced as “farming”), can be done in two ways: altering the file of the host site on a user’s computer, or exploiting a vulnerability in the software of the site’s DNS server.
DNS servers are supposed to act as the guideposts that direct online users to the right website. If a DNS server is compromised, users will simply be lead wherever a hacker wants. This form of hacking is usually targeted at online banking and e-commerce sites.
7. Click jacking
This technique is also known as user-interface redressing. A hacker hides a piece of malicious coding underneath an apparently genuine button or link on a website. When an unsuspecting user clicks on the button or link, the code is activated. In other words, you click on something that you physically see, but there is a virtual and unintended result that occurs.
For example, a user can go to a website and once they are done, decide to click the “X” button on the top right corner to close the window. However, what they don’t know is that a hacker has invisibly placed a button underneath that will trigger the download of a Trojan horse, turn on the computer’s webcam, or delete the firewall rules.
The website itself may be legitimate but it has been hacked and manipulated. Alternatively, a hacker may replicate a well known website and post links online or send people emails with the links.
Theft Cookie theft occurs when a hacker steals a cookie that a user has been given by a website. The hacker then uses the same cookie to impersonate the user for that particular session that they are logged on.
That is why cookie theft is considered a form of session hijacking. For example, every time a user logs into Facebook, the website issues them a cookie that proves their identity during that session. If the user is browsing the Internet in a public place with free, unencrypted Wi-Fi, a hacker can use software to read, copy, and use the cookie.
The hacker will be able to post messages, change the user’s profile, and so on. Other types of session hijacking include sniffing and Evil Twin attacks. Sniffing is where a malicious hacker uses some kind of software to intercept information that is being sent or received by a particular device. An Evil Twin attack involves creating a Wi-Fi network that seems real but is not. Users unwittingly join the network, thus allowing the hacker to launch a man-in-the-middle attack.
9. Man-in-the-middle Attack
This is also abbreviated as MiM or MitM attack. It is an attack that involves a malicious hacker intercepting messages between two parties, impersonating both of them, and thus collecting the information that was being sent. The two parties will not be aware that the person who is communicating with them is an outside party.
It is a form of real-time eavesdropping that allows an intruder to manipulate others by injecting false information into an online conversation. The hacker will be able to request the parties to submit confidential information, such as bank account numbers and passwords. The conversation may be between two people or a client and a server. Financial websites are the most common targets of MitM attacks.
This is a computer software that a hacker installs on a victim’s computer in order to collect sensitive information without their knowledge. The software can be installed remotely without the hacker gaining physical contact to the victim’s computer. Unlike worms and viruses, spyware is not meant to transmit itself to other devices.
Hackers know that a user will never download spyware willingly, so they usually piggyback it onto legitimate software such as popular web utility tools or even anti- spyware programs. A user will simply download and run software from the Internet unaware that they are being spied on. Some spyware is even bundled with music CDs or shareware.
A user can also be tricked into clicking a button or link that, on the surface, appears to protect them from unwanted downloads. For example, a dialog box may pop up with an ad about free optimization of a computer system. The user is requested to click on the Yes or No button, but regardless of the button clicked, spyware is still downloaded.
You may also read:
- Enhancing Security with CIS Top 20 Critical Security Controls
- A Comprehensive Overview of ISO/IEC 27000 Series Standards for Information Security Management
- Enhancing Web Application Functionality and Security with Cookie Attributes
- Five Good Habits of a Security-Conscious Developer
- CISSP Security Domains: Building Blocks for Information Security
- Understanding the Categories of Information Security Risks
- Overview of Cloud Secure Data Lifecycle
- Cloud Computing Top Threats: Protecting Your Data in the Cloud
- Top 32 SIEM Use Cases You Need To Know
- 12 Ways of Keeping Your Computer Secure