網(wǎng)絡(luò)攻擊最常見的類型

胡文明

Increasing usage of the internet has also led to an increase in cyber-crimes/cyber-attacks. But how many types of cyber-attacks are you familiar with？ In order to tackle cyber threats， you must be well aware of its nature.

What are cyber-attacks？

A cyber-attack is defined as an attack originated by a digital system against another digital device， website， or any other digital system and compromises1 its privacy， reliability or the data stored in it.

Not only these attacks are a threat to digital individuals but are a great threat to businesses as well.

Why are cyber-attacks initiated？

Before moving further to types of cyber-attacks， let us first have a look at the reasons for initiating cyber-attacks：

Acquiring unauthorized2 access to a digital network， system or its data.

Denial of service.

Virus or malware3 installation.

Hacking a website for unsolicited4 purposes.

To get access to personal and secure information of people and businesses.

Unauthorized use of a computer.

Types of cyber-attacks

Cyber-attacks can be of various types. You need to be aware of all those types of cyber-attacks to guarantee your utmost safety and security.

1） Malware

Malware is considered as software that is intentionally developed to disrupt computer， server， client， or computer network.

Malware can be in the form of scripts， executable codes， active content， and other malicious software.

These codes can be computer worms， viruses， ransomware5， Trojan horses， adware， spyware， or scare ware.

The most prominent6 damages caused by malware are：

As ransomware， it blocks access to key components of the network.

Installs harmful software/malware.

As spyware， they can steal valuable information from your system.

They can damage certain hardware components of your system and make them inoperable.

2） Phishing

The main aim of phishing is to steal restricted and private information such as credit card details， login ids， and passwords， etc.

By impersonating7 oneself as a reliable establishment in electronic com-munication. It is usually done through email spoofing or instant messaging.

They carry a link that directs users to a fake website which looks similar to the legitimate site and asks them to enter personal and secure information. It is a fraudulent activity intended to cheat users.

They bait the users by claiming to be from a reliable third group such as auction sites， online payment processors， social web sites， banks， or IT administrators.

3） Man-in-the-middle attack

In man-in-the-middle （MitM） the invader covertly8 modifies the chats and dialogues between two people who are communicating with each other.

In a man-in-the-middle attack， the communicators are made to believe that they are directly communicating with each other without any interference from any third party.

But the truth is that the whole communication is controlled by the invader while making the communicators believe that they are talking to each other. It is also known as eavesdropping.

The entry points for MitM

The invaders can easily take control of private chats over an unsecured public Wi-Fi. Invaders can inset9 between the device and the network and can take control of the private chats in the network. The communicators without having any idea pass all the conversation to the invaders.

It can also be done through malware. In such cases， the invader installs software on the victims device to process all his information.

4） Denial-of-service attack

In denial-of-service attack （DoS attack） the offender tries to make digital assets inaccessible to its anticipated users.

The offender provisionally10 inter-rupts services of a host who is linked to the Internet. It involves overflowing the besieged11 machine with surplus applications to burden it from fulfilling the legitimate requests.

5） SQL injection attack

A Structured Query Language （SQL） injection attack allows the intruders to run malicious SQL statements. These SQL statements have the power to take over the database server.

Using SQL injection intruders can overcome application security measures.

It allows them to pass through the validation and approval process of any web application.

It also allows them to recover the entire data from their database. It also gives access to intruders to add， modify， and delete data in the database.

An SQL injection allows intruders to fiddle with various databases including MySQL， Oracle， SQL Server， or others. It is widely used by attackers to get access over：

Personal data.

Intellectual property.

Customer information.

Trade secrets and more.

6） Zero-day attack

The zero-day vulnerability is a defect in the software， hardware or even the firmware.

It is hidden from the teams responsible for fixing this bug. It is referred to as zero-day as it has a zero-day time gap between the time it is detected and the first attack.

7） Cross-Site Scripting

In Cross-Site Scripting （XSS） attacks the malicious scripts are embedded to reliable websites.

The intruders send malicious code to different users by embedding them into a trusted website usually as a browser side script.

The web browser cannot recognize this malicious script and has no idea that it is unreliable， and hence it executes the script as it comes from a trusted source. But alas these malicious scripts have powers to access any session tokens， cookies， or any other secret information that is used by that site.

8） Credential reuse attack

With almost every personal account asking for IDs and passwords， we tend to reuse them for various accounts.

Reusing the same password can be a big threat to your security.

The intruders can steal your user-names and passwords from a hacked website and they get a chance to log in to your other accounts using the same IDs and passwords.

And if you have reused them they get a golden opportunity to peek into your private accounts including your bank account， email， your social media accounts， and many others.

9） Password attack

Passwords are the main gateways to securely enter into your personal accounts. Getting access to these passwords is an age-old and most convenient way to intrude into someones private account.

Our passwords are usually connected to our lifes incidents， people and places， and hackers take benefit of such details. They can even sniff into the network to gain access to unencrypted passwords.

Attackers can use either of the below given two approaches to hack your passwords：

Brute-force

Brute-force is just like any other guessing game where you apply your wits and logic and expect that one of your guesses might work.

Dictionary attack

In such attacks， attackers use a diction-ary of common passwords to intrude into the users computer and network.

The attackers copy encrypted file having the list of passwords， and use it to a dictionary of frequently used passwords. They then compare the results to take hold of the users password.

10） Drive-by download attack

Drive-by download attack is a common method used by hackers to spread malicious scripts or codes on users sys-tems.

Attackers embed a malicious script into an insecure websites pages. Whenever you visit such websites， the scripts will automatically install on your system or might redirect you to a website that is controlled by the attacker.

These attacks can occur by visiting a website， a pop-up window or an email message. Drive-by downloads do not require users input to get activated.

It does not require you to download/open any malicious attachment. It uses an operating system/web browser with inadequate security features.

隨著互聯(lián)網(wǎng)的逐漸普及，網(wǎng)絡(luò)犯罪與網(wǎng)絡(luò)攻擊也與日俱增。而你又了解多少種網(wǎng)絡(luò)攻擊呢？為了應(yīng)對網(wǎng)絡(luò)威脅，你必須充分認清其本質(zhì)。

什么是網(wǎng)絡(luò)攻擊？

網(wǎng)絡(luò)攻擊由一個數(shù)字系統(tǒng)發(fā)起，針對另一數(shù)字設(shè)備、網(wǎng)站或任何其他數(shù)字系統(tǒng)進行攻擊，網(wǎng)絡(luò)攻擊有損被攻擊對象的隱私、信譽或儲存其中的數(shù)據(jù)。

這些攻擊不僅危及互聯(lián)網(wǎng)個人用戶，也會對企業(yè)造成巨大威脅。

為什么發(fā)起網(wǎng)絡(luò)攻擊？

在進一步闡述網(wǎng)絡(luò)攻擊的類型之前，我們先來看看發(fā)起網(wǎng)絡(luò)攻擊的原因：

未經(jīng)授權(quán)訪問數(shù)字網(wǎng)絡(luò)、系統(tǒng)或其數(shù)據(jù);

拒絕服務(wù);

安裝病毒或惡意軟件;

擅自入侵網(wǎng)站;

竊取個人與企業(yè)的私密、安全信息;

未經(jīng)授權(quán)使用計算機。

網(wǎng)絡(luò)攻擊的類型

網(wǎng)絡(luò)攻擊有多種類型。為了最大程度保證安全，你需要了解所有類型的網(wǎng)絡(luò)攻擊。

1）惡意軟件

惡意軟件是指蓄意開發(fā)以破壞計算機、服務(wù)器、客戶端或計算機網(wǎng)絡(luò)的軟件。

惡意軟件形式多樣，包括腳本、執(zhí)行代碼、活動內(nèi)容以及其他惡意軟件。

這些代碼可能是計算機蠕蟲、病毒、勒索軟件、特洛伊木馬、廣告軟件、間諜軟件或恐嚇軟件。

惡意軟件造成的最為顯著的危害如下：

勒索軟件會阻斷對網(wǎng)絡(luò)關(guān)鍵組件的訪問;

安裝有害軟件或惡意軟件;

間諜軟件會從系統(tǒng)竊取有價值的信息。

它們可以破壞系統(tǒng)的某些硬件組件，令其無法運作。

2）網(wǎng)絡(luò)釣魚

網(wǎng)絡(luò)釣魚的主要目的是竊取機密、私密信息，如信用卡明細、登錄名與密碼等。

詐騙者會在電子通信中假扮信譽良好的企業(yè)或機構(gòu)，常用手段為仿冒電郵或即時通信。

他們附帶鏈接將用戶引至狀似合法網(wǎng)站的偽造站點，要求用戶輸入個人安全信息。網(wǎng)絡(luò)釣魚是一種蓄意欺騙用戶的詐騙活動。

詐騙者通過聲稱自己來自拍賣網(wǎng)站、在線支付平臺、社交網(wǎng)站、銀行等可信的第三方機構(gòu)，或謊稱自己是信息技術(shù)管理員來誘騙用戶。

3）中間人攻擊

在中間人攻擊（MitM）中，入侵者會暗中修改交流雙方的聊天對話數(shù)據(jù)。

在該模式下，入侵者會令交流雙方相信，彼此是在不受第三方干擾的情況下直接交流。

然而事實卻是入侵者控制著整個交流過程，同時讓交流雙方認為他們在直接對話。這種攻擊也被稱為竊聽。

中間人攻擊的入口點

入侵者可以通過不安全的公共無線網(wǎng)絡(luò)輕易控制私人聊天。他們可以介入設(shè)備與網(wǎng)絡(luò)之間，控制該網(wǎng)絡(luò)下的私人聊天。交流者毫不知情地將所有對話傳給了入侵者。

這種攻擊也可以通過惡意軟件實現(xiàn)。在該情況下，入侵者將軟件安裝在受害人的設(shè)備上來處理其所有信息。

4）拒絕服務(wù)攻擊

在拒絕服務(wù)攻擊（DoS攻擊）中，攻擊者試圖令數(shù)字資產(chǎn)無法被其預(yù)期用戶所訪問。

攻擊者短暫中斷聯(lián)網(wǎng)主機的服務(wù)。這種方式利用過多的應(yīng)用程序令被攻擊的機器溢出，從而使其因不堪重負而無法處理合法的請求。

5）SQL注入攻擊

結(jié)構(gòu)化查詢語言（SQL）注入攻擊可讓入侵者運行惡意的SQL語句。這些SQL語句能夠接管數(shù)據(jù)庫服務(wù)器。

入侵者使用SQL注入可以攻破應(yīng)用程序的安全措施。

它可以讓入侵者通過任何網(wǎng)絡(luò)應(yīng)用程序的驗證批準過程。

它也可以讓入侵者從自己接管的數(shù)據(jù)庫恢復(fù)全部數(shù)據(jù)。它還可以讓入侵者擁有添加、修改、刪除數(shù)據(jù)庫數(shù)據(jù)的權(quán)限。

SQL注入讓入侵者可以控制MySQL、甲骨文、SQL服務(wù)器等多類數(shù)據(jù)庫。攻擊者常用其來獲取：

個人數(shù)據(jù)，

知識產(chǎn)權(quán)，

客戶信息，

交易機密等。

6）零日攻擊

零日漏洞是指軟件、硬件乃至固件中的缺陷。

該漏洞不會被負責(zé)修復(fù)的團隊查出。之所以稱為零日是因為發(fā)現(xiàn)漏洞的時間與首次攻擊之間是零時差。

7）跨站腳本

在跨站腳本（XSS）攻擊中，入侵者將惡意腳本嵌入可信的網(wǎng)站中。

入侵者通常以瀏覽器端腳本的形式將惡意代碼嵌入可信的網(wǎng)站中，以此將惡意代碼發(fā)送給不同的用戶。

網(wǎng)頁瀏覽器無法識別該惡意腳本，也不知道該腳本不可信，因此會視其來源可靠并執(zhí)行該腳本。然而這些惡意腳本能夠訪問任何會話令牌、小型文本文件或該網(wǎng)站使用的任何其他秘密信息。

8）憑據(jù)重用攻擊

幾乎每個個人賬戶都要求輸入用戶名與密碼，因此我們往往將其重復(fù)用于多個賬戶。

重復(fù)使用相同的密碼可能會對你的信息安全造成重大威脅。

入侵者可以從一個被黑的網(wǎng)站竊取你的用戶名與密碼，并借機使用相同的用戶名與密碼登錄你的其他賬戶。

如果你重復(fù)使用用戶名與密碼，入侵者便可趁此“良機”窺探你的私人賬戶，包括銀行賬戶、電郵、社交賬號和許多其他賬戶。

9）密碼攻擊

密碼是安全登錄個人賬戶的主要途徑。獲取密碼是入侵他人私密賬戶最便捷的方式，這種方式由來已久。

我們的密碼通常都與生活中的事件、人物與地點有關(guān)，黑客們則會利用此類信息。他們甚至可以潛入網(wǎng)絡(luò)獲取未加密的密碼。

攻擊者可以使用以下兩種方式中的任一種來竊取密碼：

暴力破解

正如其他猜謎游戲一樣，暴力破解是應(yīng)用智慧與邏輯以期猜中密碼。

字典攻擊

在此類攻擊中，攻擊者會使用常用密碼字典入侵用戶的計算機與網(wǎng)絡(luò)。

攻擊者復(fù)制存有密碼列表的加密文件，將其應(yīng)用到常用密碼字典中。接著他們會對比結(jié)果來竊取用戶密碼。

10）路過式下載攻擊

路過式下載攻擊是黑客在用戶系統(tǒng)上散布惡意腳本或代碼的一種常用方式。

攻擊者將惡意腳本嵌入不安全的網(wǎng)站頁面。當(dāng)你訪問這類網(wǎng)站時，腳本便會自動安裝到你的系統(tǒng)上，或者可能將你重新導(dǎo)向一個被攻擊者控制的網(wǎng)站。

這些攻擊可以通過網(wǎng)站訪問、窗口彈出或郵件信息的方式產(chǎn)生。路過式下載不需要用戶輸入激活。

它不需要下載或打開任何惡意的附件。此類攻擊利用了安全功能不完善的操作系統(tǒng)或網(wǎng)頁瀏覽器。

（譯者為“《英語世界》杯”翻譯大賽獲獎?wù)撸?/p>