Computer systems face many cyber threats and cyber security professionals are responsible for defending these systems. Unfortunately, many people and businesses face cyber attacks on a daily basis and there are now many more types of attacks. John Chambers is the former CEO of Cisco and he indicates that there are typically two types of businesses, ones that have been hacked and ones that are not aware they are already victims of being hacked.
There are many reasons for cyber attacks. One of the main ones is of course, money. There are many hackers that attack systems and take them offline and then demand money in order for them to be restored. This is known as ransomware and it is more popular and refined than in the past.
The vast majority of companies are quite susceptible to cyber attacks, however, normal everyday people are also susceptible. This is typically due to the fact that most people have personal information on their devices and smart phones and they use public networks that are unsecured.
In order for there to be improved cyber security, being aware of and tracking cyber attacks is essential. It is also important for cyber security professionals to continuously become more knowledgeable about cyber security and the different types of threats that exist. It is definitely a good idea to get a master’s degree in cyber security. There are many ways to prevent cyber attacks on a business including XDR – find out more here about how you can protect yourself and your business from cyber criminals.
Cyber Security Threat Defined
Cyber security threats are basically any attack on a computer based system that is meant to gain illegal access to information or data. It also includes any disruptions or damages to the system as well. There are many possible parties involved in cyber threats such as terrorist groups, corporate spies, hostile nations, unhappy employees or past employees etc.
In the last couple of years, there are more high profile cyber attacks and this has caused a lot of highly sensitive information to become exposed. A good example of this was in 2017 when there was an cyber attack on Equifax which resulted in the personal information of as many as 143 million customers being released. This information included social security numbers, home addresses, date of birth etc. Marriott International also experienced a similar attack in 2018 where the personal information of 500 million customers was stolen. In these two examples, these cyber attacks were successful due to the fact that these two companies didn’t implement and test cyber security measures such as firewalls, encryption and more.
It is easy for hackers to use the information they steal from people or companies to easily access their financial accounts and other personal information. This is quite damaging and is one of the main reasons why cyber security is so important.
7 Cyber Security Threats
When it comes to cyber security, it is important that cyber security professionals fully understand all the different types of treats. We will now take a look at 7 main types.
Malware can easily get onto a computer system and includes things such as ransomware, worms, spyware, viruses and more. This is usually activated when a person opens an attachment or clicks on a link that is malicious. This then results in malicious software being installed on the computer system. When malware is activated it can result in the following:
– Installation of even more bad software
– Ransomware where access to certain components is blocked
– The system becomes unusable due to the malware corrupting it
– Retrieving of personal information from the hardware covertly
Emotet is defined as a banking trojan that drops or downloads additional banking trojans according to CISA (Cybersecurity and Infrastructure Security Agency). This is among the most dangerous types of malware that exists.
- DOS – Denial Of Service
DOS attacks are when the attacker bombards the system or network with so many requests that causes it to be unable to respond to real requests. DDOS is known as a distributed denial of service attack and it is the same as a DOS attack, however, the difference is that it comes from a computer network. The vast majority of hackers do this type of attack so that the handshake process is interrupted. There are lots of different techniques and they can use this type of attack to disable the network and once that happens, they may launch another attack. It is possible for hackers to do DOS attacks on millions of computer systems and this is known as a botnet. Basically, all of these systems are infected with malware which allows the hacker to control them. Botnets are also referred to as zombie systems since the usually overwhelm the processing ability of any systems that it targets. Unfortunately, this type of threat is difficult to trace and can be done in different locations.
- MITM – Man In The Middle
This type of attack is when the hacker places themselves between two party transactions. They basically interrupt the traffic and then they sort through the data and steal whatever they wish. Unfortunately, if you use public and unsecured WiFi networks, this attack can easily occur. The hacker can easily place themselves between the network and user, install malware and additional software to gain access to personal data.
Phishing involves tricking users to open fake communication like an email and do what is indicated in the email. For example, sending your banking information or credit card number.
- SQL Injection
SQL injections are exactly what they sound like: the insertion of malicious code into an SQL server. This causes the server to become infected and it then releases private information. This can be quite simple to do and this code can even be inserted by sending it through the search box of a website.
- Password Attacks
Once a hacker has the correct password, they can easily gain access to a lot of information. According to Data Insider, social engineering is actually a password attack since it uses human interaction to convince or even trick people into providing passwords. There are many other types of password attacks such as simply trying to guess the password, using password databases etc.