A Cyber Attack is an attack initiated from a computer, phone, or device, against another device or a website, with a view to compromising the integrity, confidentiality or availability of target and the information stored in it. Cyber Attacks, in a way, can be broadly considered to be a part of Cyber Crime. An attack to commit a Cyber Crime can be called as a Cyber Attack and is usually performed by hackers!

1. Phishing

Phishing is the attempt to obtain crucial information such as usernames, passwords, and credit card details, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim.

Typically a victim receives a message that appears to have been sent by a known contact or organization. An attachment or links in the message may install malware on the user’s device or redirect them to a malicious website set up to trick them into divulging personal and financial information, such as passwords, account IDs or credit card details. Phishing is a homophone of fishing, which involves using lures to catch fish.

6 Common Phishing Attacks and How to Protect Against Them

2. Brute Force Attack

In cryptography, a brute force attack consists of an attacker or a program trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attacker can attempt to guess the key which is typically created from the password using a key derivation function. This is known as an exhaustive key search.

Enigma (from Imitation Game) - First Brute Force Machine

To prevent password cracking by using a brute-force attack, one should always use long and complex passwords. This makes it hard for attacker to guess the password, and brute-force attacks will take too much time. Most of the time, WordPress users face brute-force attacks against their websites. Account lock out is another way to prevent the attacker from performing brute-force attacks on web applications. However, for offline software, things are not as easy to secure.

Popular Brute Force Apps:

Aircrack-ng - It basically performs dictionary attacks against a wireless network to guess the password. As you already know, success of the attack depends on the dictionary of passwords. The better and effective the password dictionary is the more likely it is that it will crack the password.

John the Ripper - John the Ripper is another awesome tool that does not need any introduction. It has been a favorite choice for performing brute-force attack for long time. This free password-cracking software was initially developed for Unix systems. Later, developers released it for various other platforms.

Hashcat - Hashcat claims to be the fastest CPU based password cracking tool. It is free and comes for Linux, Windows and Mac OS platforms. Hashcat supports various hashing algorithms including LM Hashes, MD4, MD5, SHA-family,

THC Hydra - THC Hydra is known for its ability to crack passwords of network authentications by performing brute-force attacks. It performs dictionary attacks against more than 30 protocols including telnet, ftp, http, https, smb and more. It is available for various platforms including Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1, OpenBSD, OSX and QNX/Blackberry

3. Fake WAP (Wireless Access Point)

Even just for fun, a hacker can use software to fake a wireless access point. This WAP connects to the official public place WAP. Once you get connected the fake WAP, a hacker can access your data, just like in the above case.

What Are Different Types Of WLAN Authentication — Basics Of Networking

What's an Evil Twin AP?

The evil twin AP is an access point that looks and acts just like a legitimate AP and entices the end-user to connect to our access point. Our aircrack-ng suite has a tool, airbase-ng, that can be used to convert our wireless adapter into an access point. This is a powerful client-side hack that will enable us to see all of the traffic from the client and conduct a man-in-the middle attack.

4. Cookie Theft

The cookies of a browser keep our personal data such as browsing history, username, and passwords for different sites that we access. Once the hacker gets the access to your cookie, he can even authenticate himself as you on a browser.

By mimicking a person’s cookie over the same network, a hacker can access sites and perform malicious actions. Depending on the sites accessed while the hacker is monitoring the network, this could be anything from making false posts in that individual’s name to transferring money out of a bank account. Hacking software has made it easier for hackers to carry out these attacks by monitoring the packets going back and forth. Cookie theft can be avoided by only logging in over SSL connections or employing HTTPS protocol to encrypt the connection. Otherwise, it is best not to access sites over unsecured networks.

Twitter: DaDzejsonnnn