Cyber Security Threats
Cyber Security Threats are malicious acts that seek to damage data, steal data, or disrupt digital life in general. Online threats are varied, and they don’t discriminate organizations from individuals when looking for a target.
Cybersecurity threats come in three broad categories of intent. Attackers are after:
- Financial gain
- Espionage (including corporate espionage – the theft of patents or state espionage)
Virtually every cyber threat falls into one of these three modes. In terms of attack techniques, malicious actors have an abundance of options. There are ten common types of cyber threats:
- Malware | Software that performs a malicious task on a target device or network, e.g. corrupting data or taking over a system.
- Phishing | An email-borne attack that involves tricking the email recipient into disclosing confidential information or downloading malware by clicking on a hyperlink in the message.
- Spear Phishing | A more sophisticated form of phishing where the attacker learns about the victim and impersonates someone he or she knows and trusts.
- “Man in the Middle” (MitM) attack | Where an attacker establishes a position between the sender and recipient of electronic messages and intercepts them, perhaps changing them in transit. The sender and recipient believe they are communicating directly with one another.
- Trojans | Named after the Trojan Horse of ancient Greek history, the Trojan is a type of malware that enters a target system looking like one thing, e.g. a standard piece of software, but then lets out the malicious code once inside the host system.
- Ransomware | An attack that involves encrypting data on the target system and demanding a ransom in exchange for letting the user have access to the data again. These attacks range from low-level nuisances to serious incidents like the Attack on City Power, the energy supplier responsible for providing power to Johannesburg, South Africa, just a few days ago.
- Denial of Service attack or Distributed Denial of Service Attack (DDoS) | Where an attacker takes over many (perhaps thousands) of devices and uses them to invoke the functions of a target system, e.g. a website, causing it to crash from an overload of demand.
- Attacks on IoT Devices | IoT devices like industrial sensors are vulnerable to multiple types of cyber threats. These include hackers taking over the device to make it part of a DDoS attack and unauthorized access to data being collected by the device. Given their numbers, geographic distribution and frequently out-of-date operating systems, IoT devices are a prime target for malicious actors.
- Data Breaches | A data breach is a theft of data by a malicious actor. Motives for data breaches include crime (i.e. identity theft), a desire to embarrass an institution (e.g. Edward Snowden or the DNC hack) and espionage.
- Malware on Mobile Apps | Mobile devices are vulnerable to malware attacks just like other computing hardware. Attackers may embed malware in app downloads, mobile websites or phishing emails and text messages. Once compromised, a mobile device can give the malicious actor access to personal information, location data, financial accounts and more.
Even if a company or individual is targeted by malware, it is still possible to protect critical digital assets. It takes planning and commitment of resources, but Priavo works to combat all serious cyber security threats. Our specialist teams evaluate the susceptibility to threats and vulnerabilities, identifying existing and potential gaps in your infrastructure, and then work with you and your team to effectively implement our recommendations, based on our findings, prioritising and aligning measures against your business or personal risk profile. We also offer a remote managed cyber service, delivered from our MoD approved network security ops centre to strengthen IT infrastructure, systems, process and procedures across your business and private life.
Bespoke services include:
Managed security monitoring | web security | email security | secure accredited hosting | perimeter security | firewall services | vulnerability manager | penetration testing | reporting and incident management.
For more information on our cyber security services visit: priavosecurity.com/cyber-security