1 / 6

Types of Cyber Attacks and How to Prevent Them

To maintain a certain degree of security, the main and first thing is we need to understand how they can attack us and what these threats consist of, in order to be able to remedy them in the best possible way. This list helps us to understand the definitions of all the attacks and symptoms associated with them.

briskinfosec
Download Presentation

Types of Cyber Attacks and How to Prevent Them

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. https://www.briskinfosec.com Briskinfosec Technology and Consulting Pvt Ltd Mobile: 8608634123 https://www.briskinfosec.com https://www.facebook.com/briskinfosec https://twitter.com/briskinfosec Types of Cyber attacks and how to prevent them

  2. https://www.briskinfosec.com Types of Cyber attacks and how to prevent them To maintain a certain degree of security, the main and first thing is we need to understand how they can attack us and what these threats consist of, in order to be able to remedy them in the best possible way. This list helps us to understand the definitions of all the attacks and symptoms associated with them. The last decade has witnessed a paradigm shift in which hackers seek to exploit vulnerabilities within organizations and national infrastructures. In order to counteract, we all have to change our perspective towards the way we perceive security, know certain attacks and how we can learn from them to be as well prepared as possible, since it is not possible to say in security “prepared” to dry. 1. DoS attack In a denial of service (DoS) attack, an attacker attempts to prevent the legitimacy of users from accessing information or services. The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When we type a URL of a particular website in our browser, we are sending a request to the site's web server to be able to view the specific page. The server can only process a certain number of requests at one time, so if an attacker overloads the server with requests, that request cannot be processed. This is a "denial of service" as the site is not accessible. 2. Ping Flood

  3. https://www.briskinfosec.com Ping flood relies on sending the victim an overwhelming number of ping packets, usually using the UNIX "ping" command as hosts (the -t flag on Windows systems has a much less malicious function). It is very simple to launch, the main requirement is to have access to a bandwidth greater than the victim. 3. Ping of death The attacker sends an ICMP packet of more than 65,536 bytes. Since the operating system does not know how to handle such a large package, it freezes or hangs upon reassembly. Today, the operating system drops such packets on its own. But it had to enumerate said mythical attack (Many others on this list are obsolete, but they had to be enumerated) 4. Port scan Port scanning is one of the most popular reconnaissance techniques used by attackers to discover services exposed to possible attacks. All machines connected to a local area network (LAN) or the Internet run many services that listen on well-known and less well-known ports. A port scan helps the attacker find what ports are available (that is, what service might be listing a port). Essentially, a port scan consists of sending a message to each port, one by one. The type of response received indicates whether the port is listening and can therefore be further tested for weakness. 5. ARP Spoofing ARP Poison Routing (APR) is a technique used to attack a wired or wireless Ethernet network. ARP Spoofing can allow an attacker to discover data frameworks on a local area network (LAN), modify the

  4. https://www.briskinfosec.com traffic, or stop the traffic entirely. The attack can only be used on networks that actually use ARP and not on another method of address resolution. The detection is done through reverse ARP (RARP) which is a protocol used to query the IP address associated with a given MAC address. If more than one IP address is returned, MAC cloning is present. 6. ACK flood This is a technique to send a TCP / ACK packet to the target often with a spoofed IP address. It is very similar to TCP / SYN flood attacks 7. FTP Bounce attack The attacker can connect to FTP servers and intend to send files to other users / machines using the PORT command. For the FTP server to try to send the file to other machines on a specific port and verify that the port is open. It is obvious that FTP transfer would be allowed on firewalls. These days almost all FTP servers are implemented with the PORT command disabled. 8. TCP Session Hijacking This is the case when the "Hacker" takes over the existing TCP session, already established between the two parties. In most TCP sessions, authentication occurs at the beginning of the session, hackers carry out this attack at that time. 9. Man-In-The-Middle Attack

  5. https://www.briskinfosec.com An MITM attack occurs when a communication between two systems is intercepted by an external entity. This can happen in any form of online communication such as email, social media, web browsing, etc. They are not only trying to eavesdrop on our private conversations, but they can also direct all the information within the devices. Removing all the technical details, the concept of an MITM attack can be described in a simple scenario. If we imagine that we go back to ancient times when snail mail was plentiful. Jerry writes a letter to Jackie expressing his love for her after years of hiding his feelings. He sends the letter to the post office and is picked up by a nosy mailman. He opens it and, for the sake of pleasure, decides to rewrite the letter before delivering the mail to Jackie. This can make Jackie hate Jerry for the rest of her life. A more modern example would be a hacker between us (and our browser) and the website you are visiting to intercept and capture any information we send to the site, such as login credentials or financial information. 10. Social Engineering Attack Social engineering is the art of manipulating people into giving up confidential information. The types of information these criminals seek can vary, but when individuals are targeted, the criminals generally try to trick you into giving them your password or banking information, or accessing your pc to secretly install malicious software, which will give you access. to their passwords and bank information, as well as to give them control over it.

  6. https://www.briskinfosec.com Criminals use social engineering tactics because it is generally easier to exploit the natural inclination to trust than to discover ways to hack your software. For example, it is much easier to trick someone into giving you their password than to try to hack their password (unless the password is really weak). Security is about knowing who and what to trust. Know when and when not to do it, to take a person's word for it; when to trust that the person we are communicating with is in fact the person you think you are communicating with; when to trust that a website is or is not legitimate; when to trust that the person on the phone is or is not legitimate; when providing our information is or is not a good idea. Ask any security professional and they will tell you that the weakest link in the security chain is the human being who accepts a person or a scenario at face value. It doesn't matter how many locks and bolts there are on our doors and windows, or whether we have guard dogs, alarm systems, searchlights, barbed wire fences, and armed security personnel; If we trust the person at the door who says he is the pizza delivery man and we let him in without first checking to see if he is legitimate, we are fully exposed to whatever risk letting him in represents.

More Related