What are the most popular types of cyber attacks? The answer changes constantly.
By identifying the most popular attacks in Q2 of 2016 in the chart below, the Security Engineering Research Team (SERT) has taken the guess-work out of knowing what you’re up against.
Web Application Attacks – 24%
Popular variations of a web application attack for this quarter include SQL injection, aka SQLi (45% of all web app attacks) and cross-site scripting (XSS).
SQLi occurs when an attacker inserts (or ‘injects’) a malicious SQL statement into a form on the targeted website. By doing this, the cyber attacker can get information from the company’s database, including customer information and credit card data.
Cross-site scripting is a web application vulnerability that hackers can exploit to push scripts and other information onto the pages of a victim’s website.
In order to prevent cyber attacks such as these, app developers must know how to secure and maintain their code. Adding a captcha or a web application firewall can also help ward off hackers.
Malware – 19%
Malware attacks come in all shapes and sizes, from viruses and worms to spyware and ransomware. No company is completely safe from malware.
Your best bet on minimizing your risk of a malware infection is to educate your users on being network-security savvy. Don’t open suspicious links or emails, and if you do, report it to the right people ASAP.
Application Specific Attacks – 19%
Application-specific attacks are exactly like their namesake. These cyber attacks target specific applications depending on the results of packet sniffing, which captures all of the data packets traveling through an application.
By using a packet sniffer, hackers can get information about a potential victim such as what operating systems they use, typical network traffic, and other applications and programs in use.
Attackers are then able to up their success rates by tailoring their approach to a specific vulnerability in a specific application.
DoS/DDoS Attacks – 9%
DoS (Denial of Service) attacks happen when a hacker overloads and/or crashes a server by overpowering it with a multitude of requests.
DDoS (Distributed Denial of Service) attacks are similar, but are conducted with a larger network, typically known as a botnet.
Simple ways to combat DDoS/DoS cyber attacks are to filter traffic by region and protocol, detect flow anomalies, deploy dedicated DDoS mitigation, and update your disaster recovery plan with your client.
If you store and manage your own data, there are a number of ways to protect yourself from an attack.
Reconnaissance – 9%
There are two types of reconnaissance attacks: passive and active.
Passive reconnaissance attacks are when an attacker looks for private information without engaging with the victim’s systems. Active reconnaissance happens when the hacker does engage with the victim’s system.
Sometimes both active and passive reconnaissance are called passive, since neither are actually exploiting a victim, but are instead are collecting data in preparation for a larger attack.
Preventing these attacks can be as easy as having a strong firewall and IPS in place.