A cyber threat refers to any potential danger or malicious activity targeting computer systems, networks, or digital assets. It encompasses a wide range of malicious actions, including cyber-attacks, unauthorized access, data breaches, and exploitation of vulnerabilities. Cyber threats can originate from various sources, such as cybercriminals, hackers, nation-state actors, insider threats, and even unintentional human errors.
1.Phishing
Phishing is a type of cyberattack that uses email, SMS, phone, social media, and social engineering techniques to entice a victim to share sensitive information such as passwords or account numbers or to download a malicious file that will install viruses on their computer or phone. Common Phishing Attacks include Spear Phishing, Whaling, SMiShing, and Vishing. (I am going to cover all these in upcoming articles in a special "Cyber Attacks" series).
A classic example is a phishing email impersonating a trusted bank, prompting recipients to click on a malicious link and enter their login credentials, resulting in financial fraud or identity theft.
2.Malware
Malware, short for malicious software, encompasses many harmful programs designed to infiltrate, damage, or gain unauthorized access to computer systems and networks. Types of Malwares include Ransomware, Fileless Malware, Spyware, Viruses, Worms, Trojans, Rootkits, Spyware, Adware, Mobile Malware, Exploits, Scareware, Keylogger, Botnet, MALSPAM, Backdoor. (These will all be covered in detail in "Cyber Attacks" series).
In a real-world scenario, imagine a ransomware attack targeting a hospital's network, encrypting patient records, and disrupting medical services which may potentially put patient lives at risk.
3.DoS/DDoS Attacks
A Denial-of-Service (DoS) or DDoS Attack is a malicious, targeted attack that floods a network with false requests in order to disrupt business operations. (In simple words server slow/server hang). In a DoS attack, users are unable to perform routine and necessary tasks, such as accessing email, websites, online accounts, or other resources that are operated by a compromised computer or network.
The difference between DoS and Distributed Denial of Service (DDoS) attacks is that DoS attacks originate from just one system while DDoS attacks are launched from multiple systems. DDoS attacks are faster and harder to block than DOS attacks because multiple systems must be identified and neutralized to halt the attack.
For example, a DDoS attack against a popular online gaming platform during a major tournament can result in lost revenue, damage to brand reputation, and customer dissatisfaction.
4.Insider Threats
Insider threats involve malicious actions or negligence by individuals within an organization, such as employees, contractors, or trusted partners. These insiders may intentionally or inadvertently compromise sensitive data, sabotage systems, or leak confidential information.
For example, a contractor with access to proprietary technology stole intellectual property and sold it to a competitor, resulting in financial losses and legal repercussions for the organization.
5.Spoofing
In simple words, I will say, that spoofing is when someone or something pretends to be someone or something else to trick you. It's like someone wearing a disguise to fool others into thinking they are someone they're not. By doing this, the attacker can interact with the target and gain access to their systems or devices, aiming to steal information, demand payment, or install malware or other malicious software on the device.
Different types of Spoofing include Domain Spoofing, Email Spoofing, and ARP Spoofing. (All these will be covered too).
A real-life example from email spoofing. Imagine you receive an email that looks like it's from your bank, but it's actually from a cybercriminal pretending to be your bank. They've made the email look exactly like the ones your bank sends, with the same logos and formatting. They might ask you to click on a link and enter your login credentials or personal information. If you fall for it, they can steal your sensitive information and use it to access your bank account or commit fraud.
6.Identity Theft Attack
Identity theft is when someone steals your personal information, like your name, Social Security number, login credentials, or credit card details, and uses it to pretend to be you. They can then use this information to make purchases, open accounts, login into your accounts or commit other fraudulent activities in your name.
It is very critical attack and has several types which may include Brute Force Attacks, Session Hijacking, Kerberoasting, Man-in-the-Middle (MITM) Attacks, Pass-the-Hash Attacks, Golden Ticket Attacks, Silver Ticket Attacks, Credential Harvesting, Credential Stuffing, Password Spraying, and Downgrade Attacks. (Don't worry, these will be covered too).
A real-life example of identity theft is when someone steals your credit card information by hacking into a website where you've made an online purchase. They can then use that information to make unauthorized purchases online or in stores, leaving you responsible for the charges. Or they may log in to your social media accounts and ask for money as help from your friends and family by stating some kind of urgency.
7.Application Based Attacks
Code injection attacks consist of an attacker injecting malicious code into a vulnerable computer or network to change its course of action. There are multiple types of code injection attacks such as Code Injection, SQL Injection, Cross-Site Scripting (XSS), and Malvertising (Not only these, but a series is lined up to cover all kinds of attacks in detail with real case studies and examples).
Code injection attacks exploit vulnerabilities in software applications to insert and execute malicious code, posing significant security risks to organizations and individuals.
8.Supply Chain Attacks
Supply chain attacks are when hackers target an organization's suppliers or vendors to gain access to their systems or products, intending to infiltrate the organization's network indirectly.
Supply chain attacks leverage trust relationships and dependencies between organizations to infiltrate target networks indirectly. By compromising a trusted supplier or vendor, attackers can gain access to valuable assets, compromise data integrity, and cause significant damage to organizations and their stakeholders.
One notable example of a supply chain attack is the SolarWinds breach in 2020. In this attack, hackers compromised SolarWinds, a software vendor used by numerous government agencies and companies, to distribute malware-infected updates to its Orion software. As a result, thousands of organizations unknowingly installed malicious updates, giving the attackers backdoor access to their networks. This sophisticated supply chain attack allowed the hackers to steal sensitive data, monitor network traffic, and potentially disrupt operations across multiple sectors.
9.IoT-Based Attacks
IoT-based attacks target vulnerable Internet of Things (IoT) devices, such as smart home appliances or wearable gadgets, to gain unauthorized access to networks or disrupt services. Once compromised, the hacker can assume control of the device, steal data, or join a group of infected devices to create a botnet to launch DoS or DDoS attacks.
Imagine you have smart devices like a smart thermostat, a smart doorbell, or a fitness tracker that are connected to the internet. These devices collect data, communicate with other devices, and can be controlled remotely. IoT-based attacks occur when hackers exploit security weaknesses in these devices to compromise them, often with the goal of gaining access to the network they're connected to or causing disruptions.
A common example of an IoT-based attack is the Mirai botnet attack in 2016. In this attack, hackers exploited default or weak credentials on IoT devices like routers, IP cameras, and DVRs to infect them with malware and recruit them into a botnet. Once compromised, these devices were used to launch massive distributed denial-of-service (DDoS) attacks against internet infrastructure providers, such as Dyn DNS. The attack disrupted access to popular websites and online services, causing widespread internet outages for millions of users.
10.Advanced Persistent Threats (APTs)
Advanced Persistent Threats (APTs) are sophisticated and long-term cyber-attacks conducted by well-funded and highly skilled threat actors, such as nation-state actors or organized cybercriminal groups.
Some Common APTs are Anonymous, Lazarus Group, LockBit, Fancy Bear, Cozy Bear, OceanLotus, Elfin, Charming Kitten, and Double Dragon.
11.Cloud Based Attack
Cloud-based attack refers to a cyber-attack that targets cloud computing infrastructure or services, aiming to compromise data, disrupt operations, or gain unauthorized access to sensitive information stored in the cloud.
NOTE: These are only some of the major types of cyber-attacks; many more threats are emerging in today's digital landscape. Stay tuned for our upcoming article focusing on a comprehensive overview of various cyber-attacks.