What is a Cyberattack?

A cyberattack is a malicious activity that cybercriminals launch using different tactics against systems and networks. Hackers use cyberattacks to expose, gain unauthorized access, alter, steal, destroy, or make unauthorized use of information assets.

Cybercriminals engage in offensive maneuvers that target information systems, infrastructures, computer networks, and personal devices to access information, restricted areas, and controls of systems without authorization.

Key Takeaways

  • A cyberattack is a malicious activity that hackers launch to steal data and disable systems
  • Cybercriminals use various methods like malware, ransomware, and denial of service to launch cyberattacks
  • A cyberattack can be active, passive, insider, or outsider incident
  • About 3.5 billion people lost their data in the top two of the 15 most significant cyberattacks.
  • In the first six months of 2017, cyberattacks impacted 2 billion data records, and ransomware payments reached US $2 billion.
  • Various cybercriminals, including groups and individuals, employ cyber attacks with malicious intent.

Impacts of Cyberattacks

Individuals, groups, sovereign states, societies, activists, and other organizations employ cyber attacks with malicious intent. 

A cyberattack can result in various unfavourable effects, such as disabling computers and systems, stealing data, and using breached devices to launch attacks on other computers.

Types of Cyberattacks 

Cybercriminals use different methods and tools to launch a cyberattack on their target. Depending on the hacker’s intent, a cyberattack can be targeted or random. Cybercriminals devise new ways to throw targets off their defenses.

A cyberattack can be active or passive. An active attack attempts to alter system resources and affect their operations. A passive attack attempts to learn or make use of information from the target without affecting the system resources.

A cyberattack can originate from outside or inside the organization. The unauthorized or illegitimate user causes an outside attack. These external attackers include hostile governments, pranksters, organized criminals, script kiddies, and international terrorists.

An inside attack originates from an entity inside the security perimeter. An insider can be an employee, vendor, or contractor authorized to access system resources and information but uses them in an unapproved manner.

Some of the cyberattacks include:

  • Malware – this is a form of malicious software that harms computer users. Malware includes dangerous programs like computer viruses, worms, spyware, trojan horses, and adware.
  • Ransomware –ransomware is a prevalent malware that hackers use to lock a victim’s computer files through encryption and demanding payment to unlock the files
  • Social engineering – this cybersecurity threat leverages human interaction and trust to trick users into performing actions that enable criminals to steal sensitive information
  • Phishing – Phishing is a form of fraud where hackers send fraudulent emails and messages that resemble details from reputable sources. Phishing attacks enable cybercriminals to steal sensitive information, such as credit card and login credentials.
  • Denial of service attacks – hackers cause a denial of service attack by sending overwhelming traffic to networks and servers, therefore preventing systems from meeting legitimate requests
  • Man-in-the-middle (MITM) – cybercriminals use MITM attacks to secretly interpose between users and a web service they are trying to access. MITM allows attackers to harvest any information the user sends to the service
  • SQL Injection – in this attack, a hacker exploits a flaw to take control of a victim’s databases. The hacker writes Structured Query Language (SQL) commands into a web form that collects user information such as name and addresses. Poorly programmed websites and databases will execute the malicious commands

This list is not exhaustive. The industry OWASP Foundation maintains a list of the top 10 cyberattacks hackers use against web applications. You can have a look at the list on OWASP’s website.

Popular Cyberattacks Incidents

Today, cyberattacks affecting millions of users are far too common. About 3.5 billion people lost their data in the top two of the 15 biggest cyberattacks.

Some of the most prominent incidents in recent memory include: