8 Common Types of Cyber Attacks

All cyber attacks are not created equal. Part of what makes them so difficult to counter is that attacks can take a huge range of forms and each type must be guarded against differently. From worms to viruses to ransomware, we'll discuss how different types of attacks work.
Share on linkedin
Share on twitter
Share on facebook

Hackers launch cyber attacks for a variety of malicious purposes. The people who do this are called black hat hackers and may be operating for their own personal reasons or on behalf of others.

Why Do Hackers Attack?

There is a wide range of motives behind cyber attacks. We’ve outlined the major ones below.


Some hackers attack information systems to gain access to sensitive or important information. They can then hold this information ‘hostage’ or threaten to release it publicly if the information’s owners don’t pay a ransom. Governments, healthcare institutions, and research facilities are vulnerable to this kind of attack because their work often relies critically on large amounts of data. If they lose access to it their entire operations could be jeopardized. Additionally, these types of institutions often hold sensitive information about the people they serve and would go to great lengths to avoid leaking data about the people who rely on them.

Ransom attacks can also target individual people in order to blackmail them. Hackers threaten to release maliciously obtained information if the individual does not pay a ransom.


In some cases, hackers are not looking for personal monetary gain but simply wish to jeopardize the operations of an organization that they feel antagonistic toward. Media sites may be targeted by hackers who disagree with published content and governments may be targeted by dissenters who wish to create chaos.

In these cases, hackers can lock users out of their own systems or manufacture system overloads that prevent any work from being done. 

Identity Theft

Hackers may steal personal information or access personal accounts like email and social media. They can then commit other crimes under an alternate identity that protects their own identities.

Another form of identity theft hacking is when a hacker steals users’ login details

to gain access to a website or system that they would not otherwise be allowed into. 


Some hackers’ ultimate goal is to gather information about victims’ computer usage in real time by spying. This information can then be used either for blackmail against the user or to inform strategies for other nefarious plans. 

What Are the Types of Cyber Attacks?

Hackers are constantly evolving their attack methods as cybersecurity professionals develop strategies for protecting against them. For this reason, there are always new types of cyber attacks to learn about and work against. Some of the most common types of cyber attacks right now are:

1. Malware

Malware is a condensed version of the phrase “malicious software,” which is exactly what it sounds like. It is software that performs malicious actions on your computer or device. Malware can be used for any of the hacker intentions we mentioned above – information theft, disruption of work, impersonation, data destruction, and more. It all depends on what the malware is designed to do once it gains access to a system.

Hackers can set malware up to begin installation when a user visits a certain website, opens an email, opens a text message, clicks on an ad, or takes any number of different actions on an internet-connected website or app. 

Different types of malware include:

  • Adware – Software that causes annoying pop-up ads to appear on a user’s device. While annoying, this type of unwanted software is not always considered malware because it is not always illegal. 
  • Spyware – Malware that collects information about a user’s activity and sends the information back to its deployers.
  • Ransomware – Malware that either locks a user out of their device or encrypts files to make them unusable. Deployers then demand a ransom in exchange for re-granting access or decrypting files to make them readable again.
  • Virus – Like biological viruses, computer viruses make copies of themselves to spread throughout a device and to infect other devices. Sometimes they cause problems by deleting files or stealing information. Other times they cause trouble simply by multiplying so many times that an entire system is overloaded and can no longer accomplish its intended work.
  • Trojan – Trojans, named after the mythological Trojan Horse, is a type of malware disguised as a different software program. Users mistakenly download the Trojan instead of their desired program and sometimes authorize it to access information or functions on their devices.
  • Rootkit – A rootkit is a type of malware that grants administrative access to its deployers without a device owner’s knowledge or consent. The deployers can then control the device remotely and carry out any actions that they wish.
  • Keylogger – A keylogger records a user’s keystrokes on their device and sends the information back to its deployers. This can uncover passwords and usernames.

2. Phishing

Phishing is when hackers send fraudulent emails or messages to their victims and try to get them to disclose sensitive information or install malware. Hackers often disguise themselves as benign actors in order to trick the message’s recipient. Classic examples of phishing include:

  • Fake giveaways – The phishing message tells the recipient that they have won a prize and simply need to click on a link to claim it. The link then asks for personal information or begins the installation of malware.
  • Disguising as a trusted contact – Phishers may disguise as a well-known company like CNN or Walmart that a recipient may be used to receiving email from. In some cases, they’ll learn about the recipient’s social or work connections online and sign an email as somebody the recipient knows.
  • Psychological manipulation – Sometimes phishing emails include messaging designed to make the recipient so curious or outraged that they click on a link to learn more before they realize that the link is malicious. This can be anything from outrageous fake news to miraculous cures to ailments.

3. Man-in-the-Middle

A Man-in-the-Middle, or MITM, attack is a type of cyber attack where a hacker intercepts communication between two parties and impersonates each of them to cause confusion or steal information. In such a scenario, Person A thinks they are communicating with Person B and Person B thinks they are communicating with Person A. However, both are communicating with the attacker who can choose to pass their messages along, stop the messages from reaching their intended recipient, or alter the messages to say something else. 

The same strategy can be applied to intercept communication between users and servers. When a user attempts to connect to a server, an attacker can intercept the connection and connect the user to their own server or web page instead. From there, the hacker can trick the user into supplying information.

4. SQL injection 

Injection ranks as the #3 most common critical vulnerability in web applications by the OWASP Top 10. It is a form of attack in which a hacker enters SQL statements into an application’s entry field, causing it to act in a way that it should not – I.E. deliver sensitive data to hackers. Data-driven applications that have functionality for users to enter information – a search bar for example – are vulnerable to this type of attack if they are not properly secured. 

5. Denial of Service

A Denial of Service attack, or DoS, is any kind of nefarious activity that makes a device or system unusable by its intended users. The most common way that hackers go about this is by flooding the system with requests, causing overload and failure. This can be done efficiently by a botnet – a network of devices controlled remotely by a hacker. These devices may belong to innocent people who have, themselves, been hacked as part of the larger scheme. 

Specific categories of DoS attacks include: 

  • Distributed Denial of Service (DDoS)

This is the type of DoS that would be accomplished by botnets, though it could also be actioned manually by a network of many hackers. It is a distributed attack in that a flood of requests is sent in to overload the system from many different sources. This makes the volume of requests more overwhelming and makes it difficult to block.

  • Yo-Yo DoS Attack

This type of attack targets cloud-hosted applications that are set up to expand and contract to fit the needs of the application. When carrying out a yo-yo attack, hackers flood the application with so much traffic that it automatically scales outward. They then suddenly halt traffic so that the application is over-provisioned and automatically scales down again. At this point, the hackers begin flooding the application again. Having to constantly scale up and down is draining on a system and can also be a financial drain on the application’s owners who must pay their cloud service provider.

  • Advanced Persistent DoS

An advanced persistent DoS is a large-scale attack that targets multiple targets using a variety of methods. The goal is to exhaust an organization’s mitigation resources and to be unpredictable. Oftentimes, this type of attack culminates in a concentrated attack against one specific target. The preceding attacks act as distractions.

6. Cross-Site Scripting Attack

A Cross-Site Scripting, or XSS, attack is when a hacker injects malicious scripts into a benign website and then convinces an unsuspecting user to visit the malicious page. These scripts can be injected via user entry fields like comments sections or search bars. The scripts can direct the site to send personal information of anyone who uses the malicious page to the hackers.

In this type of attack, the hackers must find a way to entice a user to the malicious page once they have injected their script. This is sometimes done through email or fake ads. The targeted user sees the URL for a website they trust and may not notice that there is a script injected in it. 

7. DNS Tunnelling

DNS Tunnelling is a tricky type of cyber attack in which a hacker gains access to a private network by embedding a nefarious program within a domain name. The hacker registers for a website domain name that contains code. Imagine something like GiveAccessToHackers.websitename.com—this would be less obvious in reality, though. They must then get someone within a private network to try to visit the site. When the request is processed by the private server, the program is executed, giving hackers access to a private network. 

As you can see, cyber attacks can be extremely complex and varied, making them so difficult to prevent. Want to learn more about how you can build secure networks and block cyber attacks of all kinds? Check out our Guide to Cybersecurity Bootcamps to find a program and become a pro!

Related Articles