Attack Type↕ | Category↕ | Severity↕ | Notable Example↕ | Primary Prevention↕ |
|---|---|---|---|---|
Phishing | Social Engineering | High | 2016 DNC email hack via spear-phishing | Security awareness training, email filtering |
Ransomware | Malware | Critical | WannaCry (2017) — 200,000+ systems in 150 countries | Regular backups, patch management, endpoint protection |
SQL Injection | Web Application | Critical | Heartland Payment Systems breach (2008) | Parameterized queries, input validation, WAF |
Cross-Site Scripting (XSS) | Web Application | High | Samy worm on MySpace (2005) | Output encoding, Content Security Policy |
Distributed Denial of Service (DDoS) | Network | High | Dyn DNS attack (2016) — took down Twitter, Netflix | DDoS mitigation services, rate limiting, CDN |
Man-in-the-Middle | Network | High | Superfish adware on Lenovo laptops (2015) | TLS/SSL encryption, certificate pinning |
Zero-Day Exploit | Vulnerability Exploit | Critical | Stuxnet (2010) — targeted Iranian nuclear centrifuges | Threat intelligence, defense in depth, rapid patching |
Credential Stuffing | Authentication | High | Spotify credential stuffing (2020) — 350K accounts | Multi-factor authentication, password managers |
Supply Chain Attack | Software Supply Chain | Critical | SolarWinds Orion hack (2020) — 18,000 organizations | Vendor auditing, SBOM, code signing verification |
Brute Force | Authentication | Medium | iCloud celebrity photo leak (2014) | Account lockout policies, CAPTCHA, rate limiting |
DNS Spoofing | Network | Medium | Brazilian bank DNS hijack (2017) | DNSSEC, DNS monitoring, secure resolvers |
Buffer Overflow | Memory Exploitation | Critical | Code Red worm (2001) — exploited IIS buffer overflow | Memory-safe languages, ASLR, stack canaries |
Insider Threat | Human | High | Edward Snowden NSA leak (2013) | Principle of least privilege, DLP, behavioral analytics |
Cryptojacking | Malware | Medium | Coinhive script on 4,000+ government websites (2018) | Ad blockers, endpoint monitoring, browser extensions |
API Abuse | Web Application | High | Facebook API data scraping — Cambridge Analytica (2018) | API rate limiting, OAuth scopes, input validation |
Watering Hole | Social Engineering | High | US Department of Labor website compromise (2013) | Browser isolation, web content filtering, patching |
Session Hijacking | Web Application | High | Firesheep tool for WiFi session stealing (2010) | HTTPS everywhere, secure cookie flags, session rotation |
Rootkit | Malware | Critical | Sony BMG rootkit on music CDs (2005) | Secure boot, integrity monitoring, EDR solutions |
Typosquatting | Social Engineering | Medium | Fake Python packages on PyPI (2017) | Package verification, dependency scanning, awareness |
Side-Channel Attack | Hardware | High | Spectre and Meltdown CPU vulnerabilities (2018) | Microcode patches, kernel isolation, hardware mitigations |
Cross-Site Request Forgery (CSRF) | Web Application | Medium | Netflix CSRF vulnerability (2006) | CSRF tokens, SameSite cookies, origin checking |
Keylogger | Malware | High | Zeus banking trojan (2007) — stole millions in credentials | Anti-malware, virtual keyboards, behavioral detection |
ARP Spoofing | Network | Medium | Common in public WiFi attacks | Dynamic ARP Inspection, VPN, network segmentation |
Privilege Escalation | Vulnerability Exploit | Critical | Dirty COW Linux kernel vulnerability (2016) | Principle of least privilege, kernel patching, containerization |
Business Email Compromise | Social Engineering | Critical | Ubiquiti Networks — $46.7M BEC fraud (2015) | Email authentication (DMARC/DKIM), verification procedures |
Free to explore · No signup needed
Frequently asked questions
How is the Cybersecurity Attack Types list ranked?
The Cybersecurity Attack Types list is ranked by community votes. Every visitor can pick one option over another in head-to-head matchups, and the running totals determine the order you see. No editors or algorithms — just real people voting.
How many entries are in this Cybersecurity Attack Types dataset?
This dataset contains 25 entries, each with multiple sortable, filterable columns. The full table is visible on this page and can be downloaded as a CSV, JSON, or Excel file.
Can I download the Cybersecurity Attack Types data?
Yes. The download buttons at the top of the page give you the full 25-row dataset as CSV, JSON, or Excel. Use of the data is permitted under a Creative Commons Attribution license — credit dtbse.com when you republish.
Related Datasets
More in Technology
Countries by Internet Users
Countries ranked by number of internet users.
Screen Recording & Video Messaging
Screen Recording & Video Messaging
Databases
Popular database management systems spanning relational, document, key-value, graph, and time-series types.
AI Image Generators
AI Image Generators
Tech YouTube Channels
Popular technology-focused YouTube channels covering reviews, tutorials, and tech culture.
Web Hosting
Web Hosting (Cloud & Shared)
Note-Taking & PKM Apps
Note-Taking & PKM Apps
AI Models & LLMs Ranked
GPT-4, Claude, Gemini, Llama — the AI models reshaping civilization, ranked by the humans they might replace.
Types of Bridge Engineering
Suspension, arch, cantilever — which bridge design is the greatest feat of engineering?
Programming Languages
Popular programming languages with their creation year, paradigm, typing system, and common use cases.
Social Media Platforms Ranked
Instagram, TikTok, X, Reddit, YouTube — which social platform actually deserves your screen time?
Cryptocurrencies
Cryptocurrencies and digital currencies.