What are the different types of Cyber Security?

What should you be aware of before you start with your journey as a Cyber Security professional? Check out the below kernel list of topics, which will give you a generic view of the types of Cyber Security and Cyber Security threats. 

1. What is Cyber Security?
2. Types of Cyber Security
   1. Network Security
   2. Cloud Security
   3. Application Security
3. What is a Cyber Security threat?
4. Types of Cyber Security Threats
   1. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
   2. Drive-by Attack
   3. Phishing and Spear Phishing Attacks
   4. Password Attack
   5. Cross-site Scripting (XSS) Attack
   6. SQL Injection
   7. Man-in-the-Middle (MITM) Attack
   8. Malware
5. Conclusion

Check out our YouTube video on the types of Cyber Security threats:

Let’s dive right in! 

What is Cyber Security?

Cyber Security is a set of practices that helps companies protect computer systems, network devices, and programs from cyberattacks. It is related to information security, and the two terms are used interchangeably at times. 

This field is becoming increasingly relevant due to the world’s huge reliance on the Internet for everything. It comes with significant complexities due to rapid technological growth and a notable number of cyberattacks. An astonishing data (University of Maryland) reveals that hackers attack every 39 seconds, which makes Cyber Security a major challenge in the contemporary world. 

Types of Cyber Security

Cyber Security is just an umbrella term that comprises various layers of security undertakings to secure data from cyber threats. Let’s have a look at the types of Cyber Security in this section. 

Network Security

As the name suggests, in network security you have to prevent malicious/unauthorized users from getting inside the network. This is crucial to keep a company’s integrity, reliability, and usability in place. You need to carefully monitor the incoming and outgoing traffic within the network. Moreover, to ensure secure transfer of data, you should have all vital software installed, including firewalls, anti-virus, VPN, anti-spyware, IPS, etc. to prevent cyberattacks. 

Cloud Security

Moving the on-premises data to the cloud is the trend now as IT companies are trying to reduce their operational costs. This means, instead of a traditional, secure stack, users are now connected online, which exposes them to hackers. This poses you with the need to ensure cloud security between the customer and the cloud provider. Also, you need to take control of IAM users. Competing with the current demands from the industry, well-known cloud providers such as AWS, GCP, and Azure are ready to provide you with a secure infrastructure. 

Application Security

Any application you launch in the market is always susceptible to cybercrimes as it is going to encounter a number of end-users and other stakeholders and, in turn, face the amplification of the network. Therefore, you need to protect the data you store on the application database from those who have access to your application. You should thus use various tools and methods to provide controlled access to your app and its data. You should also secure the app during the development and deployment phases. 

Prepare for your next job interview from our blog on Cyber Security interview questions and answers.

What is a Cyber Security threat?

When a malicious user exploits the vulnerability in a system by injecting harmful code, viruses, bugs, or malware, it becomes a Cyber Security threat. 

Every organization needs to have a defense strategy before it faces the risk of Cyber Security threats. A Cyber Security threat is a deliberate attempt by an unauthorized user to steal or misuse data, mostly to get some sort of financial gain.

Ready to advance your cyber security career? Enroll in our MBA in Cyber Security.

Types of Cyber Security Threats

Are you aware that Cyber Security threats come in different types? Below is the list of different Cyber Security threat types and their detailed explanations.

1. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
2. Drive-by Attack
3. Phishing and Spear Phishing Attacks
4. Password Attack
5. Cross-site Scripting (XSS) Attack 
6. SQL Injection
7. Man-in-the-Middle (MitM) Attack
8. Malware

Want to learn more about Ethical Hacking? Enroll in our CEH Training and Certification!

Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks

The goal of the Denial-of-Service attack is to make the service unavailable by flooding or crashing the system with voluminous traffic that the server cannot accommodate. In DoS, a single hacker/attacker penetrates the victim’s system; whereas, in DDoS, multiple attackers penetrate the victim’s system.

List of DoS Attacks

• Buffer overflow attack: A buffer is a physical area of storage that holds temporary data when moved from one place to another. Buffer can hold only a defined amount of data. When it exceeds the limit, it overwrites the memory adjacent to it causing the program to misbehave. An attacker uses this as an advantage to deliberately overwrite or replace the code in the buffer, which eventually causes the whole program to misbehave so that the attacker can take control of it.

• ICMP flood/Ping flood: Here, the attacker floods the target machine with ICMP ‘echo requests’ known as the pings. This results in Denial-of-Service to the target server.

• SYN flood: It is a protocol attack. SYN (synchronize) is the first step when you establish communication between two systems over the TCP/IP protocol. The receiver responds with an ACK (acknowledge) message on the successful connection. In SYN flood, the attacker initiates the connection and sends a massive number of SYN requests, but it does not get any ACK message back. This makes the server spend resources on the waiting responses till enough resources are consumed. The result is that the server becomes unresponsive to handle the legitimate traffic.

• Teardrop attack: In this type, the attacker sends segmented packets to a target machine. The TCP/IP protocol cannot reassemble fragmented packets, which results in an overlap of packets and eventually causes the target network machine to crash.

Have a look at our blog on DoS vs DDoS attacks to learn more about the differences and similarities.

List of DDoS Attacks

• Smurf attack: Here, the attacker floods the target server with Internet Control Message Protocol (ICMP) packets. The request is made from the spoofed IP of the target device to multiple network devices. When the devices respond, it amplifies the initial ICMP flood attack and overwhelms the target, making it unresponsive.

• HTTP flood: In HTTP flood, the attacker exploits the HTTP GET or POST requests to bombard the web server/application.

• Ping of death: IN this type, the attacker pings packets, which are larger than the maximum size, to disrupt the target machine and to crash it or freeze it.

• Botnet: A single attacker called the ‘bot herder’ takes control of a network of computers and exploits it. Here, the attacker acts as a main lead who commands every bot to carry out illegal actions coordinately. A bot refers to the single target machine and botnet refers to a group of bots which are under the command of bot herder who can control millions of bot at a time. When the attacker instructs for any updates to cause misbehaviour, all the bots receive simultaneously. 

Drive-by Attack

When the system has security flaws due to a lack of updates on OS, app, or browser, an attacker can trigger the unintentional download of malicious code to the targeted computer or mobile device, making it vulnerable. In this attack, the victim does not necessarily have to click on any links, open a malicious email attachment, or download any files.

Learn more about Cyber Security from our blog on Cyber Security Tutorial and upskill yourself!

Phishing and Spear Phishing Attacks

Phishing

In Phishing, an attacker masquerades as a trusted entity (a legitimate person/company) to obtain sensitive information by means of manipulating the victim. It is achieved by any kind of user interaction, such as asking the victim to click on a malicious link, download a risky attachment, etc. to get confidential information, including credit card information (carding), usernames, passwords, and network credentials. Phishing usually targets a larger number of recipients. 

Spear Phishing

In spear phishing, the attacker researches the particular target before crafting an email. It is targeted at a single person and addresses the person by name. This is to appear more authentic to get the personal information from the target to do illegal activities such as getting credit-card information or other vital details often intended for malicious benefits. Spear phishing is a more sophisticated attack that is done with the intention to spoil the credibility of an organization.

Get to know about the Cyber Security Analyst through this blog!

Password Attack

As the name suggests, here, the hacker tries to steal passwords. As per records, 81 percent of data breaches in 2020 were due to lousy credentials. There are various ways to carry out a password attack, the most common are mentioned below:

1. Brute-force attack
2. Dictionary attack

Brute-force Attack

A brute-force attack is a hack where the attacker tries to guess the target password by a trial-and-error method. It is mostly implemented with the help of automated software to login with credentials. In a brute-force attack, a large set of possible permutations are checked, and it is tested for every combination. It is generally a time-consuming process.

Dictionary Attack

In dictionary attacks, words with a high probability of success are only checked. This means that it has a pre-compiled list of passwords that are likely to work. It is less time-consuming since it does not check for all the combinations. 

Check out this interesting blog on Hacking Software now! 

Cross-site Scripting (XSS) 

Cross-site scripting (XSS) is an application layer attack where it targets users directly. In this attack, the application is not the victim; instead, the users who are accessing it are at risk. This is done by injecting malicious JavaScript code onto the HTML page, which gets displayed to the user.

This can be possible if the application dynamically accepts user data without proper validation, and when the user loads the page, the control gets redirected to the hands of the hacker who can perform illegal activities. The primary concern here is that it causes the sensitive user data to be exposed, and the hacker can now impersonate the user, seize online accounts, steal session cookies, upload ‘Trojan horse’ programs, and redirect to harmful web pages, all at the user’s end. 

There are three types of XSS attacks, based on how the attacker places the payload. Let’s see them further.

Reflected (Non-persistent) XSS

As the name suggests, the attacker sends the payload to each victim. It is achieved by tricking the user to click on fatal links and using email phishing to send malicious requests to the server. This makes the user unknowingly send the infected script as a usual request from the server to the client. When the server responds, it loads and executes the malign scripts to the victim’s client. That is why it is known as reflected XSS. 

Say goodbye to perimeter-based security. Explore the benefits of Zero Trust Security and discover how it can enhance your organization’s resilience against sophisticated attacks.

Non-reflected (Persistent) XSS

It gets the term ‘persistent’ because, here, the attacker injects the malicious script (payload) only once into the application database. Afterward, whenever any user loads the application, it delivers the payload since it is stored on the server-side.

DOM-based XSS

This attack is possible only if the application uses Document Object Model (DOM). Here, the data remains on the client-side, and the web browser/application reads and gives the respective output. The data that is stored in DOM is not sent to the server. The attacker injects the payload into DOM via the browser’s API or URL. When the user clicks on that URL, it triggers DOM to update the browser to include and execute the attacker’s script.

SQL Injection

In general, users do not have permission to interact with the database of an application. However, in SQL injection, the attacker injects the malicious code into the backend database by illegal means. It is then used to carry out SQL operations such as add, insert, or delete on the data to modify it, resulting in the loss of data integrity. SQL injection costs an organization with reputational loss and lack of trust from customers due to the leakage of sensitive information, users’ personal data, credit card details, and passwords by the attacker’s unauthorized access.

Example of SQL Injection

Let’s say you visit a shopping website, and you want to see the list of all products under the mobile phones category. 

1. You request the browser with the below URL:

2. The application retrieves the data from the database with the below SQL query:

SELECT * FROM products WHERE category = 'Gifts' AND released = 1

Here, ‘released =1’ is used to restrict the product listing to list only the released products

3. Then, the attacker modifies the SQL query like below:

SELECT * FROM products WHERE category = 'Gifts' '--' AND released = 1

Since ‘—’ acts as a comment indicator in SQL, it does not read the code ‘AND released = 1’. This results in displaying all the product listings, including the unreleased products. 

Are you looking to become a Cyber Security Expert? Go through Intellipaat’s Cyber Security Master’s Program!

Man-in-the-Middle (MitM) Attack

In a Man-in-the-Middle attack, the attacker puts himself in between the sender and the receiver to disrupt the communication flow. The goal is to steal trade secrets, eavesdrop to gain personal data, and impersonate genuine entities to get information such as credit card details.

Cybercriminals can perform Man-in-the-Middle attacks in various ways. Below are the common techniques used by them: 

DNS Spoofing

In DNS spoofing, the attacker manipulates a user to visit a fake website by redirecting the user from the website he/she intends to browse. The idea behind this is to make users believe that they are landing on a secure and trusted website while they actually end up interacting with a fraudulent application/website. This way, the attacker can diverge and get the real website traffic to gain unauthorized access to login credentials. 

Get to know the difference between Cyber Security and Information Security!

Email Hijacking

In this case, the attacker spoofs a trusted institution to convince the users to provide personal information. For example, an attacker who disguises him/herself as a trusted bank sends an email to the customers and convinces them to follow the attackers’ instructions. The victims might end up doing some transactions with the attacker than the bank. 

Wi-Fi Eavesdropping 

Public Wi-Fi always comes with a risk. Attackers can easily set up a fake Wi-Fi that tricks you into intercept as a legitimate connection. This malicious act is pulled off easily by establishing the wi-fi with familiar business names. Wi-Fi eavesdropping helps cybercriminals read your cookies, monitor your online activities, get payment information, and login credentials, etc.

Know how to start an Ethical Hacking Career in India through this blog!

Malware

Malware is any type of malicious software that is installed to wreck the target system to practice felonious acts. Malware is an umbrella term, which has various classifications to it. Some of the common malware are listed further.

Viruses

Viruses are malicious code that can replicate themselves and modify the functionality of other programs by inserting their code into the system. This behavior corrupts the whole computer program. However, for the virus to manifest, it must be triggered by the host. 

Worms

Worms are similar to viruses in replicating themselves, but they do not need any external trigger. As soon as they break into the system, they can self-propagate independently without any activation. There is no need to execute the malicious code, and no human intervention is required.

Trojans 

Trojans are illegitimate code or software that disguise themselves as a trusted source to trick the victim to download it. After download, once the file is executed, it takes control of the system to perform malicious activities. 

Ransomware

Ransomware is a type of malware that encrypts the victim’s data thereby denying access to the original party. On the successful installation of the demanded ransom by the cybercriminal, the target gets the decryption key. 

Malvertising

Malvertising refers to the injection of maleficent code into legitimate online advertising networks, which redirects users to unintended websites. 

Stay Informed: Learn About Different Types of Cyber Attacks!

Conclusion

We have come to the end of this blog, and, hopefully, you have found this resource to be well-enhancing your understanding of the types of Cyber Security and the types of Cyber Security threats. As technology progresses, day by day, you will encounter more new cyber threats, so it is quintessential for you to keep yourself up to date about the emerging threats to cope with and defend against unlawful hackers. If you find a career in Cyber Security to be exciting, then you should check out Intellipaat’s Cyber Security Certification and enroll today!

Have got more doubts about the types of Cyber Security? Shoot it right away in our Cyber Security Community.