Hacking is the unauthorized access to the computer system or network. Hackers is someone who does the hacking. Blue hat hackers or penetration testers hacks into computer system or network in order to expose a security vulnerability. Red hat hacker does it for financial gain,revenge or for any other unethical reasons. Blue hat hacking or ethical hacking is legal and usually done with permission of the company. Red hat hacking is illegal and hence punishable under law.There are two major classification of computer attacks (i)Attacking the computer system (ii)Attacking network such as Wi-Fi, Internet(Cyber Attack) and LAN.
Attacking the computer system
Virus: It is a self replicating program and it does some harmful operation on the computing system such as infecting files and computer system files. Macro virus is a type of virus that is transmitted through the macro function of MS word which enables user to attach file in the document. Boot sector virus are very harmful virus as they infects the booting programs of the system.
Worms:Worms is a malicious program and it is programmed in such a way to spread to other devices in the network automatically. Hence it is more harmful than a virus.
Trojan or Trojan Horse is a non self replicating program that is created to harm the computer system.
Backdoor: It is the method of accessing,monitoring and controlling computer system without authentication usually by programs such as Trojan House,Spyware,Key loggers etc.
Spyware: It is a computer program that is designed to spy a device. Advanced spywares can capture the image of user via Webcam,can save all details via screenshot and send them to the hacker via email. Key loggers is a type of spyware which stores the key pressed by the user. So a simple key logger is enough to hack all credit card details of the user.
Rootkits: Rootkits are advanced malicious stealth programs. There are not visible in task manager. As they are hidden, thee are serious threats to computer systems.
Reverse Engineering: It is the latest technology that is used to hack the most secured system by redesigning the original program, hardware. It is sophisticated method and it is used by professional hackers to gain access to most secured systems. I am gonna give you the risk associated with this threat in the following example. Last year a team of hackers have hacked a BMW car by reverse engineering. They can literally control that just like a remote car.
Denial Of service(DOS): It is an attack that is intended to the take the network down so that the service offered by the network is denied to all the authorized users. Note: denial of service attack is done by a single system.
Distributed Denial of system(DDOS): As the networks became more complex with time, a single system cannot create denial of service in the network. Note:DOS is still possible in personal networks. DDOS is a sophisticated attack of network and it is done by more than system at a time. DDOS is usually done by BOTNETS which are compromised systems. DDOS are used to attack corporate network, websites. Largest known DDOS attacked happened last year at the peak speed of 400 GB Per second(compare this with speed of your net connection) by compromising millions of computers.
Identity Theft: It is the illegal way of accessing the network by using credentials of authorized user.
Software piracy: It is illegal use of the copyrighted software.
Man in the Middle attack: An unauthorized user receives,spoofs and sends the message. Consider A has sent a message to B and if C has intercepted that message and this type of attack is called in the man in Middle attack. Tapping a phone call is a classical example of this attack. Sometimes middle man even spoofs the message and send it to the receiver.
Social Engineering: It is a sophisticated attack performed by gaining trust of the user by befriending the user and by collecting information from him.
Phishing: It is a method to acquire sensitive information such as credit card details,password of social sites by designing a look alike site. Following is the picture of fake email sent to a bank account holder alleging to be from bank(Source:Wiki). Bank will not ask customer’s details via email.