What are Cyber Threats?
Cyber threats fall under several categories, but generally speaking, a cyber threat refers to any situation where there is a possibility of a threat of, or evidence of unauthorised access gained to a computer, network or system.
Cyber threats are common, and the likely reason may be one of the following:
● To steal data
● Extort money
● Disrupt, damage or disable the hardware, software and associated infrastructure
The problem with a cyber threat is that it can come from within an organisation itself, or from a remote location, from unknown parties. Locating the source of a cyber threat is half the battle, as you will also need to put into place prevention methods for the future as well as implement damage control wherever possible.
What causes cyber threats?
It can be unintentional (caused by untrained or inattentive employees, software upgrades or maintenance and equipment failures) or intentional.
Intentional cyber threats are sometimes untargeted. In some cases, malware or viruses have no specific target and are simply released on the internet. Meanwhile, targeted, intentional threats are specific attacks on a system, are often critical, and have a specific function.
Understanding types of cyber attacks
Knowing about what types of cyber threats your business might face will help you understand how to protect yourself, your business and your data. A cyber threat can seriously affect your assets and your reputation. Through understanding how best to protect your assets, you can avoid costly repercussions of a security breach caused by a cyber attack, simply through implementing the appropriate cyber security measures.
Types of Cyber Attacks
This all-encompassing phrase covers any type of malicious software that is placed on a computer or a network. This can include spyware, ransomware and Trojans – all have specific actions to complete; whether that is data mining, decrypting files or looking for passwords and account information.
As individuals, we are all becoming more aware of phishing scams, but as the hackers become more advanced, they are utilising many more ways to get access to personal details.
This refers to the traditional hacking practice of obtaining sensitive information through online communication and is a continuous potential threat in 2020 and beyond as these practices are taken to another level.
Vishing, or voice phishing, refers to criminal phone fraud. Unlike phishing, it involves a more personal level of threat due to that fact hackers will likely scam individuals using a voice call. Such an interaction is rising in prominence due to the fact that people may be trusting of a voice call rather than email. Fake caller ID is used, meaning it can take as little as one conversation for perpetrators to divulge personal information directly from you.
This refers to SMS phishing or phishing via text message. This method of cyber attack is rising in prominence as more companies, including those in the public sector such as hospitals and doctors surgeries, as well as private sectors such as banks, communicate with customers via SMS.
● Denial of Service and Distributed Denial of Service (DoS/DDoS)
Denial of Service involves a process whereby a malicious agent will flood a server with requests to overload the system as it tries to sort out all the actions. This prevents genuine requests from being dealt with, essentially freezing the service.
● Advanced Persistent Threat
This cyber threat is unauthorised access that persists for a long time – unnoticed and difficult to get rid of, data breaches, deletions and undermining can occur over a long period of time.
● Natural Disaster
Anything natural that could cause physical damage to a server system, an individual computer or a network can be seen as a cyber threat.
Top 20 Cyber Threats for 2021
1. Cloud Breaches due to Remote Working
With the nation working from home and therefore more businesses working through the cloud, this has become a prime target for cyber-criminals. No business is too small or too large to be the target of hacking. If they can get in – they will.
In a report carried out by Ermetic nearly 80% of companies surveyed had suffered at least one data breach over the past 18 months and 43% had experienced ten or more breaches. One of the most common reasons for these breaches was configuration management, permissions management, and compliance monitoring which indicates the majority of these breaches were preventable.
As more businesses conduct their business over the cloud these breaches will continue to grow unless robust security measures are put in place.
In 2020 it was reported that attacks on home-workers rose five times in the month and a half following the first UK lockdown.
2. COVID related Phishing
Although phishing is an old threat, it’s not going away anytime soon, and with COVID-19 the campaigns have become more targeted and more sophisticated in their approach.
With more people confined to their homes and having to conduct their lives online this has made it easier for the scammers and it is thought that 5 % of all COVID related websites are malicious.
In May 2020 the National Cyber Security Centre opened a Suspicious Email Reporting Service and had reports of more than 160,000 suspicious emails, many offering testing kits or face masks.
So, while, all the traditional phishing scams are still active – such as emails from your bank, Apple and Paypal – users need to be vigilant with emails offering vaccines, COVID tests or masks.
3. Exposed Databases
In the last couple of years, more and more businesses are transferring their data storage into the Cloud, preferring to host servers offsite to save time, space and, ultimately, money.
Cloud storage does not necessarily mean it is safe though. Using public cloud storage, or ones that don’t offer multi-factor authorisation can leave your business open to data breaches, manipulations,
4. Fintech targeted cyber-attacks
In 2020, with the increased remote working via the cloud, there was a 238% rise in Fintech targeted cyberattacks. It is an easy target for a cybercriminal as it is likely to produce high-value data.
As online banking, and online financial transactions are only going to increase over the next year it is the time to invest in adequate security measures to protect your fintech business, your customers’ and your own data as a consumer.
5. Accelerated Ransomware Attacks
This cyber threat is believed to cost billions a year around the world. A study carried out by Cybersecurity Ventures speculates that there will be a ransomware attack every 11 seconds in 2021.
A ransomware attack prevents access to data or use of the systems, often by holding sensitive data ‘hostage’. They demand a price, usually in cryptocurrency, as that can be collected anonymously – and when that is paid, the data is released. Sometimes, the data gets encrypted by the hackers, and the key is delivered when the ransom is paid. Not everyone who pays the ‘ransom’ is able to retrieve all of their data. However, since the start of the global pandemic the average ransom paid rose by 33% to $111,605.
The rise could be partially due to the ‘business opportunity’ packages being sold on the dark web, where ransomware as a service and ransomware kits are sold and set up without much technical knowledge but can earn millions for the hackers.
6. The Internet of Things (IoT)
Our reliance on all our devices being connected to each other and to the internet leaves us vulnerable to malicious cyber-attacks. Businesses connect their devices in order to help them collect data, manage infrastructure, improve customer service and streamline business processes – but unauthorised control of these devices could cause havoc, overload networks, lock down the devices themselves or expose data.
New ‘smart’ devices are being added to the IoT every day – and in this rush to be at the forefront of connectivity, often security vulnerabilities are overlooked. Some of these IoT devices don’t come with pre-installed security software either which further leaves them vulnerable to attack.
Device targeted attacks are becoming more prevalent now that everyone is working from home sometimes using devices which are not secure, not up-to-date and not patched by their organisation’s IT department. Many hackers try to gain control of certain devices – which in the modern world can include access to your home if you have keyless entry. Once there they can run botnets which send out malware to other devices, leaving chaos in their wake or steal data. Add to this the use of unsecured internet connections means it can be relatively easy for hackers to access individual devices.
A specific threat, perhaps, but one that can have an impact across all businesses. Today, our medical records are almost exclusively online. This means that they are vulnerable to data breaches, and as they contain the most sensitive and personal data about us, it can be very valuable to a hacker.
When it comes to modern medical technology, smart medical devices might become vulnerable too. Connected heart monitors, syringe drivers, and other medical equipment could easily be forced to failure under a cyber-attack – loss of life, as well as data, could be an outcome.
The NHS and private healthcare firms, therefore, need to be at the forefront of cyber security and technology.
8. Zero-Day Exploit
This is a term given to a software vulnerability that has been found by a hacker. Once the vulnerability is located, an exploit is usually written and used to get into a system. These exploits are such that the vendor or creator doesn’t know that there is a vulnerability – yet – and as soon as they do, they fix it, often with a patch.
This is why it is important to update your software whenever you are requested to do so by the vendor.
9. Advanced Persistent Threat
During an APT, a hacker ‘burrows’ into the network, hiding undetected for a long period of time. The connection to the network is hard to break with software updates or rebooting.
This level of threat is usually state-sponsored or political, but it can also be economical and more personal.
10. Distributed Denial of Service (DDoS)
A DDoS attack stops a network in its tracks, by flooding it with data, connections, and sometimes corrupt files. This effectively paralyses it, causing delays and failures.
DDoS attacks can be political, or revenge from a disgruntled ex-employee. Many businesses that have suffered a DDoS attack have felt that it might have originated from a competitor.
11. Man in the Middle (MITM) Attack
During this attack, a conversation that is believed to be between two parties is actually being routed through a middleman. They are relaying and altering the communication for their own ends. The two parties don’t necessarily have to be individuals – one could be a bank, for example, and the MITM is getting one individual to log into their account (on the ‘wrong’ page). This can be achieved through physical proximity or through malware, which can include reading emails or creating unsecured Wi-Fi, and all have the intention of altering and decrypting personal information.
This malware is installed on your computer in order to secretly record and share specific information. This might include passwords and login information, bank account details, or other sensitive data. This type of malware is often attached to free online software downloads and saw a real surge when P2P file sharing was popular.
Named after the Greek story, a Trojan attack misleads the user about the intent of the software. Downloaded to your computer after opening an attachment or clicking on a social media link, the trojan can have one of several intents.
It can open a backdoor, allowing an agent access to the system and files.
It can run an exploit – a malicious code that attacks vulnerable software.
It can give access to the way your computer systems run, boots and works in general.
It can also be a Banker, a DDoS, a Dropper or many other permutations.
Trojans are not able to replicate themselves or infect other files – but they can carry malware with that capability.
14. Drive-By Download
This malware is unintentionally downloaded onto a computer or system – either by a misrepresentation of what it is or simply by visiting a website or clicking a link. This doesn’t need any phishing techniques, as the download link is not an obvious scam.
With the upsurge in cryptocurrency, mining is a way to make bitcoin that doesn’t involve much in the way of skill, but it does need huge amounts of computer processing power. In order to mine cryptocurrency, you need to be able to decrypt a 64-digit hash – something that needs a lot of computing.
Standard PC set-ups just aren’t good enough for this activity. Cyber criminals are now cryptojacking the CPU speed and capabilities of businesses in order to mine bit currency successfully.
16. Cyber-Physical Attacks
As our technological abilities advance, more and more of our infrastructure is becoming connected and computerised. From traffic control to the Grid, from traffic lights to nuclear power plants – big, important facilities are now online and therefore more open to attack. Cyber-physical attacks are the combination of a cyber threat with a specific target that has direct, physical consequences.
17. 5G progressive technology & more advanced cyber-attacks (174)
5G is 100 times faster, and way more widespread in connecting smart devices and the world where wi-fi isn’t available, than 4G and is now widely accessible across the UK. However, as with any technology it does come with cyber security concerns.
As not all areas in the UK have a strong 5G connection devices will switch between 4G and 3G and the device will therefore be exposed to all the unresolved vulnerabilities of these networks.
With the addition of the Internet of Things and all the devices that are attached to this network, there is a massive expansion of the attack surface – so many vulnerabilities can be open to exploit. Consider the threats, for example, when 5G underpins traffic control, delivery drones, or self-driving cars.
One of the biggest threats is botnet scanning (denial of service) which overwhelm the CPU and memory of IoT devices causing slow running and regular reboots and will obviously affect the legitimate apps using the devices. Botnets are becoming more and more sophisticated and automated with new variants being developed regularly.
18. Third Parties
If your business uses contractors and vendors, it can add another layer of risk – they might have access without management or monitoring – and this is not only a data risk but a deeper risk to your intellectual property. It is thought that around 60% of data breaches come from third parties.
This online phenomenon uses human image synthesis in which manipulated videos created through machine learning share fake news and are often the source for great satire. The software to create this threat is freely available online and through apps, and the reason it is a threat to a business is that it becomes harder and harder for the truth to be seen in any situation – how many cases will be thrown out of court when the accused says “that is a deepfake”? This new level of authenticity makes us question our own perceptions, and for our businesses, the danger is to our reputations, but also to our data and security too.
20. Natural Disasters
This might be an interesting one to include in a list of cyber threats, but a natural disaster can pose a threat to not only your building but your data too. Something as simple as a power outage can cause long-lasting damage if your data isn’t managed securely.
If a fire or a flood were to occur, your servers could be damaged. This would mean your data could be irreversibly lost. The best way to prevent such an occurrence causing long term problems is by backing up your data wherever possible, as contingency plans and clean up and recovery can be made a lot smoother with such things in place.
Recent High-Profile Cyber Attacks
Capital One, 2019
A hacker gained access through a configuration vulnerability in a web application firewall, and managed to decrypt 100 million US details and 6 million Canadian. The hacker was arrested, and although she hadn’t managed to disseminate or use the information fraudulently, this could be because she hadn’t been able to sell it on yet. The hacker used to work for the internet hosting company that Capital One uses.
Travelex, 2019 – ongoing
The online travel money company became the victim of a ransomware attack, where the hackers gained access 6 months ago, downloaded 5GB of sensitive customer data and then demanded $6m in payment. Travelex have not got full system usage back as yet, and it is not clear if the ransom has been paid or other negotiations are ongoing.
The Weather Channel, 2019
For an hour, the Weather Channel did not broadcast, and viewers took to Twitter to try and find out what had happened. The channel said that it had been victim to a malware attack – but dealt with it in the best way – by restoring their services from a back-up.
Leveraging of IoT Devices, 2019
A hacker group used IoT devices to access corporate networks. The hackers were said to have targeted democrated institutions in the past, and have attempted to compromise IoT devices such as office printers and a VOIP phone to gain access to corporate networks.
Unnamed Vegas Casino
A list of ‘high-roller’ customers from an unknown Vegas casino was stolen via an exploited vulnerability in a fish tank thermometer. Hackers discovered that this device, part of the Internet of Things, was the weak link in the security system, and through this weakness, they managed to download 10GB of high-value personal data before the link was severed.
How to Prevent Cyber Attacks
If you are looking for simple steps you can take to protect your business online, then here at CIS we are always pleased to offer you advice.
1. Identify Threats
Small doesn’t always mean safe – in fact, some cybercriminals might see you as a more idea target as they will assume you have little to no cybersecurity in place. You need to fully understand the type of sensitive data you have, store and use – so that not only can you protect it from hackers and unauthorised access, you are also following GDPR regulations. When you understand your data, you will have an idea of the type of threat you might face and can plan appropriately.
2. Inside Threat Management
Although it isn’t comfortable to think about, the biggest threat to your cybersecurity can actually be your own employees.
Ensure that they understand the importance of data safety and security by completing training and getting them to sign off on their responsibility for protecting data.
Another way to ensure your employees are only accessing the information they need to is to begin utilising a policy of ‘least privilege’ – making sure that no employee has more access to sensitive data and information than they need to complete their jobs efficiently.
3. Protect your Data with Passwordless Authentication
It is often difficult to maintain security levels when passwords are consistently and constantly being forgotten by employees. Offering new ways to access sensitive data like biometrics or token-based logins can remove some of the password-related issues – and protect your business from brute-force attacks on passwords.
4.Unified Threat Management System
Unified Threat Management works by consolidating all your functions onto a single device. Combining firewalls, anti-virus and intrusion detection, with protection for multiple devices and on multiple levels, this system is a ‘one-stop shop’ for all your cyber security needs.
Unified Threat Management is offered by CIS as it offers simplicity in financial outlay and administrative load. It can make a real difference to your business, no matter what size.
You can find out more about how the Unified Threat Management System can help to protect your business by heading online, reading our blog or contacting us today.
Spotting vulnerabilities and preventing exploits should be the first thing that your cybersecurity system does. There are now sophisticated anti-malware systems available that employ artificial intelligence and deep machine learning to keep your business safe from hackers.
6. Protect Your Data
The best way to protect your data is to encrypt it. Beyond this, be sure to manage your encryption keys securely for all encrypted devices – this can prevent any sort of data breach having any kind of long term damage. Full desk encryption is advised as this allows you to manage all your devices from one single management centre.
To make it the safest it can be, it needs to be encrypted from a file-level to a cloud level, with systems in place to prevent unencrypted file transfer. It’s important to remember that Cloud solutions do not provide ultimate protection; they provide a further level of recovery, but your
data should always be further backed up through the assistance of a third party cyber security, such as what is available at CIS. Full recovery and back up of Office 365 including OneDrive, SharePoint, Temas & Emails, for example, can prevent a costly setback should your cloud solution fail.
To store your data safely, consider using our Private Cloud, where vigorous security scans are completed by our resident cybersecurity agent – Cybot. AI technology that is learning, autonomous and runs 24/7 to protect all the data we store in our Private Cloud.
7. Be Prepared with Backup and Disaster Recovery
Sometimes it is better to prepare for the worst; in this case, you can protect your business continuity with our full back up and recovery system.
Deal with a cyber attack in a similar way to The Weather Channel by regularly backing up your data – and then, should the worst happen, you can keep going with the business rather than risk losing data and productivity hours. For more information about dealing with a specific cyber threat or further support in protecting yourself and your business, speak to the CIS team today.