What is a Network Attack?

A network attack is the method of breaking the security of a computer network to gain unauthorized access or disrupt services or steal data by taking advantage of vulnerabilities. It can target any device that has access to the network, whether it be a server, router, computer, or IoT device.

Types of Network Attacks

1. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
DoS Attack: Overflows the network or server with excessive traffic to make it unavailable for the legitimate user.
DDoS Attack: Multiple compromised devices-a botnet-make use of a flood in the target with traffic.
Example: The DDoS attack on GitHub in 2018 was witnessed to swell as high as over 1.3 Tbps and brought the service down temporarily.
Man-in-the-Middle (MitM) Attack
- To pass on information between two parties secretly, usually to steal valuable information.
Example: An attacker intercepts an open Wi-Fi connection in a public place to steal login credentials.

3. Phishing and Spear Phishing
Phishing: In this regard, the attacker uses fake email or websites that trick users into giving out personal information such as passwords.
- Spear Phishing: A type of phishing directed to specific individuals or organizations using more personalized messages.

4. Packet Sniffing (Eavesdropping Attack)
- The attacker uses various tools such as Wireshark to intercept and observe data packets that are flowing across the network; this might reveal sensitive information including passwords or credit card details.

5. IP Spoofing
- Attacker sends packets with spoofed IP addresses, masquerading as any trusted device in order to pass through security or implement DoS types of attacks.

6. ARP Spoofing
- The attacker sends fake ARP messages on the network, associating their MAC address with the IP of a legitimate device, and this will intercept, alter, or block data in-transit within a local network.

7. SQL Injection
- An attacker injects malicious SQL code into a query for unauthorized access to a database. This may involve data theft or manipulation.

8. DNS Spoofing (Cache Poisoning)
- The attacker modifies DNS records so that users are routed to malicious websites without users' knowledge.
- Example: Users will be routed from a legitimate banking site to a phony one to steal their login credentials.

9. Ransomware Attack
- The attacker uses malware to encrypt information from a network the victim uses and then asks for money in return for the decryption key.
- Example: The WannaCry attack, 2017, spread across networks worldwide, leveraging known weaknesses in Windows operating systems.

10. Zero-Day Attack
- An attack in which the hacker uses an unpatched, unknown hole in software or hardware before a fix is made available for it.
Example: Stuxnet worm that attacked through zero-day vulnerabilities in industrial control systems.

Defensive Measures against Network Attacks
1. Firewalls: These monitor and control incoming and outgoing network traffic according to security rules.
2. Intrusion Detection and Prevention Systems - IDS/IPS: These detect and block activities that seem suspect.
3. Encryption: Encryption protects data both in motion and at rest against unauthorized access.
4. Network Segmentation: Segments the network into sub-networks to confine an attack.
5. Software Update: Fixes known bugs and reduces the possibility of zero-day attacks.
6. Security Training: Educates users about phishing and other social engineering attacks.