Types of Hacking
Here's a quick rundown of hacking techniques to help you understand what may be going on when a computer system is hacked.
CODE INJECTION - this method involves using external inputs to run commands. SQL script can be used in a web form to get access to restricted areas of a web site. User input should be filtered for SQL queries.
DENIAL OF SERVICE (DoS) - this widely known approach simply involves flooding a site with traffic so its servers crash. Note that most often DoS attacks will make use of computers that are unaware they are being used for the attack.
CROSS-SITE REQUEST FORGERY (XSRF) - this hack involves running malicious commands from a source that the victim trusts. Html image tags in an email message may have links which will be activated even if they are not clicked.
DNS SPOOFING - with this technique bad Domain Name System data will be used to redirect data to the hacker's computer - domain names get translated into the wrong IP addresses.
SOCIAL ENGINEERING - you have probably been phished by someone pretending to a be friend or co-worker. Be on the lookout for 'vishing' (using the phone system); 'phishing' (typically done through emails); 'smishing' (using SMS texts); spear phishing (customized email messages targeting an individual or small groups); water holing (a trap on a trusted web site); and baiting (placing malware on USB drives or discs which are left where people may pick them up).