Introduction to Cyber Attacks (Note)
In this note, we will focus on the following topic:
1. Introduction to Cyber Attacks
Introduction to Cyber Attacks
Cyber Attacks are malicious attempts to damage, disrupt, or gain unauthorized access to a computer
system, network, or device, with the intention of stealing sensitive information, extorting money, or
causing harm.
Types of Cyber Attacks
There are various types of Cyber Attacks, each with their own methods and motivations. Here are
some of the most common types:
Malware: Malicious software designed to disrupt, damage or gain unauthorized access to a
system or network. Examples include viruses, worms, Trojan horses, and ransomware.
Phishing: Social engineering attack that tricks users into revealing sensitive information, such
as usernames and passwords, by disguising as a trustworthy entity.
Man-in-the-middle attack (MitM): Attack where a cybercriminal intercepts and alters
communication between two parties to steal data or spread malware.
Denial of Service (DoS) attacks: Attempts to make a network, service, or device unavailable
by overwhelming it with traffic or causing it to crash.
SQL Injection: Attack that exploits vulnerabilities in a website's database to steal sensitive
information.
Zero-Day exploits: Attacks that exploit previously unknown vulnerabilities in software or
hardware.
Advanced Persistent Threats (APTs)
APTs are sophisticated, long-term attacks, usually carried out by nation-state or well-funded criminal
organizations. APTs typically involve multiple stages, such as reconnaissance, infiltration, data
exfiltration, and exploitation. They often use advanced techniques, such as zero-day exploits, social
engineering, and spear-phishing, to gain access to a network and remain undetected for extended
periods.
Implementing Cyber Security Practices
Implementing Cyber Security Practices is crucial to preventing Cyber Attacks. Here are some best
practices:
Regularly update and patch software and systems.
Use strong, unique passwords and enable multi-factor authentication.
Monitor network traffic for suspicious activity.
Regularly backup critical data and test backups.
In this note, we will focus on the following topic:
1. Introduction to Cyber Attacks
Introduction to Cyber Attacks
Cyber Attacks are malicious attempts to damage, disrupt, or gain unauthorized access to a computer
system, network, or device, with the intention of stealing sensitive information, extorting money, or
causing harm.
Types of Cyber Attacks
There are various types of Cyber Attacks, each with their own methods and motivations. Here are
some of the most common types:
Malware: Malicious software designed to disrupt, damage or gain unauthorized access to a
system or network. Examples include viruses, worms, Trojan horses, and ransomware.
Phishing: Social engineering attack that tricks users into revealing sensitive information, such
as usernames and passwords, by disguising as a trustworthy entity.
Man-in-the-middle attack (MitM): Attack where a cybercriminal intercepts and alters
communication between two parties to steal data or spread malware.
Denial of Service (DoS) attacks: Attempts to make a network, service, or device unavailable
by overwhelming it with traffic or causing it to crash.
SQL Injection: Attack that exploits vulnerabilities in a website's database to steal sensitive
information.
Zero-Day exploits: Attacks that exploit previously unknown vulnerabilities in software or
hardware.
Advanced Persistent Threats (APTs)
APTs are sophisticated, long-term attacks, usually carried out by nation-state or well-funded criminal
organizations. APTs typically involve multiple stages, such as reconnaissance, infiltration, data
exfiltration, and exploitation. They often use advanced techniques, such as zero-day exploits, social
engineering, and spear-phishing, to gain access to a network and remain undetected for extended
periods.
Implementing Cyber Security Practices
Implementing Cyber Security Practices is crucial to preventing Cyber Attacks. Here are some best
practices:
Regularly update and patch software and systems.
Use strong, unique passwords and enable multi-factor authentication.
Monitor network traffic for suspicious activity.
Regularly backup critical data and test backups.
