Get started on your cybersecurity degree at American Military University.
By Marissa Bergen
In today’s high-tech world, we are constantly vulnerable to cybersecurity threats. The ability to identify different types of cyber attacks is a useful way to protect yourself.
There are several types of attacks that commonly occur on the Internet. These attacks include Denial of Service (DoS), Man in the Middle (MitM), phishing and spearphishing.
Denial of Service (DoS) Cyber Attacks
A denial of service attack overwhelms a system’s resources so that it cannot respond to service requests. This type of attack is launched from a large number of host machines infected by malicious software and controlled by the hacker.
Unlike other types of attacks, DoS attacks do not provide hackers with access to personal information. Usually, they are done simply for the satisfaction of causing harm to a company. The may also be launched by a competitor trying to damage the company’s business.
Common types of DoS attacks include:
There are various ways to protect against DoS attacks and the method you choose will vary depending on the type of attack you want to avoid. Firewalls can be useful in TCP SYN and ping-of-death attacks, while various types of filtering can protect against botnets. To protect against teardrop and smurf attacks, you will have to disable various components of your computer system.
Man in the Middle (MitM) Attacks
These attacks occur when the hacker inserts himself or herself between the communications of a client and a server. Session hijacking and Internet Protocol (IP) spoofing are both forms of cyber attacks where the attacker mimics an IP address so that the victim believes that he or she is communicating with a trusted source. The attacker can use this method to gain access to valuable information.
With these types of cyber attacks, encryption can be used to protect yourself. Encryption ensures that any communications come from a trusted source.
Replay attacks are also common MitM attacks. A hacker will save old messages and try to resend them at a later time, once again mimicking a trusted source. These attacks can be avoided by using session time stamps or nonce (a random number of character strings that changes with time).
Phishing and Spearphishing
Phishing involves an email that appears to be sent from a trusted source. However, it is actually delivered with the intent of gaining access to personal information or to panic the user into opening an attachment or clicking on a link.
Often, the attachment or link loads malicious software into the computer. Spearphishing is a similar type of attack, but is personalized to the chosen victim.
Protect Yourself through Common Sense and Sandboxing
Luckily, many attacks can usually be circumvented by using common sense. If you see an email that looks suspicious, stop before opening it. Analyze the email and the header. Hover over links to see where they will take you before clicking on them.
You can also use sandboxing to protect yourself. Testing an email in a sandbox environment allows you to safely open attachments and click on links without making yourself vulnerable to an invasion. Another option is to forward a suspicious email to your IT department for analysis.
Protecting your personal information on the Internet is not easy, but it can be done if you are familiar with the various types of threats and know how to avoid them. Stay safe!
About the Author
Marissa Bergen is a freelance writer who originally comes from Brooklyn, New York. Passionate about everything from fashion to technology, her writing experience has increased her awareness of digital marketing, cybersecurity and the ever-expanding World Wide Web. She lives in Los Angeles with her husband and two children. Google her to find out more about her writing and her other life as a bass player in her family band, The CheeseBergens.