Times change, and some trends go away, but something remains unchanged. Today we will talk about the types of attacks that are relevant today in 2022.
Phishing
Phishing attacks have not lost popularity after decades, being one of the most popular attacks of all time. As you remember, this type of attack is based on social engineering: the attacker needs to send a phishing email or make a phone call, ingratiating himself with the victim, and thus force the attacked person to perform the necessary action – provide access to the desired data or download malicious files.
Malware
The use of malware is also not new, but it requires close attention if you want to protect your system. In such attacks, the attacker can implement viruses, including worms, spyware, ransomware, adware, and trojans. The way of penetration can be, for example, a vulnerability in the system. In addition, the user himself can cause poisoning by infected or dangerous software if he clicks on a malicious link or, for example, wants to find out the contents of an unattended flash card – we are back to phishing attacks again.
SQL Injection
A Structured Query Language (SQL) injection attack occurs on a website that is driven by a database. In this case, the hacker manipulates a standard SQL query. The attack is carried out by injecting malicious code into the search bar of a vulnerable website. The result of the attack is that the hacker gains access to important information disclosed by the server.
Denial of Service
Denial of service attack is another popular attack that can cause serious harm to companies by sabotaging all online activities. The target of the attack are systems and servers, corporate systems and networks, which are flooded with traffic, which leads to a decrease in bandwidth and stagnation. In fact, the systems are overwhelmed with third-party traffic, which leads to their temporary incapacity.
Zero-Day Exploit
Such an attack becomes possible after the discovery and public announcement of a new network vulnerability. The attack becomes possible due to the fact that a solution for a new vulnerability is not developed immediately after publication, and along with ordinary users, attackers are also aware of the vulnerability. It is the time that the vendor needs to fix the vulnerability that is critical for the hacker and dangerous for the attacker.
