What are Cyber Threats?
Cyber threats fall under several categories, but generally speaking, a cyber threat refers to any situation where there is a possibility of a threat of, or evidence of unauthorised access gained to a computer, network or system.
Cyber threats are common, and the likely reason may be one of the following:
● To steal data
● Extort money
● Disrupt, damage or disable the hardware, software and associated infrastructure
The problem with a cyber threat is that it can come from within an organisation itself, or from a remote location, from unknown parties. Locating the source of a cyber threat is half the battle, as you will also need to put into place prevention methods for the future as well as implement damage control wherever possible.
What causes cyber threats?
It can be unintentional (caused by untrained or inattentive employees, software upgrades or maintenance and equipment failures) or intentional.
Intentional cyber threats are sometimes untargeted. In some cases, malware or viruses have no specific target and are simply released on the internet. Meanwhile, targeted, intentional threats are specific attacks on a system, are often critical, and have a specific function.
Understanding types of cyber attacks
Knowing about what types of cyber threats your business might face will help you understand how to protect yourself, your business and your data. A cyber threat can seriously affect your assets and your reputation. Through understanding how best to protect your assets, you can avoid costly repercussions of a security breach caused by a cyber attack, simply through implementing the appropriate cyber security measures.
Types of Cyber Attacks
This all-encompassing phrase covers any type of malicious software that is placed on a computer or a network. This can include spyware, ransomware and Trojans – all have specific actions to complete; whether that is data mining, decrypting files or looking for passwords and account information.
As individuals, we are all becoming more aware of phishing scams, but as the hackers become more advanced, they are utilising many more ways to get access to personal details.
This refers to the traditional hacking practice of obtaining sensitive information through online communication and is a continuous potential threat in 2020 and beyond as these practices are taken to another level.
Vishing, or voice phishing, refers to criminal phone fraud. Unlike phishing, it involves a more personal level of threat due to that fact hackers will likely scam individuals using a voice call. Such an interaction is rising in prominence due to the fact that people may be trusting of a voice call rather than email. Fake caller ID is used, meaning it can take as little as one conversation for perpetrators to divulge personal information directly from you.
This refers to SMS phishing or phishing via text message. This method of cyber attack is rising in prominence as more companies, including those in the public sector such as hospitals and doctors surgeries, as well as private sectors such as banks, communicate with customers via SMS.
● Denial of Service and Distributed Denial of Service (DoS/DDoS)
Denial of Service involves a process whereby a malicious agent will flood a server with requests to overload the system as it tries to sort out all the actions. This prevents genuine requests from being dealt with, essentially freezing the service.
● Advanced Persistent Threat
This cyber threat is unauthorised access that persists for a long time – unnoticed and difficult to get rid of, data breaches, deletions and undermining can occur over a long period of time.
● Natural Disaster
Anything natural that could cause physical damage to a server system, an individual computer or a network can be seen as a cyber threat.
Top 20 Cyber Threats for 2020
Sometimes, the biggest threat to your cyber security can be your own employees. They have access to all sorts of data and information with the potential to breach your security measures. This might be employees who are disgruntled about something to do with their employment, or an employee who has access to data but is not aware of the confidential nature – accidentally sharing that information or leaving it accessible in public. Of course, there is always the concern that an outside influence might be able to ‘make’ an employee share sensitive data or information, through coercion or bribery. These Insider Threats are actually amongst the hardest to mitigate and deal with, as they are hard to predict, and sometimes detect.
Yes, it is an old threat, but as technology advances, so do cybercriminals and the way they work in order to get information from individuals and companies.
By combining different communication methods, scammers can make it much more plausible for the unwary to give access to vital information. Social engineering, as a psychological tool in the hacker’s arsenal, can make it seem even more like a legitimate request.
This step-up from traditional email phishing has even coined a new phrase – ‘whaling’ – where a scammer poses as a C-Level Executive and instructs an employee to transfer money to a different account.
3. Exposed Databases
In the last couple of years, more and more businesses are transferring their data storage into the Cloud, preferring to host servers offsite to save time, space and, ultimately, money.
Cloud storage does not necessarily mean it is safe though. Using public cloud storage, or ones that don’t offer multi-factor authorisation can leave your business open to data breaches, manipulations,
4. Lack of Well-Trained, Knowledgeable Cybersecurity Personnel
With the ever-changing landscape of IT and the risks that come with managing high-risk data, cybersecurity personnel have a high turnover, larger levels of burnout, and are often the hardest positions to keep filled in any company.
This lack of continuity, as well as the inevitable open positions with no supervision, means that there is no continuity of care for your data. Each professional will have their own style, preferred tools and ideas about what constitutes security – from the anti-virus programs they use to the number of people that have access to mission-critical systems.
This cyber threat is believed to cost billions a year around the world. Attackers prevent access to data or use of the systems, often by holding sensitive data ‘hostage’. They demand a price, usually in cryptocurrency, as that can be collected anonymously – and when that is paid, the data is released. Sometimes, the data gets encrypted by the hackers, and the key is delivered when the ransom is paid.
6. The Internet of Things (IoT)
Our new reliance on all our devices being connected to each other and to the internet leaves us vulnerable to a malicious cyber attack. Businesses connect their devices that help them collect data and streamline business processes – but unauthorised control of these devices could cause havoc, overload networks, or lock down the devices themselves.
New ‘smart’ devices are being added to the IoT every day – and in this rush to be at the forefront of connectivity, often security vulnerabilities are overlooked.
A specific threat, perhaps, but one that can have an impact across all business. Today, our medical records are almost exclusively online. This means that they are vulnerable to data breaches, and as they contain the most sensitive and personal data about us, it can be very valuable to a hacker.
When it comes to modern medical technology, smart medical devices might become vulnerable too. Connected heart monitors, syringe drivers, and other medical equipment could easily be forced to failure under a cyber-attack – loss of life, as well as data, could be an outcome.
The NHS and private healthcare firms, therefore, need to be at the forefront of cyber security and technology.
8. Zero-Day Exploit
This is a term given to a software vulnerability that has been found by a hacker. Once the vulnerability is located, an exploit is usually written and used to get into a system. These exploits are such that the vendor or creator doesn’t know that there is a vulnerability – yet – and as soon as they do, they fix it, often with a patch.
This is why it is important to update your software whenever you are requested to do so by the vendor.
9. Advanced Persistent Threat
During an APT, a hacker ‘burrows’ into the network, hiding undetected for a long period of time. The connection to the network is hard to break with software updates or rebooting.
This level of threat is usually state-sponsored or political, but it can also be economical and more personal.
10. Distributed Denial of Service (DDoS)
A DDoS attack stops a network in its tracks, by flooding it with data, connections and sometimes corrupt files. This effectively paralyses it, causing delays and failures.
DDoS attacks can be political, or revenge from a disgruntled ex-employee. Many businesses that have suffered a DDoS attack have felt that it might have originated from a competitor.
11. Man in the Middle (MITM) Attack
During this attack, a conversation that is believed to be between two parties is actually being routed through a middleman. They are relaying and altering the communication for their own ends.
The two parties don’t necessarily have to be individuals – one could be a bank, for example, and the MITM is getting one individual to log into their account (on the ‘wrong’ page).
This can be achieved through physical proximity or through malware, which can include reading emails or creating unsecured Wi-Fi, and all have the intention of altering and decrypting personal information.
This malware is installed on your computer in order to secretly record and share specific information. This might include passwords and login information, bank account details, or other sensitive data.
This type of malware is often attached to free online software downloads and saw a real surge when P2P file sharing was popular.
Named after the Greek story, a Trojan attack misleads the user about the intent of the software. Downloaded to your computer after opening an attachment or clicking on a social media link, the trojan can have one of several intents.
It can open a backdoor, allowing an agent access to the system and files.
It can run an exploit – a malicious code that attacks vulnerable software.
It can give access to the way your computer systems run, boots and works in general.
It can also be a Banker, a DDoS, a Dropper or many other permutations.
Trojans are not able to replicate themselves or infect other files – but they can carry malware with that capability.
14. Drive-By Download
This malware is unintentionally downloaded onto a computer or system – either by a misrepresentation of what it is or simply by visiting a website or clicking a link. This doesn’t need any phishing techniques, as the download link is not an obvious scam.
With the upsurge in cryptocurrency, mining is a way to make bitcoin that doesn’t involve much in the way of skill, but it does need huge amounts of computer processing power. In order to mine cryptocurrency, you need to be able to decrypt a 64-digit hash – something that needs a lot of computing.
Standard PC set-ups just aren’t good enough for this activity. Cyber criminals are now cryptojacking the CPU speed and capabilities of businesses in order to mine bit currency successfully.
As our technological abilities advance, more and more of our infrastructure is becoming connected and computerised. From traffic control to the Grid, from traffic lights to nuclear power plants – big, important facilities are now online and therefore more open to attack.
Cyber-physical attacks are the combination of a cyber threat with a specific target that has direct, physical consequences.
The successor to 4G, 5G will be 100 times faster, and way more widespread in connecting smart devices and the world were wi-fi isn’t available.
4G was hardware-based, on a spoke and wheel configuration, offering ‘choke points’ in the data transfer that allows more control and inspection of the data that is being transferred. The capabilities of the 5G network come from the fact that it is software-based, offering better data flow
– but the hurried deployment and lack of real regulation has left the network open to exploit.
With the addition of the Internet of Things and all the devices that are attached to this network, there is a massive expansion of the attack surface – so many vulnerabilities can be open to exploit.
18. Third Parties
If your business uses contractors and vendors, it can add another layer of risk – they might have access without management or monitoring – and this is not only a data risk but a deeper risk to your intellectual property.
It is thought that around 60% of data breaches come from third parties.
This online phenomenon uses human image synthesis in which manipulated videos created through machine learning share fake news and are often the source for great satire.
The software to create this threat is freely available online and through apps, and the reason it is a threat to a business is that it becomes harder and harder for the truth to be seen in any situation – how many cases will be thrown out of court when the accused says “that is a deepfake”?
This new level of authenticity makes us question our own perceptions, and for our businesses, the danger is to our reputations, but also to our data and security too.
20. Natural Disasters
This might be an interesting one to include in a list of cyber threats, but a natural disaster can pose a threat to not only your building but your data too. Something as simple as a power outage can cause long-lasting damage if your data isn’t managed securely.
If a fire or a flood were to occur, your servers could be damaged. This would mean your data could be irreversibly lost. The best way to prevent such an occurrence causing long term problems is by backing up your data wherever possible, as contingency plans and clean up and recovery can be made a lot smoother with such things in place.
Recent High-Profile Cyber Attacks
Capital One, 2019
A hacker gained access through a configuration vulnerability in a web application firewall, and managed to decrypt 100 million US details and 6 million Canadian.
The hacker was arrested, and although she hadn’t managed to disseminate or use the information fraudulently, this could be because she hadn’t been able to sell it on yet.
The hacker used to work for the internet hosting company that Capital One uses.
Travelex, 2019 – ongoing
The online travel money company became the victim of a ransomware attack, where the hackers gained access 6 months ago, downloaded 5GB of sensitive customer data and then demanded $6m in payment.
Travelex have not got full system usage back as yet, and it is not clear if the ransom has been paid or other negotiations are ongoing.
The Weather Channel, 2019
For an hour, the Weather Channel did not broadcast, and viewers took to Twitter to try and find out what had happened.
The channel said that it had been victim to a malware attack – but dealt with it in the best way – by restoring their services from a back-up.
Leveraging of IoT Devices, 2019
A hacker group used IoT devices to access corporate networks. The hackers were said to have targeted democrated institutions in the past, and have attempted to compromise IoT devices such as office printers and a VOIP phone to gain access to corporate networks.
Unnamed Vegas Casino
A list of ‘high-roller’ customers from an unknown Vegas casino was stolen via an exploited vulnerability in a fish tank thermometer.
Hackers discovered that this device, part of the Internet of Things, was the weak link in the security system, and through this weakness, they managed to download 10GB of high-value personal data before the link was severed.
How to Prevent Cyber Attacks
If you are looking for simple steps you can take to protect your business online, then here at CIS we are always pleased to offer you advice.
Small doesn’t always mean safe – in fact, some cybercriminals might see you as a more idea target as they will assume you have little to no cybersecurity in place.
You need to fully understand the type of sensitive data you have, store and use – so that not only can you protect it from hackers and unauthorised access, you are also following GDPR regulations.
When you understand your data, you will have an idea of the type of threat you might face and can plan appropriately.
2. Inside Threat Management
Although it isn’t comfortable to think about, the biggest threat to your cybersecurity can actually be your own employees.
Ensure that they understand the importance of data safety and security by completing training and getting them to sign off on their responsibility for protecting data.
Another way to ensure your employees are only accessing the information they need to is to begin utilising a policy of ‘least privilege’ – making sure that no employee has more access to sensitive data and information than they need to complete their jobs efficiently.
3. Protect your Data with Passwordless Authentication
It is often difficult to maintain security levels when passwords are consistently and constantly being forgotten by employees.
Offering new ways to access sensitive data like biometrics or token-based logins can remove some of the password-related issues – and protect your business from brute-force attacks on passwords.
4.Unified Threat Management System
Unified Threat Management works by consolidating all your functions onto a single device. Combining firewalls, anti-virus and intrusion detection, with protection for multiple devices and on multiple levels, this system is a ‘one-stop shop’ for all your cyber security needs.
Unified Threat Management is offered by CIS as it offers simplicity in financial outlay and administrative load. It can make a real difference to your business, no matter what size.
You can find out more about how the Unified Threat Management System can help to protect your business by heading online, reading our blog or contacting us today.
Spotting vulnerabilities and preventing exploits should be the first thing that your cybersecurity system does. There are now sophisticated anti-malware systems available that employ artificial intelligence and deep machine learning to keep your business safe from hackers.
6. Protect Your Data
The best way to protect your data is to encrypt it. Beyond this, be sure to manage your encryption keys securely for all encrypted devices – this can prevent any sort of data breach having any kind of long term damage. Full desk encryption is advised as this allows you to manage all your devices from one single management centre.
To make it the safest it can be, it needs to be encrypted from a file-level to a cloud level, with systems in place to prevent unencrypted file transfer. It’s important to remember that Cloud solutions do not provide ultimate protection; they provide a further level of recovery, but your
data should always be further backed up through the assistance of a third party cyber security, such as what is available at CIS. Full recovery and back up of Office 365 including OneDrive, SharePoint, Temas & Emails, for example, can prevent a costly setback should your cloud solution fail.
To store your data safely, consider using our Private Cloud, where vigorous security scans are completed by our resident cybersecurity agent – Cybot. AI technology that is learning, autonomous and runs 24/7 to protect all the data we store in our Private Cloud.
7. Be Prepared with Backup and Disaster Recovery
Sometimes it is better to prepare for the worst; in this case, you can protect your business continuity with our full back up and recovery system.
Deal with a cyber attack in a similar way to The Weather Channel by regularly backing up your data – and then, should the worst happen, you can keep going with the business rather than risk losing data and productivity hours.
For more information about dealing with a specific cyber threat or further support in protecting yourself and your business, speak to the CIS team today.