15 types of cyber attack

By Dan Colombini04 November 2021

Cyber attacks on rental equipment firms are on the rise, with Palfinger and Adapteo becoming high-profile victims of the problem.

But what specific types of attack are currently posing a threat?

Following recent attacks targeting rental firms Palfinger and Adapteo , as well as others in the wider construction sector, the industry is rallying to fight against the threat of cyber crime.

Effective measures are being put in place as the issue becomes more prevalent but it remains a sophisticated issue with varying methods in effect to cause problems for an organisation.

There are a vast amount of ways a perpetrator can carry out a cyber attack. Credit: Reuters

Using information from data security platform Lepide, we look a the different types of threat that are affecting the sector…

Malware
Applications, including ransomware, that perform malicious tasks from spying to obtaining valuable data or causing disruption.

Phishing
Designed to trick a victim into handing over information, such as passwords, credit card details or intellectual property.

Man-in-the-middle attack (MITM)
The attacker intercepts the communication between two parties to spy on victims or steal information.

Distributed Denial-of-Service (DDoS) attack
An attacker uses multiple devices to flood a target server with traffic to disrupt or bring down the target.

SQL injection
SQL databases uses SQL statements to query data typically executed via a HTML form on a webpage. If permissions are not set correctly, the HTML form can be exploited.

Zero-day exploit
Cyber-criminals exploit an existing vulnerability in software applications and operating systems, before a fix becomes available.

DNS tunnelling
DNS tunnelling provides attackers with persistent access to a given target.

Business Email Compromise (BEC)
The attacker targets individuals, perhaps those with the ability to authorise financial transactions.

Cryptojacking
Criminals compromise a user’s computer or device and use it to mine cryptocurrencies, such as Bitcoin.

Drive-by attack
A victim visits a website which in turn infects their device with malware.

Cross-site scripting (XSS) attacks
Similar to SQL injection attacks, these infect other users who visit the site or redirect the user to a malicious website.

Palfinger attack highlights escalation in cyber crimes What lessons does the Palfinger case have for the wider construction equipment industry?

Password attack
An attacker cracks a user’s password, sometimes using phishing.

Eavesdropping attack
Attackers look for unsecured network communications to intercept and access data being sent across the network.

AI-powered attacks
AI-powered software can learn what kinds of approaches work best and adapt attack methods.

IoT-based attacks
Hackers may seek to compromise IoT devices in order to launch large-scale DDoS attacks.

[Source: Lepide]

MAGAZINE
NEWSLETTER
Delivered directly to your inbox, Access International Newsletter features the pick of the breaking news stories, product launches, show reports and more from KHL's world-class editorial team.
How can employers overcome skills shortages and fill vacancies?
As the pandemic further exacerbates problems finding good new employees, how can employers fill vacancies? 
Hy-Brid Lifts appoints new CEO
Jay Sugar rejoins parent company Custom Equipment as president and CEO, following a brief stint in 2019 
Access OEMs discuss how the MEWP market will evolve in 2022
Demand for manually propelled MEWPs has steadily increased over the last few years due to jobsite requirements, discontinued use of ladders and machine advancements
CONNECT WITH THE TEAM
Euan Youdale Editor, Access International Tel: +44 (0)1892 786 214 E-mail: euan.youdale@khl.com
Ollie Hodges Sales Manager Tel: +44 (0)1892 786253 E-mail: ollie.hodges@khl.com
CONNECT WITH SOCIAL MEDIA