Some of The Most Common Types of Hacking Attacks

There have been numerous technological advances over the years. But no matter what all new technologies are built on the same form of traditional network structures that have been in use since ages. Today, we will discuss some of the most common types of hacking attacks that have affected most of the devices over the years. Denial of Service Attacks: A Denial of Service attack is a hacking technique to take down a site or server by flooding that site or server with a lot of traffic, such that the server is unable to process all the requests in the real-time and finally crashes down. This popular technique, the attacker floods the targeted machine with tons of requests to overwhelm the resources, which, in turn, restrict the actual requests from being fulfilled.

For DDoS attacks, hackers often deploy botnets or zombie computers which work only to flood your system with request packets. Every year, as the malware and types of hackers are advancing, the size of DDoS attacks is also increasing. Court testimony shows that the first demonstration of DoS attack was made by Khan C. Smith in 1997 during a Def-Con event disrupting Internet access to the Las Vegas Strip for over an hour. The release of sample code during the event led to the online attack of Sprint, EarthLink, e-trade and other major corporations in the year to follow. Waterhole attack: In this process, hackers target the most accessed physical location to attack the victim. Few of the most vulnerable sites could be a coffee shop, a cafeteria, etc. Once hackers are aware of your routine, using waterhole attack hacking, they might create a fake Wi-Fi access point and modify your most visited website by redirecting them to a fake website and access your personal information. As this attack collects information of the user from a static place, detecting the attacker is even harder. Remedy: Avoid accessing your private accounts in public places.

Follow basic security practices and keep your software/OS updated. Fake WAP: A hacker can use software to fake a wireless access point. This WAP connects to the official public place WAP. Once you get connected to the fake WAP, a hacker can access your data, just like in the above case. It’s one of the easier hacks to accomplish and one just needs a simple software and wireless network. Anyone can name their WAP as some legit name like “NYU guest” or “Transit-Wireless” and start spying on you. Remedy: Avoid using public wifi.

Use a quality VPN service

Eavesdropping Unlike other attacks which are active in nature, using a passive attack, a hacker just monitors the computer systems and networks to gain some unwanted information. The motive behind eavesdropping is not to harm the system but to get some information without being identified. These types of hackers can target email, instant messaging services, phone calls, web browsing, and other methods of communication. Those who indulge in such activities are generally black hat hackers, government agencies, etc.

Phishing Phishing is a hacking technique using which a hacker replicates the most-accessed sites and traps the victim by sending them a spoofed link. Combined with social engineering, it becomes one of the most dangerous attack vectors. Once the victim tries to login or enters some data, the hacker gets their private information using the trojan running on the fake site. Phishing via iCloud and Gmail account was the attack route taken by hackers who targeted the “Fappening” leak, which involved numerous Hollywood female celebrities. According to the 2013 Microsoft Computing Safety Index, released in February 2014, the annual worldwide impact of phishing could be as high as US$5 billion. Remedy: Make sure that the site you have accessed is secure and trusted.

Virus or Trojan Virus or trojans are malicious software programs which get installed into the victim’s system and continuously transfer victim’s data to the hacker. They can also lock your files, send fraud advertisement, divert traffic, sniff your data, or spread on all the computer connected to your network. Remedy: Avoid accessing insecure sites or opening untrusted files.

ClickJacking is also known by a different name, UI Redress. In this attack, the hacker hides the actual UI where the victim. This behavior is very common in app download, movie streaming, and torrent websites. While they mostly employ this technique to earn money, others can use it to steal your personal information. In another words, in this type of hacking, the attacker hijacks the clicks of the victim that aren’t meant for the exact page. It works by fooling an internet user into performing an undesired action by clicking on hidden link. Remedy: Avoid accessing untrusted sites.

Cookie Theft

The cookies of a browser store our personal data such as browsing history, username, and passwords of different sites that we access. Once the hacker gets the access to your cookie, he can even authenticate himself as you on his browser. A popular method to carry out this attack is to encourage a user’s IP packets to pass through attacker’s machine. Also known as SideJacking or Session Hijacking, this attack is easy to carry out if the user is not using SSL (https) for the complete session. On the websites where you enter your password and banking details, it is very important to encrypt their connections. Remedy: Use a trusted browser or disable cookies.

Bait & Switch

Using bait and switch hacking technique, an attacker can buy advertising spaces on the websites. Later, when a user clicks on the ad, he might get directed to a page that’s infected with malware. This way, they can further install malware or adware on your computer. The ads and download links shown in this technique are very attractive and users are expected to end up clicking on the same. The hacker can run a malicious program which the user believes to be authentic. This way, after installing the malicious program on your computer, the hacker gets unprivileged access to your computer. Remedy: Avoid clicking on ads or buttons while surfing through insecure sites.