Types of Cyber Attacks

Photo by Leyre on Unsplash

Table of Contents

  1. Preface
  2. Attack Types
  3. USB
  4. Session Hijacking
  5. MITM
  6. Metasploit
  7. Persistent Attacks
  8. Debrief

Preface

Welcome! I would like to give some thoughts and basic information on the various types of Cyber Attacks.

Attack Types

DDoS — Affects availability in the CIA triad. Sends many requests to single/multiple machines to use up its resources

ARP poisoning — Takes an incorrect MAC address and links it to a legitimate IP address in order carry out actions from a foreign device using a recognized IP address

SMB(Server Message Block) — A type of MITM attack

DNS — Exploits in the Domain Name Server(Domain Hijacking, DNS Flood{DDoS}, DNS Cache Poisoning{spoofing similar to ARP poisoning})

USB

Sometimes automated, malicious payloads loaded onto a physical device that requires a direct connect interface, if autonomous you would want to make it seem like it was a personable item by adding a key chain or a useless house key onto the physical USB to make it more appealing for the victim to want to check the contents of the USB and plug it into their computer, giving it the presence of an actual victimless USB.

HID(human interface device) spoofing mimics keyboard strokes and performs pre-programmed keystrokes on the machine pretending to be a human(ducky script)

Malicious code usually found in the contents of the USB hidden in a file as a link or executing a picture to check it but runs as a program, or anything similar to this type of tactic, effectiveness depends on the attackers creativity

USB kill attack will harvest the power that is getting through and will store it to shoot it back at the machine is it connected to to try and kill off the machine, not really effective as it can get pulled out or the machine can be unplugged from the power source

Session Hijacking

An active session you are in has been copied/stolen in order for the attacker to access the same session without having to login using your login credentials, think XSS or CSRF

MITM(man in the middle) Attack

the attacker inserts their own device in between two connections to monitor/copy/change network traffic/data

Metasploit

Framework and the community are free with a pro version available for purchase, would encourage anyone to learn more about this tool as well

Metasploit runs on Unix (including Linux and macOS) and on Windows. The Metasploit Framework can be extended to use add-ons in multiple languages.

To choose an exploit and payload, some information about the target system is needed, such as operating system version and installed network services. This information can be gleaned with port scanning and TCP/IP stack fingerprinting tools such as Nmap. Vulnerability scanners such as Nessus, and OpenVAS can detect target system vulnerabilities. Metasploit can import vulnerability scanner data and compare the identified vulnerabilities to existing exploit modules for accurate exploitation.

Persistent Attacks

Unauthorized access to a computer network and remains undetected for an extended period:

Backdoors(RAT, user account)

Rootkit

SSH, RDP, VNC, Telnet

Shells

Scheduled Tasks

Debrief

I made this list just to write out some of the different types of attacks that occur in Cyber Space and I hope it helped explain some things or introduce some new ones to you. Thanks!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
D.M.

D.M.

26 Followers

Experienced Cyber Security/Intelligence Analyst with a demonstrated history of working in the US Military and IT industry.