Name: Ehsan Raza

Roll No: F21RDOCS1M08054

Department: BSCS
Semester: 5th(M2)
Subject: Information Security
Submitted to: Sir Mazhar Shahid Naqshbandi
 Assignment 2:
Question:
What are different cyber attacks?
Explain attacks affecting:
1.Confidentiality
2.Integrity
3.Availability

Answers:

Cyber Attack:
A cyberattack involves gaining unauthorized access to a computer system for the purpose of theft,
extortion, disruption or other nefarious reasons and includes any kind of malicious activity that attempts
to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

Type of Cyber Attacks:

Cyber attacks are classified on the basis of 3 things i.e., attacker’s status, techniques employed by attacker
and effect on C.I.A of a system.

Types based on attacker’s status:

Inside attack: An "inside attack" is an attack initiated by an entity inside the security perimeter (an
"insider"), i.e., an entity that is authorized to access system resources but uses them in a way not approved
by those who granted the authorization.
Outside attack: An "outside attack" is initiated from outside the perimeter, by an unauthorized or
illegitimate user of the system (an "outsider"). On the Internet, potential outside attackers range from
amateur pranksters to organized criminals, international terrorists, and hostile governments.

Types based on techniques employed by attacker:

An attacker employs different techniques or methods to fulfill different purposes, respectively. Following
are types of attacks on the base of techniques used by attackers.
1. Malware: Malware is a type of application that can perform a variety of malicious tasks. Perhaps the
most notable form of malware is Ransomware – a program designed to encrypt the victim’s files and then
ask them to pay a ransom in order to get the decryption key.
2. Phishing: In a Phishing attack, the attacker tries to trick an unsuspecting victim into handing over
valuable information, such as passwords, credit card details, intellectual property, and so on. Phishing
attacks often arrive in the form of an email pretending to be from a legitimate organization, such as your
bank, the tax department.
3. MITM: A man-in-the-middle attack (MITM) is where an attacker intercepts the communication
between two parties to spy on the victims, steal personal information or credentials, or perhaps alter the
conversation in some way.
4. DOS and DDOS attacks: DOS (denial-of-service) attacks work by flooding systems, servers, and/or
networks with traffic to overload resources and bandwidth. This result is rendering the system unable to
process and fulfill legitimate requests. However, unlike traditional denial-of-service attacks, which most
sophisticated firewalls can detect and respond to, A DDOS (distributed denial-of-service) attack is able to
leverage multiple compromised devices to bombard the target with traffic.
5. SQL injection: SQL injection is a type of attack which occurs when an attacker inserts malicious code
into a server using server query language (SQL) forcing the server to deliver protected information.
6. Zero-day exploit: In a zero-day exploit, cyber-criminals learn a vulnerability in certain widely-used
software applications and operating systems, and then target organizations who are using that software in
order to exploit the vulnerability before a fix becomes available.
7. Business Email Compromise (BEC): In a BEC attack, the attacker targets specific individuals,
usually an employee who could authorize financial transactions, in order to trick them into transferring
money into an account controlled by the attacker.
8. Crypto jacking: In Crypto jacking, cyber criminals compromise a user’s computer or device and use it
to mine cryptocurrencies, such as Bitcoin.
9. Drive-by Attack: In a ‘drive-by-download’ attack, an unsuspecting victim visits a website which in
turn infects their device with malware. The concerned website could be one that is directly controlled by
the attacker, or one that has been compromised.
10. Cross-site scripting (XSS) attacks: A cross-site scripting attack sends malicious scripts into content
from reliable websites. The cyber-attacker inserts a malicious java script into the database of a website.
When the Internet user visits a page of this website, the latter transmits this page to his browser with the
malicious script integrated into the html code.
11. Password Attack: In password attack, an attacker tries to guess, or “crack” a user’s password. There
are many different techniques for cracking a user’s password. By accessing a person’s password, an
attacker can gain entry to confidential or critical data and systems.
12. Eavesdropping attack: In an eavesdropping attack, the attacker looks for unsecured network
communications to intercept and access data that is being sent across the network. The cyber-attacker can
then obtain passwords, bankcard numbers and other sensitive content that the internet user sends over the
network concerned.
13. Root kits: Root kits are installed inside legitimate software, where they can gain remote control and
administration-level access over a system. The attacker then uses the root kit to steal passwords, keys,
credentials, and retrieve critical data.
14.Birthday attacks: A birthday attack is launched against hash algorithms that verify the integrity of a
message, A digital signature or software. It is a type of cryptographic attack, which exploits the
mathematics behind the birthday problem in probability theory. Birthday attack can be used in
communication abusage between two or more parties.

Types of attacks based on effect on C.I.A of a system:

The so-called CIA triad (Confidentiality, Integrity, Availability) is the basis of information security.
Confidentiality is restricting access to information, i.e., only people who are authorized should be able to
access information. Integrity involves maintaining the consistency, accuracy and trustworthiness of data
over its entire life cycle. Availability means information should be consistently and readily accessible for
authorized parties.

An attack can be either active or passive depending on how it is affecting C.I.A.

Active attack: The attack can be active when it attempts to alter system resources or affect their
operation: so, it compromises integrity or availability. E.g., data breaches, ransomware attacks.
Passive attack: A "passive attack" attempts to learn or make use of information from the system but does
not affect system resources: so, it compromises confidentiality. E.g., data scraping, wiretapping.
o