Common Cyber Threats

Malware

Malware is a broad term used to describe any file or program that is intended to harm or disrupt a computer. This includes:

1. Botnet Software

Botnet software is designed to infect large numbers of Internet-connected devices. Some botnets comprise millions of compromised machines, each using a relatively small amount of processing power. This means it can be difficult to detect this type of malware, even when the botnet is running.

2. Ransomware Attack

Ransomware is a form of malware that encrypts victims’ information and demands payment in return for the decryption key. Paying a ransom does not necessarily guarantee that you will be able to recover the encrypted data. Learn more about ransomware

3. RATs

RATs (Remote-Access Trojans) are a type of malware that install backdoors on targeted systems to give remote access and/or administrative control to malicious users.

4. Rootkits and Bootkits

Rootkits tend to comprise several malicious payloads, such as keyloggers, RATs and viruses, allowing attackers remote access to targeted machines.

Bootkits are a type of rootkit that can infect start-up code – the software that loads before the operating system.

5. Spyware

Spyware is a form of malware used to illicitly monitor a user’s computer activity and harvest personal information.

6. Trojan

A Trojan is a type of malware that disguises itself as legitimate software but performs malicious activity when executed.

7. Viruses and Worms

A computer virus is a piece of malicious code that is installed without the user’s knowledge. Viruses can replicate and spread to other computers by attaching themselves to other computer files.

Worms are like viruses in that they are self-replicating. However, they do not need to attach themselves to another program to do so.

8. RaaS

Also known as “Ransomware as a Service” — is a growing industry in the underground hacker community. People without the knowledge to carry out a sophisticated ransomware attack can pay to hire a professional hacker or team of hackers to perform the attack for them.

The growth of the underground RaaS industry is worrying, as it shows how easy it is to infect people with ransomware despite the bad actors having no previous experience with designing or coding malware.

9. News Malware Attacks

Cybercriminals often use current news stories and global events to target people with malware.

One example is hackers using the wave of the COVID-19 (Coronavirus) outbreak to target individuals with malware. Hackers send out emails that are disguised as legitimate information about the outbreak. Readers are prompted to click a link to learn more about the information, but the link contains malware that copies the files on your device and steals your personal information.

Research currently focuses on the spread of this malware in Japan. Still, it will become an issue worldwide during any kind of newsworthy outbreak.

IoT Device Attacks

As the popularity of IoT (Internet of Things) devices grows  — things like smart speakers and video doorbells — hackers are looking to exploit these devices for valuable information.

There are multiple reasons why hackers choose to target IoT devices. For one, most IoT devices don’t have enough storage to install proper security measures. These devices often contain easy-to-access data such as passwords and usernames, which then can be used by hackers to log into user accounts and steal valuable information, such as banking details.

Hackers can also use internet-based cameras and mics to spy on and communicate with people — including young children via smart baby monitors.

These devices can also act as weak points in a corporation’s network, meaning hackers can gain access to entire systems through unsecured IoT devices — spreading malware to other devices across the network.

Botnets

Botnets are large networks of compromised computers, whose processing power is used without the user’s knowledge to carry out criminal activity. This can include distributing spam or phishing emails or carrying out DDoS attacks.

Exploits and Exploit Kits

An exploit is a piece of malicious code that can compromise a security vulnerability. Many have been developed by the security services. For instance, in 2017 the WannaCry ransomware spread using an exploit known as EternalBlue. This exploit had been developed by, and stolen from, the US National Security Agency.

Exploit kits are collections of multiple exploits. Available for rent on the dark web, they enable unskilled criminals to automate attacks on known vulnerabilities.

MITM Attacks

An MITM (man-in-the-middle) attack occurs when a criminal hacker inserts themselves between a device and a server to intercept communications that can then be read and/or altered.

MITM attacks often happen when a user logs on to an insecure public Wi-Fi network. Attackers can insert themselves between a visitor’s device and the network. The user will then unknowingly pass information through the attacker.

Drive-by Downloads

Drive-by downloads install malware when victims visit a compromised or malicious website. They don’t rely on unsuspecting users taking action, such as clicking malicious email attachments or links, to infect them.

Phishing Attacks

Phishing is a method of social engineering used to trick people into divulging sensitive or confidential information, often via email. Not always easy to distinguish from genuine messages, these scams can inflict enormous damage on organisations.

Social Engineering

Social engineering is used to deceive and manipulate victims in order to obtain information or gain access to their computer.

This is achieved by tricking users into clicking malicious links or by physically gaining access to a computer through deception.

Humans are possibly the weakest link in any security protocol. This is why cybercriminals are now turning to human psychology and deception to try and gain access to personal information.

The hacker will start by contacting a company or service provider and pretend to be a specific person. They’ll ask questions regarding the victim’s account and trick the customer support team into handing over pieces of sensitive information. Then, they’ll exploit that information to gain access to a person’s account and data, including payment details.

Although this isn’t a type of malware, social engineering is an alarming trend, as it doesn’t require hackers to know about coding or malware development. Instead, all the attacker needs is to be convincing and allow human error and complacency to reward them with the data they need.

SQL injection

A SQL (Structured Query Language) injection occurs when an attacker inserts malicious code into a server that uses SQL. SQL injections are only successful when a security vulnerability exists in an application’s software. Successful SQL attacks will force a server to provide access to or modify data.

Backdoors

Backdoors allow remote access to computers or systems without users’ knowledge.

DDoS Attacks

DDoS (distributed denial-of-service) attacks attempt to disrupt normal web traffic and take targeted websites offline by flooding systems, servers or networks with more requests than they can handle, causing them to crash.

Formjacking

Formjacking is the process of inserting malicious JavaScript code into online payment forms in order to harvest customers’ card details.

Cryptojacking

Cryptojacking is the malicious installation of cryptocurrency mining – or ‘cryptomining’ – software. This software illicitly harnesses the victim’s processing power to mine for cryptocurrency.

DNS Poisoning Attacks

DNS (domain name system) poisoning attacks compromise DNS to redirect traffic to malicious sites. Affected sites are not ‘hacked’ themselves.

Artificial Intelligence (AI) Attacks

As more tools become available to developers who want to program AI scripts and software, hackers will be able to use this same technology to carry out devastating cyberattacks.

Although cybersecurity companies are using artificial intelligence and machine learning algorithms to help combat malware, these technologies can also be exploited to hack devices and networks on a massive scale.

Cyberattacks can often cost cybercriminals a lot in terms of time and resources. So, with the expansion of AI and machine learning technologies, we can only expect hackers to develop highly-advanced and destructive AI-based malware in the future.