Network attackers are attempt to unauthorized access against private, corporate or governmental network infrastructure and compromise network security in order to destroy, modify or steal sensitive data. In this article, we will discuss on common types of network attacks and prevention techniques to protect IT infrastructure.
Network security ensure to protect data during transmission and to guarantee that data transmissions are authentic and not altered by attacker.
Common Types of Network Attacks and Prevention Techniques
Security is an important part of your organization. Even you don’t know the importance of network security until your organization is victim of a network attack.
There is no way to be completely sure that a system of your organization is inaccessible by cyber attacker. There are different types of network attacks and prevention techniques which are described as below.
1. Computer virus
A computer virus is a software program that can spread from one computer to another computer or one network to others network without the user’s knowledge and performs malicious actions. It has capability to corrupt or damage data, destroy files, format hard drives or make disks unreadable.
How does a computer virus spread?
There are many ways that a virus or computer virus can be spread, which are as follows:
- Clicking on an executable file
- Visiting an infected website
- Viewing an infected website advertisement
- Infected removable storage devices, such USB drives
- Opening spam email or an email attachment
- Downloading free games, toolbars, media players and other system utilities
2. Man in the Middle (MITM) Attack
A Man in the Middle is a type of cyber-attack where a malicious attacker inserts a conversation between sender and receiver, impersonates both sender and receiver and gains access to their information.
In this attack, both sender and receiver appear to communicate normally. The sender does not understand that the receiver is a malicious attacker and attacker trying to access or edit the message before re-transmitting to the receiver.
The common form of Man in the Middle attack is online communication, such as email, web browsing, social media, etc.
Spoofing is another type of cyber-attack where an attacker attempts to use a computer , device, or network to trick other system networks by masquerading as a legitimate user.
There are several types of spoofing; IP spoofing is one of the most common.
IP Spoofing is an attacking technique where, the hacker gains access to a computer network by sending messages to a computer with an IP address. The IP address indicating that the message is coming from a trusted host so that it looks like it is authentic.
In IP spoofing attack, a hacker first find out an IP address of a trusted host and then change the packet headers so that it appears that the packets are coming from that trusted host.
Malware is consists of software program or code which is developed by cyber attackers. It is designed to extensive damage to systems or to gain unauthorized access to a computer network .
The malware is delivered in the form of a link or file over email and it requires the user to click on the link to execute the malware. There are different types of malware such as computer viruses, worms, Trojan horse, spyware and more.
Learn more about Malware
4. Trojan horse
A Trojan horse is a type of malicious code or program that developed by hackers to disguise as legitimate software to gain access to victim’s systems. It is designed to delete, modify, damage, block, or some other harmful action on your data or network.
The victim receives an email with an attachment which is looking official email. The attachment can contain malicious code that is executed as soon as the victim clicks on the attachment file.
Learn More About Trojan Virus
5. Computer worm
A computer worm is a type of network attacks that spreads within its connected network and copies itself from one computer to another computer .
It can replicate itself without any human assistance and it does not need to attach itself to a software program in order to cause damage data.
Worms can exploit the security holes of the software and trying to access in order to stealing sensitive information, corrupting files and installing a back door for remote access to the system.
Learn More About How to Prevent Computer Worms
6. Denial-of-Service (DoS) attack
A Denial-of-Service is an attack that shut down a machine or network and making it inaccessible to the users. It typically flooding a targeted system with requests until normal traffic is unable to be processed, resulting in denial-of-service to users.
It occurs when an attacker prevents legitimate users from accessing specific systems, devices or other network resources.
Phishing is a type of social engineering attack that attempt to gain sensitive and confidential information such as usernames, passwords, credit card information, network credentials, and so more.
In a phishing attack, an attacker sends phishing emails to victims in order to steal of login credentials and account information.
Learn more about Phishing Attack
A rootkit is a malicious program that installs and executes code on a system without user consent in order gain system access to a computer or network.
It is typically installed through by exploiting system vulnerabilities, social engineering tactics, and stolen password or phishing techniques without the victim’s knowledge.
There are different types of Rootkit virus such as Bootkits, Firmware Rootkits, and Kernel-Level Rootkits & Application Rootkits.
9. Logic Bombs
A logic bomb is a malicious program or piece of code that inserted into an operating system or computer network which impacts a malicious function after a certain amount of time.
The code can be inserted into the existing software or into other forms of malware such as viruses, worms or Trojan horses etc.
Its main purpose is deleting or altering data, reformatting a hard drive and creating other malicious acts on a specified date
Ransomware is a type of malicious software or IT security threats that blocks to access computer system and demands for bitcoin in order to access the system.
The most dangerous ransomware attacks are WannaCry, Petya, Cerber, Locky and CryptoLocker etc.
Above all types of attack typically installed in a computer system through the following ways:
- When download and open a malicious email attachment
- Install an infected software or apps
- User visit a malicious website or link
- Click on untrusted web link or images
Learn More How to detect ransomware on computer?
How to prevent Network Attacks
If you want to detect and prevent network attack then you should know the types of network attacks and prevention method. Here are the some ways that can prevent network attacks, which are as follows:
1. Create Strong Password and Change Regularly
Create a strong password for different types of network device such as router, switch, cyberroam and firewall to prevent from network attack. Don’t use easy password to remember in mind such as date of birth, mobile no, employee id, student id, test123, 123456.
To creating a strong password you should use combine letters, numbers, special characters (minimum 10 characters in total) and change the password regularly.
For example: R$iu&*89m%; is a strong and standard password.
How to Create a Strong Password
2. Delete Suspicious Email and Don’t Click
Sometimes you will receive an unwanted email with attachment file which seems suspicious e-mail. A suspicious e-mail that may contains a malware script which can spread malware to your network when you click on that file or execute the script.
- If you think your incoming email is suspicious then you can direct phone call to sender to confirm as he/she sends the mail.
- Simply deleting the suspicious email, you can also mark it as spam and it is better do not click on that type of email.
Learn More About How to delete Spam Email
3. Use Antivirus software
Antivirus software is a program that helps protect your computing devices, networks and IT systems against viruses, worms, Trojan horses, and other unwanted threats. It scans every file which comes through the Internet to your computer and helps to prevent damage to your system.
- You can use server based antivirus to protect networks and ensure that valuable resources are secured.
- In order to protect network attacks you should use antivirus software. There has some professional anti-virus software such as Norton, Bitdefender, Kaspersky, Panda, ESET, Avast, AVG. So, you can use one of them and keep updated with update version.
4. Use Data Encryption
Encryption is a security method in which data is encoded in secured way that only authorized user can access it. It will protect your network information from being stolen or compromised that means phishing.
Encryption method protects sensitive data such as network credentials and credit card numbers by encoding and transforming information into unreadable cipher text.
There are many types of encryption algorithms such as AES, MD5, and SHA 1 are used to encrypt and decrypt the data.
Learn more about Data Encryption
5. SSL Certificate
SSL stands for Secure Sockets Layer is a global standard security protocol which establishes a secure connection between a web server and internet browser. It ensuring that all data passed through a network between a web server and browser remains encrypted and secure.
If you want to create a secure connection, then you have to install SSL certificate on a web server and it serves the following functions:
- It authenticates the identity of the application or website and
- It encrypts the data that’s being transmitted through internet
If a site is secured by SSL then a padlock is displayed and the address bar shows the URL as HTTPS instead of HTTP.
6. Use Firewall on your network
A firewall is most important network security solution tool which is designed to monitors incoming and outgoing network traffic and data packets based on security rules.
Its main purpose is to create an obstacle between trusted internal network and untrusted external network in order to protect network threats.
- Firewalls can be implemented as hardware based and software based, or a combination of both. When you used together, they reduce the phishing attack to your computer network.
- If your organization sends sensitive data over network then you can use Cisco Firewall
- And if you are in a home network then you can use Windows Firewall
7. Use Web Application Firewall (WAF)
A web application firewall is an application based cyber security solution tools which is designed to protect applications, APIs, and mobile apps by filtering and monitoring HTTP harmful traffic.
It is typically protects the software or application from different types of cyber-attacks such as cross-site-scripting (XSS), file inclusion, SQL injection, Session hijacking, Layer 7 DoS and others.
You can use following web application firewall according to your needs. A list of some commercially used Web Application Firewalls is mentioned below:
Learn More about Web application firewall
8. Use Virtual Private Network (VPN)
A virtual private network is a technology that creates a secure and encrypted connection over a less secure network, such as the internet. Virtual Private Networks are most often used by corporations to protect their sensitive data from cyber-attackers.
It is a secure connection method which used to add security features and privacy to public and private networks such as Wi-Fi Hotspots and the Internet.
For example, you may live in California, but using a Virtual Private Network, you can appear to live in another places such as Washington, Florida, Texas.
The main key advantage of VPN is that it is less expensive than a private wide area network (WAN). The two most common types of VPNs are remote access VPNs and site-to-site VPNs.
9. Prepare Security Policy and Deployment
The security policy will ensure the security, consistent and reliability of an organization. If an organization doesn’t have the security policy then there has a chance to cyber-attack. So, it is urgent to prepare and deploy the policy which may include the following topics:
- Password policy
- Usages policy for email, internet browsing, social media and others
- Physical security of an organization
- Identify security risks and its protection techniques
- Access and control of proprietary data
- Use of third party software
- Awareness training of your employees
10. Employee Training
Employees are the greatest security risk for any organization. You have to ensure that your employee knows the types of network attacks and prevention techniques. So, it is better to arrange regular training program and should cover the following topics:
- Cyber security threats and its importance
- Identification of surety threats
- Usages of network security device such as firewall and WAF
- How to protect from cyber-attack?
- How to retrieve data after hacking.
- Social engineering attack and its prevention techniques.