Mode of attack definition
Mode of attack refers to tactics and strategies attackers use to exploit vulnerabilities in a computer system or network. It allows cyber researchers to better categorize and understand ways attackers gain unauthorized access to systems, steal data, and or cause damage. At the same time, modes of attack help develop effective security measures to prevent cyber breaches.
See also: zero day, credential stuffing
Mode of attack examples
- Phishing. Attackers try to deceive users by sending emails and private messages, pretending to be authority figures such as FBI agents or social security workers.
- Malware. Any type of malicious software designed to exploit weaknesses in software.
- Denial of service (DoS) attacks. An attack where a system is overwhelmed with more data than it can handle, often by using networks of “zombie” computers.
- Man-in-the-middle attacks. Intercepting and altering communication between two parties without their knowledge.
- SQL injection. Inserting malicious SQL code into a website database to steal data.
- Zero-day exploits. It’s a vulnerability that researchers and the software developer don’t know about yet and hasn’t been patched.
- Credential theft. Hijacking user sessions gives attackers unauthorized access to user data.
- Insider threats. They include both disgruntled employees and someone who can be manipulated or blackmailed into malicious actions against their company.