Cyberattack is a general term that applies to a range of methods and techniques hackers can use to gain unauthorized access to networks and devices. Here are some of the most common cyberattacks:
Malware is short for "malicious software" and can apply to all types of software that can cause damage to devices, networks, or data. Worms, viruses, and trojan horses are some types of malware. Cyberattacks using malware usually require user interaction to be effective and can be prevented with security training.
Ransomware would fit into the malware category but deserves its own category because of its uniqueness and prevalence. Ransomware encrypts a user's system and then demands a ransom payment, usually in a cryptocurrency, to restore access to the system.
Phishing is the technique of convincing an unsuspecting target to commit some harmful action with an email that masquerades as communication from legitimate sites. This action could be entering credentials into a counterfeit website so they can be stolen or downloading and installing any of the varieties of malware.
Denial of Service
A denial of service attack is a brute force method of preventing a network, application, or service from running properly. This involves sending a flood of requests that overwhelm the targeted service. A distributed denial of service attack, or DDoS attack, uses a vast network of devices to accomplish more than just using one attacking system can.
In a man-in-the-middle attack, the attacker inserts himself between a target and a service they are trying to access. The attacker can then harvest data from the target without them knowing.
Exploits are attacks on known vulnerabilities and bugs in software. Often updates and patches will fix these flaws, but enough vulnerable software has not been updated in general that attackers scan networks connected to the Internet for it. By leveraging these bugs, hackers can gain unauthorized access to systems and data.
SQL injection is a technique that attackers use on vulnerable database-enabled applications. If applications are not programmed correctly, hackers can execute code on a database and gain unauthorized access to sensitive data.
Cryptojacking could be considered a type of malware attack. Attackers trick users into installing software that will "mine" cryptocurrency for them using phishing or other techniques.
DNS tunneling can be used for legitimate reasons. But it can also be used for malicious ones like disguising outbound traffic as DNS to conceal data that is being stolen from a network.