Part 2 - Types of threats
There is a wide variety of cybersecurity threats that currently exist. While there are many hundreds of specific ways in which threats are carried out, they can generally be divided into groups that share common characteristics.
Malware is a broad term that refers to any type of malicious software that hackers use to infiltrate a computer or network. Malware is used to infect a device in order to steal private data. The most common types of malware include:
Spyware - this is software that hackers use to secretly monitor user activity, for example to steal passwords.
Viruses - viruses can be used to corrupt, erase, or steal data. There are even viruses that can cause permanent physical damage to computers. Many viruses, known as “worms” are designed to be able to be transferred from computer to computer, allowing the virus to spread without the user even knowing it's happening.
Trojan horses - this is malicious software that can infect computers through a seemingly safe entry point such as by installing what appears to be a legitimate piece of software or app.
Keyloggers - once infected with a keylogger, a hacker can track everything that a user types on their keyboard. These are designed to capture valuable private information such as passwords or usernames for bank accounts.
Ransomware - this is used to infiltrate a device and then encrypt the data stored on it. It essentially holds that data hostage, which the hacker then uses to force the user to pay a ransom to regain access to it. If the ransomware demands aren’t met, the data can be deleted or left permanently encrypted and therefore inaccessible.
Phishing attacks involve attempts to steal confidential personal information. This is normally done via email, where cyber criminals send emails that contain links to bogus websites. The targeted user is then encouraged to enter their personal details that can then be used at a later time to access bank accounts or port their phone sim over to the attacker.
Man-in-the-Middle (MITM) attacks occur when a hacker manages to insert themselves in between two other parties transferring information or conducting a transaction. This type of attack is also known as an eavesdropping attack. Using this technique, hackers can disrupt the flow of secure information or steal data. MITM attacks most often occur when a device has been breached due to a malware infection or over unsecured WiFi networks.
Distributed Denial of Service (DDoS) attacks disable websites by overwhelming them with traffic. Unlike other types of threats generally trying to steal information, DDoS attacks are aimed at disrupting a company’s systems or services. However, for large organisations that might have millions of visits per day, this can still lead to huge revenue losses. And cyber criminals are also now using DDoS attacks as a means of extortion, where businesses are threatened with further attacks unless payments are made.
SQL stands for Structured Query Language, which is one of the most widely used computer coding languages and is often run on large servers. SQL injections occur when malicious code is inserted into a SQL server. This allows attackers to view otherwise secure data on the infected server.
In Part 3 of The Non-Technical Guide to Cybersecurity article, we explore the most effective ways to protect yourself and your business against the most common types of cyber threats - check it out next week.
Talk to the experts at FinXL about how you can meet the cybersecurity needs of your business.