1. Introduction

Information is a valuable asset targeted by all types of hackers. In addition, the number of internet-connected devices is dramatically increasing in the current digital age. That’s why cybersecurity attacks constantly evolve, and information security has become a considerable challenge.

In this tutorial, we’ll learn about four categories of cybersecurity attacks: interruption, interception, modification, and fabrication. We’ll study their characteristics and differences. Furthermore, we’ll show some examples and ways to shield against them.

2. Interception

Let’s start with the first category of attacks, interception. Usually, data communication occurs when two connected entities exchange a message over the Internet:

original transmission

In the case of an interception attack, a malicious actor can access private or confidential information with no legitimate authorization. Eavesdropping attacks are a typical example of this category of attack. Namely, an intruder can refer to several techniques, such as packet sniffing and man-in-the-middle (MITM).

Generally, he aims to obtain critical information such as passwords and credit card numbers or to disturb data exchanges on the network. When effectively executed, it can be very hard to identify traces of the attack:

Interception

This category of attacks is mainly a threat to data confidentiality. We can mitigate it by encrypting communications, avoiding untrusted Wi-Fi networks, and regularly updating our software.

3. Interruption

Let’s examine the second category of attacks, interruption. This form of attack manifests when a network service or a system asset is disrupted or destroyed:

Interruption

As a result, legitimate users can no longer reach it, either permanently or temporarily.

For example, an attacker may steal or damage a hardware/software component. He can also overwhelm a server host with requests so that it can’t respond, causing a DoS attack. Another example is using malware, such as viruses or trojans, to delete data or disable a system’s functioning.

This type of attack is a threat to data availability.

To protect against interruption attacks, we need appropriate precautions such as firewalls and system backups. Moreover, we can use cloud-based solutions and Content Delivery Networks (CDN) to boost security against these attacks and keep our system and network operable.

4. Modification

The third category is modification. This one involves not only gaining access to the asset but also manipulating it:

Modification

The man-in-the-middle attack (MITM) is a notable example. After intercepting data, the attacker can reconfigure the system hardware, remove a message in a network or modify its content. Cross-Site Scripting (XSS) attack is a second example where the hacker injects malicious script into a web application to alter its content or to obtain sensitive data illicitly.

Modification is primarily an attack on integrity. However, it can also manifest as an attack on availability. For example, let’s say the target is a configuration file that controls how a service is delivered. When manipulating its content, that service will no longer be available.

We can implement several techniques to prevent a modification attack, including Intrusion Detection Systems (IDS), data encryption, and Access Controls.

5. Fabrication

Now, we’ll go through the last category of cyber-attacks, fabrication.

Fabrication occurs when an intruder injects bogus data or creates a false trail in the system. For example, a hacker can execute identity spoofing by creating a fake version of a legitimate user. Then, he can attempt to commit fraud or hijack a bank account:

Fabrication

Further, there are other techniques to carry out a fabrication attack, such as SQL injection and phishing attacks.

Fabrication attacks mainly affect data authentication. That’s the case when the intruder creates a spoofing attack and impersonates a user’s identity or IP address. Meanwhile, fabrication can also threaten the availability objective of the CIA triad; for instance, injecting an overdose of traffic into a network can block a service.

We can mitigate fabrication attacks by using digital signatures and data encryption or by implementing firewalls in the network.

6. Summary

We can further classify these attacks as active or passive. Here’s a summary:

Attack Category

Characteristics

Examples

Type

Interception

An unauthorized actor access a service or information shared between two legitimate users

  • Eavesdropping
  • Passwords attacks
  • Packet sniffing

Passive

Interruption

An unauthorized actor disrupts a service or destroys hardware

  • Hardware disruption
  • Message corruption
  • Denial of Service
  • Malware

Active

Modification

An unauthorized actor gains access to a service or data and tampers with the content

  • MITM attack
  • Cross-Site Scripting (XSS)

Active

Fabrication

An unauthorized actor inserts malicious data in the system

  • Spoofing
  • SQL Injection
  • Phishing
  • Replay attacks

Active

We can also define these attacks by which security aspect of the CIA triad they attempt to affect:

Attack Category

CIA Triad

Mitigation Techniques

Interception

Confidentiality

  • Encrypt transferred data
  • Use trusted wifi-networks
  • Regular update of the software (OS, applications, passwords, etc.)

Interruption

Availability

  • Firewalls
  • System backups
  • CDN

Modification

Integrity and Availability

  • Intrusion Detection Systems (IDS)
  • Data Encryption A
  • ccess Controls

Fabrication

Authentication and Availability

  • Firewalls
  • Digital signatures

7. Conclusion

Information security is always an evolving challenge with the continuous advent of communication and information technologies.

In this article, we talked about four types of security attacks: interception, interruption, modification, and fabrication.