With over 200 billion devices connecting us all online, it is not hard to believe that most—if not all—people will say that they have been targeted or directly affected by a cyber security threat at least once, be it phishing through spam email, identity theft, or any other common form of digital attack.
What are some common cyber security threats and solutions? Cyber attacks are usually in the form of the following:
- SQL Injection
- Cross-Site Scripting
Solutions for these threats include using antivirus software and implementing secure online practices.
Due to the prevalence of cyber threats and attacks, cyber security has become a common practice to protect “systems, networks, and programs from digital attacks” (Cisco). The remainder of this article will help define cyber security threats and attacks, outline the most common forms of attacks, and what solutions cyber security can provide to protect users from these attacks.
Cyber Threats & Cyber Attacks
Cyber threats are possible digital acts that have the intention of obtaining, altering, or destroying sensitive data that belongs to an individual or organization. Cyber attacks, on the other hand, are the actual acts of obtaining, altering, or destroying such information.
How often do cyber threats and attacks happen?
Cyber threats and attacks affect millions of people each year; in fact, in 2018, over three million records were stolen from data breaches every day; that boils down to approximately over 125,000 per hour, 2,000 per minute, and 34 every second. In addition, the University of Maryland discovered that hackers attack users with internet access at an average of every 39 seconds.
Why are cyber security threats and attacks common?
With the number of cyber threats and attacks building up year after year, those who are concerned about their digital safety are right to wonder why they happen so often, even with the right cyber security practices in place. There are a number of different reasons why digital attacks are common:
To begin to understand why cyber security threats and attacks are so common, it is key to learn why attackers perform these malicious acts in the first place. “Attackers” can take the form of an individual, criminal or competing organizations, nation-states, terrorists, spies, hackers, and more, and those who target internet users usually do so for one of three main reasons:
- Money – Many attackers target online users for their own financial gain. Their attack methods can be in the form of phishing for banking information, ransomware, or other data-stealing cyber attack methods in an effort to acquire financial details.
- Disruption – Some cyber criminals target organizations or businesses to disrupt their everyday operations. This can range from internet or utility outages to compromising essential services and IT infrastructure.
- Espionage – Finally, cyber attackers may infiltrate an organization’s network to steal secured data or view information not meant for the general public. Most of the time, intellectual property or trade secrets are stolen by attackers to give other organizations (or their own) an advantage.
Although most cyber attacks are driven by these three central motivators, there are a few less common reasons why people may choose to target an individual or organization:
- Social and Political Influence – An attacker may choose to hack a website or corrupt an organization’s data in order to make a social or political point (e.g., “hacktivism”).
- Intellectual Challenge – Some hackers may not feel challenged enough and will pursue an attack on an organization with the highest cyber security protocols to simply “test” their skills.
Increase in Connectivity
Although more cyber attackers are being motivated to tamper with user data in various ways, another factor contributing to the rise of cyber security threats is the increase in connected devices. According to Cybint, there are about 25 connected devices for every 100 inhabitants in the United States.
This had led to a massive increase in device connections making it more attractive for hackers to find the less secure devices, sometimes grouping hacked devices together to launch even bigger attacks.
Lack of Cyber security Measures
Finally, even though a lot of our daily lives depend on the internet today, not enough users still may be aware of cyber security measures they should be taking to keep their information safe online. This is common among individuals and small organizations, who may not realize that they are equally at risk for cyber attacks as large corporations that experience data breaches from time to time.
Importance of Cyber security
It can be difficult to imagine that something that happens online with your information can lead to much harm. After all, credit card companies can send out new credit cards once you have frozen the account, and you can always change your password to something more secure if it is necessary.
However, these easy fixes do not mean that a cyber attack will not leave lasting damage. In fact, cyber security threats can cause a lot of harm, both digitally and—in severe cases—in the physical world too.
Some cyber attacks can result in acquiring social security numbers and other sensitive personal data that can lead to identity theft. Others can cause electrical blackouts in an entire building. There is even a history of cases that can paralyze entire computer systems so that users are not able to access their information at all.
All of this is to say that cyber security and the proactive measures it involves are critical to ensure your safety online and to prevent anything like these examples from happening to you.
10 Types of Cyber Security Threats & Solutions
There are various types of cyber security threats to be aware of, from computer viruses to password attacks. The following lists some of the more common cyber threats, what they are, how they affect users, and solutions to avoid or overcome them.
1. Computer Viruses
Computer viruses can be considered the most common form of cyber threat internet users are aware of. Viruses are essentially programs designed to change the way a computer or device operates without the authorization of the user. There are many types of viruses:
- Boot Sector
- Web Scripting
- Browser Hijacker
- Direct Action
- File Infector
Similarly to a virus, you would catch, like the flu, a computer virus “infects” its host—the host, in this case, being the files or programs on your device. The virus will remain dormant until you choose to run the program or open the file that it is attached to.
Once you have chosen to run the program or file, the virus will become active and start to replicate and execute on its own; this can corrupt or destroy the data on the computer in the process. In some cases, a virus can allow an attacker to spam your email contacts, while in more severe situations, they can gain the ability to take over your computer entirely.
Just like the flu, a computer virus can spread between devices or computers that share the same network. Viruses can also be spread through file attachments, internet downloads, and scam website links. Even mobile devices can be susceptible to a virus via text or email attachments and app downloads.
Signs of Computer Viruses
How do you know if you have a computer virus? Computer viruses can have “symptoms” like the cold or flu, too. Below are a few symptoms to look out for that will let you know that you may have a virus problem on your hands:
- Frequent pop-up windows. These pop-ups may encourage you to visit unfamiliar websites or download antivirus software.
- Different homepage. The homepage of a website that you usually frequent may forward to a different website.
- Bulk spam emails sent from your account. Someone that is able to take control of your email account via a computer virus will likely try to send out spam to spread the virus further through attachments.
- Frequent crashes or freezing. A virus can cause a lot of damage to your hard drive in a manner of minutes. This alone can lead to your computer or device often crashing or freezing. In many cases, this damage can also result in significantly slower processing speed.
- Unfamiliar program startups. One sign that can let you know if you have a virus is if there are unknown programs that start running as soon as you boot up your computer or device. You can also check your device’s list of active applications to see if there is anything unfamiliar running in the background.
- Password changes. A final sign you may have a computer virus is if there is a recent password change that you did not authorize either on a familiar website or upon logging into your computer or device.
Preventing Computer Viruses
How do you avoid computer viruses? To reduce your risk of “contracting” a computer virus, be conscious of the types of files you download from the internet and where they come from. Do not download email or text attachments from contacts you do not know or websites you do not trust.
In addition, install a reputable virus protection software on your devices, such as Norton or Trend Micro, that can scan file attachments for viruses before you download them. This way, even if you receive files from someone you do recognize, you can detect potential underlying computer viruses that the original owner may or may not have been aware of.
2. Denial-of-Service Attacks
A denial-of-service (DoS) attack takes place when a cyber criminal chooses to flood online systems, servers, or networks, using up a significant amount of bandwidth and RAM. A distributed denial of service (DDoS) attack functions similarly, the only difference being that the attacker takes over multiple devices that are then used to flood these systems.
The goal of DoS and DDoS is to eventually crash a targeted system and cause disruption, usually for a business or organization. There are three main types of DoS and DDoS attacks:
- Volume-Based Attacks
- Application Attacks
- Protocol Attacks
Signs of DDoS Attacks
Websites, networks, or servers that are the targets of DDoS attacks usually notice an unusual surge of traffic that makes it difficult for intended users to access them. Other signs of a DoS or DDoS attack include spotty network connections, or network or website slowdowns.
Preventing DDoS Attacks
Since businesses are usually the target for DoS and DDoS attacks, most prevention methods will be things organization leaders and IT departments should communicate and have in place:
- Secure your network infrastructure.
- Ensure a firewall is in place to prevent outside traffic from coming in.
- Practice basic network security.
Ultimately, it is people that create these various forms of cyber threats, which is what makes hackers a very dangerous threat to secured data. Hackers are essentially programmers who “break into” IT infrastructures and computer systems to steal, alter, or delete information for their own gain. With their technical knowledge, they have the ability to take your personal data, compromise online activities, and more.
Hackers are able to access a computer or network’s data in several ways:
- Phishing Scams
- Spam Emails
- Instant Messages
- Fake Websites
- Made-up Identities
All of these methods are used by hackers to deliver malware to your device to compromise its security. They can also try to access your computer directly if you do not have a firewall in place.
Signs of Hacking
Due to the malware usually used, it can be difficult to immediately see that a cyber criminal has hacked your device. However, one way to tell if you have been recently hacked is by looking at your accounts for accuracy. Do you notice any unusual purchases on your credit card? Are there unauthorized changes? If so, there may be malware present, and you will need to take action.
Like with other cyber security solutions, the best way to prevent hacking is to have an online security tool installed on your device with added identity theft protection. Additionally, you should also:
- Limit how much personal information you post online.
- Keep your personal information out of online chat rooms or messages.
- Make sure there is a two-way firewall in place on your computer.
- Update your operating system and browsers regularly.
- Avoid visiting questionable websites.
- Only download software and files from people and places you trust.
Malware is the general term for malicious software (e.g., viruses, ransomware, Trojans, spyware, etc.) designed to corrupt or steal data, or take over a system. Malware usually attacks by breaching a network after an unsuspecting user has clicked on a dangerous link or downloaded an attachment that contains risky software.
There are many types of programs that fall under the “malware” category, but the most commonly used are ransomware and spyware.
Ransomware is a type of malware used to block or encrypt targeted user data or a hard drive, so the user is unable to access it. The attacker then demands a ransom in exchange for granting the user the ability to view or use it again.
To use the ransomware, the attacker uses a phishing or alternative cyber attack to gain entry into the user’s device. From there, they install the malware that begins to encrypt the user’s files or hard drive.
Signs of Ransomware
Most people realize they are the victim of a ransomware attack once an unidentified user contacts them (usually through online means, such as email) to inform them that their data has been stolen.
There are a few things users can do to avoid being a victim of ransomware:
- Create multiple backup files regularly on an external hard drive and/or cloud-based system.
- Install ransomware and malware protection software and use firewalls.
- Update software and system data regularly.
Spyware is a type of malware that is designed to monitor a user’s online activities and gather information about them without prior consent. Often, this personal information is forwarded to a third-party for their use and financial gain. There are different types of spyware:
- Tracking Spyware
As the name suggests, most spyware can masquerade as a legitimate method for collecting data. In many cases, a user may give his or her consent to have their online activity tracked only to find that they have actually granted spyware permission to gather their personal information.
*Note: Another type of cyber security threat worth mentioning here is the Trojan attack. It is quite similar to spyware in function, but what makes it unique is its ability to enter a targeted device as a standard piece of software that a user agrees to install before releasing malicious code once inside, similar to the Trojan Horse you may recognize from Ancient Greek history.
Signs of Spyware
Spyware has its name because it is difficult to detect unless you are actively searching for it. However, there are a few signs that can help you detect its presence:
- Slower processing.
- Unwanted, frequent pop-ups.
Preventing Spyware Attacks
Another thing you can do to prevent the risk of a spyware attack is to avoid clicking on buttons or links found on unfamiliar ads. If you see any pop-up windows, be aware of false buttons that may be present that are designed to look like they will allow you to close them.
A couple of final tips for avoiding these attacks is to make sure your web browsers are updated to protect you against spyware and install a reputable internet security tool that has the ability to detect spyware.
7. Man-in-the-Middle Attacks
Man-in-the-middle (MitM) attacks, also known as eavesdropping, are a method cyber criminals use to insert themselves in-between a two-party transaction undetected. By essentially making themselves the “middle-man,” attackers can filter and steal data as it is being presented by the user party. They can intercept a transaction in two ways:
- Un-Secure Wi-Fi. On a public network that is not secure, attackers can align themselves between a user’s device and network. All information that the user enters will then pass through the attacker.
- Malware. An attacker can install malicious software on a user’s device to intercept future transactions to gain their personal data.
There are also several types of MitM attacks, including spoofing attacks where the attacker masquerades as a different IP, changes the DNS or by HTTPS where they pretend to be from a domain but actually isn’t, fooling the user into believing they are connecting to a legitimate connection. Other attacks involve hijacking the SSL connection or the email connection, eavesdropping on Wi-Fi connections to stealing the cookies from the users browser, allowing them to use the information in the cookies for their own use, including authenticating.
Signs of Eavesdropping
Once a cyber criminal has intercepted your communications with other parties, they may attempt the following methods to gather your data:
Besides using antivirus software and implementing firewalls, users can also do the following to reduce the risk of eavesdropping from cyber criminals:
- Encrypt files or messages containing private information before sending it. Encrypting essentially “scrambles” a file or message so that any third party that tries to intercept the message and read it will not be able to decipher it. The intended receiver of the file or message will be able to use a “key” that can be used to unscramble the message.
- Avoid transmitting private information over public networks. Most public networks are not secure, so if you have sensitive data you wish to send, try to wait until you are on your personal network before doing so. Otherwise, use a VPN to connect to the network, so the data you send out is protected.
- Make sure your router is password-protected and uses a strong password. Many eavesdroppers can access a router that is vulnerable or has a weak password without your knowledge.
Phishing is an attack used by cyber criminals to steal account or financial information through fraudulent emails and online messages or fake websites. Most phishing methods involve sending a message to an unsuspecting internet user that asks them to “verify” their information on an account they currently have. The user is then meant to follow the email’s provided link which leads to a malicious website made to collect that information.
The following are the most common types of phishing:
- Spear Phishing
- Whale Phishing
Signs of Phishing
Because phishers usually pretend to be from legitimate companies, it can be hard to tell the difference between what is real and what is not in some cases, and therefore challenging to determine whether a message is part of a phishing scheme. However, luckily, there are some tells that can let you know whether a site or email is fake:
- Unusual requests for private information via email or instant message (IM).
- Language in a message that uses highly emotional verbiage, scare tactics or creates an urgency to respond. (e.g., Please respond in 24 hours or your account will be deleted.)
- Slightly misspelled website URLs or the use of subdomains.
- Unverified links within the body of a message.
- The sender of the message is using an unusual email address contrary to the company they are claiming to be from. (e.g., firstname.lastname@example.org)
- Lack of personalization in the message or a personal greeting. (i.e., Legitimate emails will usually contain some information connected to your actual account, like a partial account number or username.)
A good way to prevent phishing from happening is to make sure you have antivirus software in place with added identity theft protection and antispyware.
In addition, users only become victims of phishing if they respond to fraudulent emails or messages by entering their personal details in the provided link. Never provide your information to an unsolicited email or instant message requesting it. If you are asked for account information on a website you recognize, make sure the URL has “https” with a lock icon next to it in your browser.
If you are still unsure whether a message from a business is legitimate, try contacting the office by phone first. They will be able to confirm if it is really from them or not.
9. SQL Injection
A Structured Query Language (SQL) is usually used to help operate and administer database systems that provide backend functionality to a variety of web applications. An SQL injection or attack involves a cyber criminal inserting malicious code into a server that uses SQL to reveal protected information within a website’s database. Attackers can implement an SQL injection by simply “injecting” the bad code into a vulnerable website’s search box.
Signs of SQL Injection
A few signs of SQL injection include an unusual surge of new queries, especially those that are unusually structured, and sudden access to previously protected data tables.
Preventing SQL Injection
Most preventive methods include taking a look at a website’s coding:
- Parameterized Statements
- Object Relational Mapping
- Escaping Inputs
- Sanitizing Inputs
- Whitelisting and Blacklisting
10. Cross-Site Scripting
Cross-site scripting (XSS) is another type of site injection attack that involves a cyber criminal sending script into content that would usually be from reputable websites. In other words, an attacker can take advantage of a vulnerable website by injecting malicious coding to steal user data. There are two types of XXS attacks: reflected and stored attacks.
Signs of Cross-Site Scripting
Cross-site scripting is not exactly obvious to website developers or end-users, but some things to look out for include an increase in phishing scams, and account and coding inaccuracies.
Preventing Cross-Site Scripting
Similarly to SQL prevention, website developers on the business side will need to inspect the site’s coding:
- Content Security Policy
Because users are also at risk of having their data stolen from XSS injection, it is important to be wary of possible phishing scams, use script-blocking browsers, and avoid clicking links from sources you do not recognize.
Other Cyber Security Threats
There are plenty of other cyber security threats around that may not be as common as those previously listed:
- Advanced Persistent Threats
- Birthday Attacks
- Brute-Force & Dictionary Network
- DNS Tunneling
- Password Attack
- Zero-Day Exploits
What is the best way to protect yourself online?
Luckily, each of the cyber threats or attacks discussed so far can be combated in different ways. However, if you want to make sure you are ultimately protected from most cyber security threats, it is important to follow the below general tips:
- Use antivirus software that can perform routine scans for cyber threats.
- Change your passwords regularly.
- Do not download files from sources you do not recognize.
- Avoid clicking buttons or links from pop-ups or sources you do not recognize.
- Make sure the websites you visit have “https” in the URL.
- Use a VPN to connect to public networks.
At least 95% of cyber security breaches are due to human error, so to ensure that you remain safe from cyber security attacks and do not become an easy target to a threat, follow the above-mentioned tips. Doing so will guarantee your protection every time you open up a browser and can stop data miners and attackers in their tracks.
What is the insider threat in cyber security? An insider is someone who works for an organization or who has legitimate access to an organization’s systems. They use their position to carry out cyber attacks at their organization.
What is an example of a cyber incident? A cyber incident could be an employee opening an email attachment that has malicious content, which ends up encrypting all the data on their computer. A message is displayed offering to decrypt the data for payment. This type of attack is ransomware.