网络攻击最常见的类型

胡文明

Increasing usage of the internet has also led to an increase in cyber-crimes/cyber-attacks. But how many types of cyber-attacks are you familiar with？ In order to tackle cyber threats， you must be well aware of its nature.

What are cyber-attacks？

A cyber-attack is defined as an attack originated by a digital system against another digital device， website， or any other digital system and compromises1 its privacy， reliability or the data stored in it.

Not only these attacks are a threat to digital individuals but are a great threat to businesses as well.

Why are cyber-attacks initiated？

Before moving further to types of cyber-attacks， let us first have a look at the reasons for initiating cyber-attacks：

Acquiring unauthorized2 access to a digital network， system or its data.

Denial of service.

Virus or malware3 installation.

Hacking a website for unsolicited4 purposes.

To get access to personal and secure information of people and businesses.

Unauthorized use of a computer.

Types of cyber-attacks

Cyber-attacks can be of various types. You need to be aware of all those types of cyber-attacks to guarantee your utmost safety and security.

1） Malware

Malware is considered as software that is intentionally developed to disrupt computer， server， client， or computer network.

Malware can be in the form of scripts， executable codes， active content， and other malicious software.

These codes can be computer worms， viruses， ransomware5， Trojan horses， adware， spyware， or scare ware.

The most prominent6 damages caused by malware are：

As ransomware， it blocks access to key components of the network.

Installs harmful software/malware.

As spyware， they can steal valuable information from your system.

They can damage certain hardware components of your system and make them inoperable.

2） Phishing

The main aim of phishing is to steal restricted and private information such as credit card details， login ids， and passwords， etc.

By impersonating7 oneself as a reliable establishment in electronic com-munication. It is usually done through email spoofing or instant messaging.

They carry a link that directs users to a fake website which looks similar to the legitimate site and asks them to enter personal and secure information. It is a fraudulent activity intended to cheat users.

They bait the users by claiming to be from a reliable third group such as auction sites， online payment processors， social web sites， banks， or IT administrators.

3） Man-in-the-middle attack

In man-in-the-middle （MitM） the invader covertly8 modifies the chats and dialogues between two people who are communicating with each other.

In a man-in-the-middle attack， the communicators are made to believe that they are directly communicating with each other without any interference from any third party.

But the truth is that the whole communication is controlled by the invader while making the communicators believe that they are talking to each other. It is also known as eavesdropping.

The entry points for MitM

The invaders can easily take control of private chats over an unsecured public Wi-Fi. Invaders can inset9 between the device and the network and can take control of the private chats in the network. The communicators without having any idea pass all the conversation to the invaders.

It can also be done through malware. In such cases， the invader installs software on the victims device to process all his information.

4） Denial-of-service attack

In denial-of-service attack （DoS attack） the offender tries to make digital assets inaccessible to its anticipated users.

The offender provisionally10 inter-rupts services of a host who is linked to the Internet. It involves overflowing the besieged11 machine with surplus applications to burden it from fulfilling the legitimate requests.

5） SQL injection attack

A Structured Query Language （SQL） injection attack allows the intruders to run malicious SQL statements. These SQL statements have the power to take over the database server.

Using SQL injection intruders can overcome application security measures.

It allows them to pass through the validation and approval process of any web application.

It also allows them to recover the entire data from their database. It also gives access to intruders to add， modify， and delete data in the database.

An SQL injection allows intruders to fiddle with various databases including MySQL， Oracle， SQL Server， or others. It is widely used by attackers to get access over：

Personal data.

Intellectual property.

Customer information.

Trade secrets and more.

6） Zero-day attack

The zero-day vulnerability is a defect in the software， hardware or even the firmware.

It is hidden from the teams responsible for fixing this bug. It is referred to as zero-day as it has a zero-day time gap between the time it is detected and the first attack.

7） Cross-Site Scripting

In Cross-Site Scripting （XSS） attacks the malicious scripts are embedded to reliable websites.

The intruders send malicious code to different users by embedding them into a trusted website usually as a browser side script.

The web browser cannot recognize this malicious script and has no idea that it is unreliable， and hence it executes the script as it comes from a trusted source. But alas these malicious scripts have powers to access any session tokens， cookies， or any other secret information that is used by that site.

8） Credential reuse attack

With almost every personal account asking for IDs and passwords， we tend to reuse them for various accounts.

Reusing the same password can be a big threat to your security.

The intruders can steal your user-names and passwords from a hacked website and they get a chance to log in to your other accounts using the same IDs and passwords.

And if you have reused them they get a golden opportunity to peek into your private accounts including your bank account， email， your social media accounts， and many others.

9） Password attack

Passwords are the main gateways to securely enter into your personal accounts. Getting access to these passwords is an age-old and most convenient way to intrude into someones private account.

Our passwords are usually connected to our lifes incidents， people and places， and hackers take benefit of such details. They can even sniff into the network to gain access to unencrypted passwords.

Attackers can use either of the below given two approaches to hack your passwords：

Brute-force

Brute-force is just like any other guessing game where you apply your wits and logic and expect that one of your guesses might work.

Dictionary attack

In such attacks， attackers use a diction-ary of common passwords to intrude into the users computer and network.

The attackers copy encrypted file having the list of passwords， and use it to a dictionary of frequently used passwords. They then compare the results to take hold of the users password.

10） Drive-by download attack

Drive-by download attack is a common method used by hackers to spread malicious scripts or codes on users sys-tems.

Attackers embed a malicious script into an insecure websites pages. Whenever you visit such websites， the scripts will automatically install on your system or might redirect you to a website that is controlled by the attacker.

These attacks can occur by visiting a website， a pop-up window or an email message. Drive-by downloads do not require users input to get activated.

It does not require you to download/open any malicious attachment. It uses an operating system/web browser with inadequate security features.

随着互联网的逐渐普及，网络犯罪与网络攻击也与日俱增。而你又了解多少种网络攻击呢？为了应对网络威胁，你必须充分認清其本质。

什么是网络攻击？

网络攻击由一个数字系统发起，针对另一数字设备、网站或任何其他数字系统进行攻击，网络攻击有损被攻击对象的隐私、信誉或储存其中的数据。

这些攻击不仅危及互联网个人用户，也会对企业造成巨大威胁。

为什么发起网络攻击？

在进一步阐述网络攻击的类型之前，我们先来看看发起网络攻击的原因：

未经授权访问数字网络、系统或其数据;

拒绝服务;

安装病毒或恶意软件;

擅自入侵网站;

窃取个人与企业的私密、安全信息;

未经授权使用计算机。

网络攻击的类型

网络攻击有多种类型。为了最大程度保证安全，你需要了解所有类型的网络攻击。

1）恶意软件

恶意软件是指蓄意开发以破坏计算机、服务器、客户端或计算机网络的软件。

恶意软件形式多样，包括脚本、执行代码、活动内容以及其他恶意软件。

这些代码可能是计算机蠕虫、病毒、勒索软件、特洛伊木马、广告软件、间谍软件或恐吓软件。

恶意软件造成的最为显著的危害如下：

勒索软件会阻断对网络关键组件的访问;

安装有害软件或恶意软件;

间谍软件会从系统窃取有价值的信息。

它们可以破坏系统的某些硬件组件，令其无法运作。

2）网络钓鱼

网络钓鱼的主要目的是窃取机密、私密信息，如信用卡明细、登录名与密码等。

诈骗者会在电子通信中假扮信誉良好的企业或机构，常用手段为仿冒电邮或即时通信。

他们附带链接将用户引至状似合法网站的伪造站点，要求用户输入个人安全信息。网络钓鱼是一种蓄意欺骗用户的诈骗活动。

诈骗者通过声称自己来自拍卖网站、在线支付平台、社交网站、银行等可信的第三方机构，或谎称自己是信息技术管理员来诱骗用户。

3）中间人攻击

在中间人攻击（MitM）中，入侵者会暗中修改交流双方的聊天对话数据。

在该模式下，入侵者会令交流双方相信，彼此是在不受第三方干扰的情况下直接交流。

然而事实却是入侵者控制着整个交流过程，同时让交流双方认为他们在直接对话。这种攻击也被称为窃听。

中间人攻击的入口点

入侵者可以通过不安全的公共无线网络轻易控制私人聊天。他们可以介入设备与网络之间，控制该网络下的私人聊天。交流者毫不知情地将所有对话传给了入侵者。

这种攻击也可以通过恶意软件实现。在该情况下，入侵者将软件安装在受害人的设备上来处理其所有信息。

4）拒绝服务攻击

在拒绝服务攻击（DoS攻击）中，攻击者试图令数字资产无法被其预期用户所访问。

攻击者短暂中断联网主机的服务。这种方式利用过多的应用程序令被攻击的机器溢出，从而使其因不堪重负而无法处理合法的请求。

5）SQL注入攻击

结构化查询语言（SQL）注入攻击可让入侵者运行恶意的SQL语句。这些SQL语句能够接管数据库服务器。

入侵者使用SQL注入可以攻破应用程序的安全措施。

它可以让入侵者通过任何网络应用程序的验证批准过程。

它也可以让入侵者从自己接管的数据库恢复全部数据。它还可以让入侵者拥有添加、修改、删除数据库数据的权限。

SQL注入让入侵者可以控制MySQL、甲骨文、SQL服务器等多类数据库。攻击者常用其来获取：

个人数据，

知识产权，

客户信息，

交易机密等。

6）零日攻击

零日漏洞是指软件、硬件乃至固件中的缺陷。

该漏洞不会被负责修复的团队查出。之所以称为零日是因为发现漏洞的时间与首次攻击之间是零时差。

7）跨站脚本

在跨站脚本（XSS）攻击中，入侵者将恶意脚本嵌入可信的网站中。

入侵者通常以浏览器端脚本的形式将恶意代码嵌入可信的网站中，以此将恶意代码发送给不同的用户。

网页浏览器无法识别该恶意脚本，也不知道该脚本不可信，因此会视其来源可靠并执行该脚本。然而这些恶意脚本能够访问任何会话令牌、小型文本文件或该网站使用的任何其他秘密信息。

8）凭据重用攻击

几乎每个个人账户都要求输入用户名与密码，因此我们往往将其重复用于多个账户。

重复使用相同的密码可能会对你的信息安全造成重大威胁。

入侵者可以从一个被黑的网站窃取你的用户名与密码，并借机使用相同的用户名与密码登录你的其他账户。

如果你重复使用用户名与密码，入侵者便可趁此“良机”窥探你的私人账户，包括银行账户、电邮、社交账号和许多其他账户。

9）密码攻击

密码是安全登录个人账户的主要途径。获取密码是入侵他人私密账户最便捷的方式，这种方式由来已久。

我们的密码通常都与生活中的事件、人物与地点有关，黑客们则会利用此类信息。他们甚至可以潜入网络获取未加密的密码。

攻击者可以使用以下两种方式中的任一种来窃取密码：

暴力破解

正如其他猜谜游戏一样，暴力破解是应用智慧与逻辑以期猜中密码。

字典攻击

在此类攻击中，攻击者会使用常用密码字典入侵用户的计算机与网络。

攻击者复制存有密码列表的加密文件，将其应用到常用密码字典中。接着他们会对比结果来窃取用户密码。

10）路过式下载攻击

路过式下载攻击是黑客在用户系统上散布恶意脚本或代码的一种常用方式。

攻击者将恶意脚本嵌入不安全的网站页面。当你访问这类网站时，脚本便会自动安装到你的系统上，或者可能将你重新导向一个被攻击者控制的网站。

这些攻击可以通过网站访问、窗口弹出或邮件信息的方式产生。路过式下载不需要用户输入激活。

它不需要下载或打开任何恶意的附件。此类攻击利用了安全功能不完善的操作系统或网页浏览器。

（译者为“《英语世界》杯”翻译大赛获奖者）