In communications technology, an attacker is a person who uses unauthorized means to gain unauthorized access to external resources, databases or programs. There are a wide variety of technical approaches to attacks, depending on the goal of the attack. For this reason, a distinction is made among attackers between hackers, crackers, crashers, intruders and snoopers.
If the attackers want to intercept encrypted information, they work man-in-the-middle attacks. They intercept the encrypted messages in transit by hooking into the communication link and attempting to decrypt the encryption. One attack pattern is called Deception Technology and leads the attacker down a false trail, while another relies on pretending false identities, or spoofing. In address spoofing or IP spoofing, the IP address is faked or the IP address of an authorized user is used because it is considered trustworthy. Using this trusted IP address, the attacker has access to certain resources of a network or a system.
If the goal is to overload the servers or mail servers of an attacked party or to restrict their functionality, then the attacker will perform a DoS attack by bombarding the servers or mail servers with millions of requests and restricting the system 's functionality by flooding it. In the distributed DoS attack, DDoS attack, the attacks are launched simultaneously from different servers.
As far as attacks on keys are concerned, there are encryption methods in which all session keys are derived from the master key. Once the master key is cracked, then it is easy for attackers to decrypt the session keys and access all sessions.
If the attackers target the data files, then they choose the backdoor method and aim their unauthorized access at a backdoor. This backdoor opens for them via a hidden, constantly running program that scouts the vulnerabilities. To access bank accounts and make transactions on other people's accounts, there is phishing, a word creation from password and fishing. In this technique, the attackers attempt to retrieve confidential bank data, such as the personal identification number( PIN), transaction numbers( TAN) or credit card numbers from the bank customer via the Internet, often using faked websites and e-mail queries.