Examples of Cyber Attacks

Now we will consider some examples of cyber attacks that can be performed on different OSI model layers.

Layer 1 (Physical Layer)

Evil Twin Attacks: Attackers set up a rogue Wi-Fi hotspot with a similar name to a legitimate network to trick users into connecting.

Layer 2 (Data Link Layer):

ARP Spoofing/Poisoning: Attackers send false Address Resolution Protocol (ARP) messages to associate their MAC address with the IP address of a legitimate device.

Layer 3 (Network Layer):

IP Spoofing: Attackers send IP packets from a false (or "spoofed") source address to deceive the recipient about the origin of the message.

Layer 4 (Transport Layer):

• Man-in-the-Middle (MitM) Attacks: Attackers intercept and manipulate communication between two parties, often by eavesdropping or altering data in transit;
• Session Hijacking: Attackers steal session cookies or tokens to impersonate a user.

Layer 7 (Application Layer):

• SQL Injection: Attackers inject malicious SQL code into input fields, exploiting vulnerabilities in the application's database layer;
• Cross-Site Scripting (XSS): Malicious scripts are injected into web pages viewed by other users, typically through user inputs or unvalidated data;
• Cross-Site Request Forgery (CSRF): Unauthorized commands are transmitted from a user the web application trusts.