fbpx

Welcome to Silicon Overdrive!

6 Common Types of Cybersecurity Threats

Overview

Every 39 seconds a cyberattack occurs, 75% of which start with an email (Phishing). 72% of hackers target larger companies and 80% of breaches involve stolen credentials or brute force attacks.

Every 39 seconds a cyberattack occurs, 75% of which start with an email (Phishing). 72% of hackers target larger companies and 80% of breaches involve stolen credentials or brute force attacks.

With all these attacks taking place, cybersecurity professionals are constantly on the lookout for cyberattacks. Cybercriminals target individuals and organisations every single day and the number of attacks is continuously increasing.

Why do cyberattacks occur?

There are a multitude of reasons why cybercriminals wreak havoc on people including money, for fun, to gain access to sensitive information, etc.

Here are six common types of cybersecurity threats to look out for.

6 Common Types of Cybersecurity Threats

1. Malware

Malware (Malicious Software) isn’t just one attack, it’s a collective name for various types of attacks including ransomware, spyware, and viruses.

Malicious software contains code developed by hackers to cause substantial damage to an individual or company’s data and/or systems. Typically these attacks are also used to gain access to the victim’s network.

6 Common Types of Malware:

2. Ransomware

What is Ransomware?

The simplest ransomware type is called Scareware. It simply means hackers make use of scare tactics to trick victims of the attack to pay the ransom. For example, a fake message appearing on your computer screen saying your computer has a virus and online payment is necessary.

During a ransomware attack, data is encrypted, which is what often forces a company or individual to pay the fee in order to regain access to their data.

Below are some examples of ransomware:

Via email. Credit: Digital Guardian

Via pop-up. Credit: Digital Guardian

3. Phishing & Spear Phishing

What is Phishing?

A common cyber-attack where users (often hundreds) are contacted via email, text, or phone call by a hacker which often poses as a legitimate business to retain sensitive information from the user such as their credit card details, passwords, etc.

Check out the origins of phishing and how it received its name here.

What is Spear Phishing?

Although Spear Phishing uses the same processes as normal phishing attacks, the difference is that spear phishing is used to target a single individual. This method makes it seem personal as the hacker is pretending that they know you.

Credit: Imperva

4. Trojan

Trojan (or Trojan horse) is a type of malicious code created to take control of your device. It’s designed to damage, steal, or disrupt an individual or organisation’s data or network.

How Trojan Attacks Work

A hacker typically sends an email with a file attachment, containing malicious code, which a user opens thinking it’s legitimate. After downloading and opening the file, malware is installed on your device. When a user opens the program, the malware spreads to their files and damages your device.

Common Types of Trojans (norton.com)

  • Backdoor Trojan
  • Distributed Denial of Service (DDoS) Attack
  • Downloader Trojan
  • Fake AV Trojan
  • Game-thief Trojan
  • Infostealer Trojan
  • Mailfinder Trojan
  • Ransom Trojan
  • Remote Access Trojan

View the rest on here.

5. Man-in-the-Middle (MitM) Attacks

A Man-in-the-Middle (MitM) attack is when communication between two parties is intercepted by a cybercriminal. The two affected parties think they are in direct contact when in fact, the hacker is relaying or modifying the communication.

MitM attacks are typically used to steal personal info, login details, corrupt data, etc.

How MitM attacks work:

  • A hacker creates a fake network or interferes with a legitimate one.
  • The traffic is then decrypted to allow the hacker to steal information, or reroute traffic.
  • This is typically done without the victim or host’s knowledge, allowing the hacker to silently observe and manipulate traffic.

6. Denial of Service (DDoS) Attacks

A Distributed Denial-of-Service (DDoS) Attack is when an attacker uses a network of infected computers (botnet) to overwhelm a targeted server with phoney requests, preventing the server to handle legitimate requests. The goal is to overwhelm the server with traffic to render the website or online service inoperable.

How do you know you’re under attack?

  • Your Internet is disconnected
  • Unable to access a website
  • Access to remote or local files is slow
  • High volumes of spam emails

Glossary

Botnet – Network of computers that are hacked and controlled remotely by an attacker.

Brute Force Attacks – A trial and error process where a hacker guesses username and password combinations to log in to the backend of a site or application. Hackers often also try to find encryption keys or hidden web pages.

Command and Control (C&C) Server – A computer-controlled by a cybercriminal that sends commands to a system compromised by malware. These servers allow a hacker to gain complete control of a victim’s computer to execute malicious code.

Spyware – Unwanted software created to steal sensitive information about an individual or business by gaining access to their hardware devices. Hackers can also steal information from users via web tracking.

Web Tracking – When websites collect, store and share information about visitor’s activities on the Internet.

WormsWorms get their name from the way they infect systems. Worms typically start with one machine then work their way through the network, spreading the infection. This type of malware works rapidly, causing damage in a short period.

Your Trusted IT Consultant

As a full-stack IT solutions provider, we are the ideal IT consultant to reduce your costs, manage your risk and ensure business continuity through our comprehensive IT Managed Services, support and solutions. Get in touch with our consultants for expert advice.

If you liked this, you'll love these...

How to Secure Your WordPress Site
Blog

How to Secure Your WordPress Site

Thinking of setting up a WordPress site? Since there’s so much info floating around, here’s an easy guide on how to secure your WordPress site against hackers.

Trend Micro Deep Security
Security

Trend Micro Workload Security

Trend Micro Workload Security Trend Micro Workload Security is a comprehensive security and cloud protection suite that scales seamlessly and helps you maintain continuous compliance. Workload Security protects your AWS workloads against threats, malware and vulnerabilities with IPS/IDS, application control,

We use cookies to track visitors, measure ads, ad campaign effectiveness and analyze site traffic. We may also share information about your use of our site with 3rd parties. For more info, see, our Cookies Policy, our Privacy Notice. By clicking “Accept All” you agree to the storing of all cookies on your device. In case you don’t choose one of these options and use our website, we will treat it as if you have accepted all cookies.

We use cookies to track visitors, measure ads, ad campaign effectiveness and analyze site traffic. We may also share information about your use of our site with 3rd parties. For more info, see, our Cookies Policy, our Privacy Notice. By clicking “Accept All” you agree to the storing of all cookies on your device. In case you don’t choose one of these options and use our website, we will treat it as if you have accepted all cookies.