Attacks are unauthorized activities that damage resources, files and programs, or, as in the case of social engineering, are used to obtain information without authorization. Attacks are divided into passive and active attacks.
Passive attacks threaten the confidentiality ofcommunications, but do not affect communications or message content. They are aimed solely at unauthorized information gathering. Eavesdropping security can be compromised by reduced emission security or undermined by Transient Electromagnetic Pulse Emanation Standard (TEMPEST). This attack technique involves receiving and evaluating electromagnetic radiation from screens, computer boards and data cables.
All data cables, telephone cables, fiber optic cables and especially radio technology, which is particularly vulnerable, offer great potential for attack. If in the case of data cables it is the electromagnetic radiation that can be intercepted, in the case of fiber optic cables it is possible to bend these strongly until the modes leave the core glass and the optical signals escape.
In the active attacks, the messages, the components of the communication system or the communication are corrupted. They can be attacks on networks to functionally disrupt them, such as a DNS attack, a DoS attack or DDoS attack, IP spoofing or phishing, attacks on access to systems, or decryption of encrypted data and messages. An active attacker can trigger certain responses from the recipient and control their behaviors by inserting, deleting, or modifying content. These active attacks include the delivery of viruses, worms, and Trojans.
Active attacks can be designed in such a way that they put so much load on the servers that they only have to take care of the attacks and are no longer available for other tasks. Flooding is one such technique, as are mailbombing, nuke and broadcast storms.
Targeted Attacks Targeted attacks, are cyberattacks that are directed against specific companies, organizations or other specified targets, specifically data centers. The goal of such attacks is to steal account access or confidential information, or to compromise business processes. The attack technique is therefore called business process compromise( BPC).
Cyberattacks are sophisticated in many ways to achieve their various goals. Many send emails with malware attached. The sender, disguised as someone familiar with the recipient, sends text that appears to be related to a specific job and advises the recipient to open the attachment.