A cyber-attack is any deliberate attempt to gain unauthorized access to, damage, disrupt, or steal data from a computer system, network, or device. Understanding common cyber-attacks is essential for evaluating the tradeoffs between usability and security in computing systems.
Most cyber-attacks target one or more pillars of the CIA Triad:
| Pillar | Meaning | Example Attack |
|---|---|---|
| Confidentiality | Data is accessible only to authorized users | Phishing, MitM |
| Integrity | Data is accurate and unaltered | SQL Injection |
| Availability | Systems are accessible when needed | DoS/DDoS |
A Denial of Service (DoS) attack floods a server or network with excessive requests, making it unavailable to legitimate users.
A Distributed DoS (DDoS) attack is more powerful — it uses a botnet (a network of compromised computers called zombies) to launch the attack from thousands of sources simultaneously, making it much harder to block.
Phishing is a social engineering attack where an attacker impersonates a trusted entity (e.g., a bank, employer, or government agency) via email, SMS, or fake websites to trick users into revealing sensitive information such as passwords or credit card numbers.
Malware (malicious software) is a broad category of software designed to harm or exploit systems. Types include:
| Type | Description |
|---|---|
| Virus | Attaches to legitimate files; spreads when the file is executed by a user |
| Worm | Self-replicating; spreads across networks without human intervention |
| Trojan Horse | Disguises itself as legitimate software to trick users into installing it |
| Spyware | Secretly monitors user activity and collects data |
| Ransomware | Encrypts victim's files and demands a ransom for the decryption key |
Ransomware is particularly damaging as it targets both Availability (files are locked) and can threaten Confidentiality (data may be leaked).
In a MitM attack, an attacker secretly intercepts and potentially alters communication between two parties (e.g., a user and a web server) without either party being aware.
SQL Injection exploits poor input validation in web applications. An attacker inserts malicious SQL code into a form field (e.g., a login box), causing the backend database to execute unintended commands.
' OR '1'='1 into a login field to bypass authentication.A brute force attack systematically tries every possible combination of passwords or encryption keys until the correct one is found.
A key concept in cybersecurity is that stronger security often reduces usability, and vice versa. When recommending cybersecurity measures, consider:
| Factor | Consideration |
|---|---|
| Efficiency | Does the security measure slow down legitimate users? (e.g., MFA adds a step) |
| Cost | Is the solution affordable for the organization? (e.g., enterprise firewalls are expensive) |
| Privacy | Does the measure collect or expose user data? (e.g., biometric data storage) |
| Ethics | Is the measure proportionate and fair? (e.g., monitoring employee communications) |
Example tradeoff: Requiring a 20-character password with symbols improves security but frustrates users and increases forgotten-password support requests.
To mitigate cyber-attacks, organizations implement: