Makerere University

Enter a keyword or two into the search box above and click search..

Most Common Cyber Attacks

You are here

By Gilbert Nsanzimana


1. Malware

Malware is basically malicious software. It comes in different types which include spyware, ransomware, viruses, Trojans, adware, and worms. Malware breaches a network through a vulnerability. Malware is effected when a user clicks a dangerous link or an attachment in an email which then installs the risky software. Malware once successful can block access to the major components of the network [ransomware], give hackers access to your personal information by transmitting data from the hard drive [Spyware], or disrupt certain components of the network and renders the system inoperable. One of the most costly scenarios of malware attack happened in June 2017, the world’s largest shipping conglomerate. It all started when an employee saw computer screens suddenly turning black. The company computers in Ukraine lacked the latest Microsoft Windows security patches allowing a highly engineered malware worm to exploit the computers. This worm breached the company’s IT system and blocked access to all computers and servers worldwide, definitely halting the shipping operations for a number of days. This attack alone cost Maersk over $200 million in terms of revenue and also caused unquantified losses in perished goods and recovery efforts.

2. Phishing

Phishing attacks come in form of fraudulent messages that appear to come from a reputable source, usually through email. The main aim of these is to steal sensitive data such as credit card numbers and login information. Phishing can as well be intended to install malware on the target’s machine. Phishing is an increasingly cyber threat especially in these seasons of worldwide medical unrest. Attackers have impersonated the World Health Organization (WHO) and the Center for Disease Control (CDC) by sending pretended COVID-19 updates with an end result of cyber-attack. A mind-blowing case of phishing happened in the year 2015 when 80 million customer records were stolen from Anthem after an unsuspecting employee responded to a phishing email.

3. Man-in-the-middle attack

Also known as the eavesdropping attacks, they occur when cyber attackers place themselves as middlemen between the user and the entire network. Once the attackers interrupt the traffic, they have the ability to filter and steal data. One of the common ways through which this is done is insecure public Wi-Fi. Attackers can insert themselves between a user’s device and the network and the unaware user passes information through the attacker.

4. Denial-of-Service Attack

A denial-of-service attack overloads systems, servers, or networks with traffic to exhaust resources and bandwidth and forcing them offline. When this is achieved, the system is unable to fulfill legitimate requests. The other way attackers launch this is through distributed-denial-of-service (DDoS) by using multiple compromised devices. GitHub one of the largest hosting platforms has been a target for many attackers. In 2018, GitHub suffered a distributed denial-of-service (DDoS) attack that eventually affected 1.35 terabytes of data.

5. SQL Injection Attack

SQL injection (SQLi) attacks represent nearly two-thirds (65.1%) of all web application cyber-attacks according to the previous studies from the “State of the internet” report. A Structured Query Language Injection occurs when attackers insert malicious code into a server that uses SQL to force the server and steal desired information from the database. This is usually achieved by submitting malicious code into a vulnerable website search box. It is a very inexpensive and easy way for hackers which has made it a popular cyber-attack. Many businesses today store their data on the internet including financial transactions, when the SQL Injection attack has been successful, these transactions may be altered, deleted, or even exposed to the public. In August 2020, Freepik Company disclosed that it had fallen victim to SQL injection attacks and 8.3 million user accounts had been affected.

6. Zero-day exploit Attack

This type of attack hits after a network vulnerability has just been announced and there is no mitigation or patch at the very time. Cyber attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness and the success of a Zero-day exploit attack depends on the organization’s “Window of exposure”—Time is taken between the discovery of a vulnerability and the installation of a patch that fixes it. The average window of exposure for critical web application vulnerabilities is 69 days—According to Edgescan vulnerability statistics report. Zero-day exploit attacks rely heavily on the information at hand and thus the most commonly employed means of acquiring this information is through social engineering techniques. The survey carried out in 2018 by Ponemon Institute stated that “Zero-day attacks are four times more likely to compromise organizations. Of the 64 percent of respondents in organizations that were compromised, 76 percent say the type of attack was a new or unknown zero-day attack.”