This is often spread through phishing emails that encourage you to download a malicious attachment, or through a software vulnerability.
ransomware
This attack exploits software vulnerabilities before they become known or before they are disclosed by the software vendor.
Zero-day attack
This attack happens when a cybercriminal takes control of a device without the user's knowledge and can intercept, manipulate and relay false information.
Man-in-the-Middle attack
In this attack, an attacker builds a network (botnet) of infected hosts called zombies, which are controlled by handler systems.
Distributed denial of service (DDoS)
The most common way to do this is to change the administrator’s contact email address through social engineering or by hacking into the administrator's email account.
Domain hijacking
This can run by itself.
worm
This appears legitimate but is, in fact, very dangerous.
Trojan horse
This is a malicious program that waits for a trigger, such as a specified date or database entry, to set off the malicious code.
logic bomb
This type of attack occurs when an attacker captures communication between two hosts & then retransmits the message to the recipient, to trick the recipient into doing what the attacker wants, thus circumventing any authentication mechanism
replay
These are a major risk as they usually result in some sort of interruption to network services, causing a significant loss of time and money.
DoS
Other than the initial infection of the host, these do not require user participation and can spread very quickly over the network, usually slowing it down.
worm
This attack efers to recording or logging every key struck on a computer’s keyboard.
Keyboard logging or keylogging
This is a type of network attack that is relatively simple to conduct, even for an unskilled attacker.
Denial of service (DoS)
In this attack the hacker will instruct the handler systems to make the botnet of zombies carry it out.
Distributed denial of service (DDoS)
ZeuS is an example of a malware package that allows for this type of attack.
Man-in-the-Mobile Attack
Attackers can exploit this. Instead of taking you to the eLearning login page, they can redirect you to a malicious site.
Uniform resource location (URL)
This does not self-replicate but often binds itself to non-executable files, such as image, audio or video files, acting as a decoy to harm the systems of unsuspecting users.
Trojan horse
This attack is when an attacker floods the network with fake MAC addresses, compromising the security of the network switch.
MAC Flooding
This type of DoS attack is when a network, host, or application is sent an enormous amount of data at a rate it can't handle, causing a slowdown in transmission or response or service to crash.
Overwhelming quantity or traffic
This is when attackers can intercept or modify communications between two devices to steal information from or to impersonate one of the devices.
Man-in-the-Middle
This is a malicious software program that replicates by independently exploiting vulnerabilities in networks.
worm
How do you defend against attacks?
Configure firewalls; apply patches & updates; distribute workload across server systems; block external ICMP packets
This is an attack in which false data is introduced into a DNS resolver cache — the temporary database on a computer’s operating system that records recent visits to websites and other Internet domains.
DNS Spoofing or DNS cache poisoning
This attack originate from multiple coordinated sources.
Distributed denial of service (DDoS)
A packet is a collection of data that flows between a source & destination computer or application over the network. When a maliciously formatted packet is sent, the receiver will be unable to handle it causing the device to slow or crash
Maliciously formatted packets
This is the time an exploit is discovered
zero hour
This is malware that carries out malicious operations by masking its true intent.
Trojan horse
This sends IP packets from a spoofed source address in order to disguise it.
IP spoofing
This is a type of impersonation attack that takes advantage of a trusted relationship between two systems.
Spoofing or poisoning
In 2001, this infected over 300,000 servers in just 19 hours.
the Code Red worm
This will remain inactive until the trigger event happens.
logic bomb
This works by encrypting your data so that you cannot access it.
ransomware
An organization needs to monitor this, including its IP address, to help protect against malicious external domains.
Domain reputation
This is a type of computer program that, when executed, replicates and attaches itself to other files, such as a legitimate program, by inserting its own code into it.
virus
This can attack and destroy the hardware components in a device or server, including the cooling fans, central processing unit (CPU), memory, hard drives and power supplies.
logic bomb
This is when an attacker wrongfully gains control of a target’s DNS information, they can make unauthorized changes to it.
Domain hijacking
This is malware designed to hold a computer system or the data it contains captive until a payment is made.
ransomware
Most of these require end-user interaction to initiate activation, and can be written to act on a specific date or time.
virus
This was released in 1999 and spread via email, affecting tens of thousands of users and causing an estimated $1.2 billion in damage.
Melissa virus
When is the network most vulnerable to a zero-day attack?
Between the zero hour and the time it takes for the software vendor to develop and release a patch that fixes this exploit.
This can be spread through removable media such as USB flash drives, Internet downloads and email attachments.
virus
This type of software is used by parents to keep an eye on their children’s internet behavior.
keylogging software
These share similar patterns: they exploit system vulnerabilities, they have a way to propagate themselves and they all contain malicious code (payload) to cause damage to computer systems or networks.
worm
This attack links an attacker’s MAC address to the IP address of an authorized device on the network.
ARP spoofing
This type of attack is used to take control over a user's mobile device and exfiltrate user-sensitive information.
Man-in-the-Mobile Attack
This type of attack can reveal usernames, passwords, websites visited and other sensitive information.
keyboard logging or keylogging
In this attack zombie computers constantly scan and infect more hosts, creating more and more zombies.
Distributed denial of service (DDoS)
This occurs when an attacker disguises their device as a valid one on the network and can therefore bypass the authentication process.
MAC address spoofing
This exploits the privileges of the user who runs it.
Trojan horse
Your experience on this site will be improved by allowing cookies.