Cyber attacks: Motivation, Types and Controls

Updated on: November 21, 2023

Naresh Kumar Naresh Kumar

5 mins read

Cyber attacks: Motivation, Types and Controls

What is a cyber attack?

A cyber attack is an intentional effort to carry out any malicious activity in the IT systems, networks, computers,and infrastructure. The word cyber attack is composed of the word “cyber” which means “of or relating to or involving computers or computer networks” and the word “attack” means “to try to hurt, or destroy something or someone”. Essentially it means trying to hurt or destroy something or someone using networks or computers. The consequence of a cyber attack can be either monetary or reputation based such as data or money theft, disclosure of confidential information in public etc or it can be physical destruction such as causing physical destruction by hacking the critical infractures such as Nuclear plants etc.

An example of a cyber attack in 2023 is the reddit data breach.[1] In February 2023, a ransomware gang called “Blackcat” claimed to have stolen 80 gigabytes of compressed data from Reddit during a breach of the company’s systems. 

Motivation behind cyber attacks

The motivation behind cyber attacks can be broadly categorized into the following[2]:

  1. Criminally Motivated: Criminally motivated cyber attacks are operations primarily driven by the intent of illegal gain, often targeting systems or individuals to steal, defraud, or extort. Typical motivations of these attacks are to gain financial benefits or to steal valuable data. A few examples of criminally motivated cyber attacks are deploying ransomware on a company’s servers to demand money, stealing credit card and other Personally Identifiable Information (PII)  information from e-commerce sites, or engaging in online banking fraud.
  2. Politically motivated: Politically motivated cyber attacks are digital assaults initiated to advance a political agenda or cause, often targeting governments, organizations, or individuals to influence, intimidate, or disrupt their operations. These attacks can range from propaganda campaigns and data leaks to infrastructure disruptions. Politically motivated are also associated with “cyberwarfare”, “cyberterrorism”, or “hacktivism”.A few examples of politically motivated are hacking and releasing sensitive government documents, defacing a political party’s or Governmen’s website, or spreading propaganda.
  3. Personally Motivated: Personally motivated cyber attacks are the attacks driven by emotions, personal vendettas, or desires for fame or recognition. These attacks are often aimed at individuals, groups or organizations that the attacker has a personal grievance against, but they can also be driven by a desire for fame or notoriety in the hacker community. A few examples of personally motivated cyber attacks are a disgruntled employee causing service disruption, leaking confidential data of an individual due to a personal feud etc.

Types of cyber attacks

There are numerous cyber attacks that are used by attackers to compromise cyber systems, leak data and conduct other malicious activities[3]. Following are the five most common attacks: 

  1. Phishing attacks: Phishing is the act of sending fraudulent messages in the form of emails, SMS, chat messages etc containing content such as malicious links, attachments etc. These malicious links or attachments when opened can lead to installation of malware, login information theft, sensitive data access etc.
  2. SQL Injection attack (SQLi): SQL injection is a way to tweak the structure of SQL query in the request made by the client to the server to elicit unauthorized information. A successful SQL injection attack can lead to the release of sensitive data, modification or deletion of critical data, or complete deletion of the database.
  3. Brute force attack: In a brute force attack the attacker tries to guess the login credentials, API keys etc using trial and error method. Manually conducting such an attack is very time consuming and often impossible to carry out and therefore, attackers nowadays use bots to carry out such brute force attacks.
  4. Man-in-the-middle (MITM) attack: As the name suggests, in this attack the attacker positions itself in the middle of the two communicating machines such that it is able to eavesdrop or impersonate the other party and tamper with the information communicated between the two parties. 
  5. DoS and DDoS attacks: A denial-of-service (DoS) attack is a method by which an attacker overwhelms a server with requests such that it is unable to respond to other legitimate requests. Due to high volume of requests, all the resources of the server gets consumed by the illegitimate requests thereby disrupting the normal operation and leading to complete shutdown of their services. A distributed denial-of-service (DDoS) attack is a DoS attack but the only difference is that it uses multiple machines and computers to flood a target machine.

Effects of cyber attacks on organizations

The effects or damage caused by a cyber attack can vary depending upon the type, and level of the attack. However, following are the most significant effects of cyber attacks:

  1. Financial loss
  2. Service disruption
  3. Loss of sensitive data
  4. Reputational damage
  5. Legal Consequences

Building a robust cyber security program for organizations

A robust and well structured cyber security program not only helps an organization protect their systems, infrastructure, business and people from cyber attacks but it also fosters trust among customers, stakeholders and employees. Broadly security initiatives can be grouped into four stages:

  1. Prevention: It aims at employing proactive defensive measures, such as firewalls, employee training, and strong access control to prevent cyber threats before they infiltrate. 
  2. Detection: If an attacker is able to bypass the defensive measures, solutions can be used to detect any malicious activity or intrusion. Security solutions such as IDS (Intrusion Detection Systems), XDR (Extended Detection and Response), SIEM (Security Information and Event Detection) can detect and alert an intrusion in the connected systems.
  3. Incident Response: Once an intrusion is detected, the incident response phase kicks in, where a team of security experts assesses, contains, and manages the situation. Many companies with large sensitive data and systems nowadays subscribe to the incident response(IR) retainer services. IR retainer services provide 24X7 service response and send a specialized team of incident responders on-site in case of a cyber attack. 
  4. Remediation: After an incident has been contained, the final step is to address the root causes of the breach, patch the vulnerabilities, and restore affected systems.

Conclusion

As technology advances, cyber attacks are becoming even more sophisticated. From a script-kiddie to Nation-state actors, the cyber attackers are always on the lookout for vulnerabilities in critical systems. Therefore, it is imperative for organizations to develop a comprehensive cyber security program including prevention, detection, response, and remediation to safeguard assets and maintain public trust.

Naresh Kumar

Naresh Kumar

Related Articles

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include a vulnerability scanner, firewall, malware scanner and pentests to protect your site from the evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders
Astra Security

We make security simple and hassle-free for thousands of websites & businesses worldwide.

See our glowing reviews on

Pentest

Company

Resources

Services

Made with ❤️ in USA France India Germany

Copyright © 2024 ASTRA IT, Inc. All Rights Reserved.

Privacy Policy Terms of Service Report a vulnerability