Any circumstance or event with the potential to harm an information system through unauthorized access,
destruction, disclosure, modification of data, and/or denial of service.
7 Types of Cyber Security Threats
1. Malware
Malware is malicious software such as spyware, ransomware, viruses and worms.
Malware is activated when a user clicks on a malicious link or attachment,
which leads to installing dangerous software.
2. Emotet
The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as “an advanced,
modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans.
Emotet continues to be among the most costly and destructive malware.”
3. Denial of Service
A denial of service (DoS) is a type of cyber attack that floods a computer or network so it can’t respond to requests.
A distributed DoS (DDoS) does the same thing, but the attack originates from a computer network.
Cyber attackers often use a flood attack to disrupt the “handshake” process and carry out a DoS.
Several other techniques may be used, and some cyber attackers use the time that a network is disabled to
launch other attacks. A botnet is a type of DDoS in which millions of systems can be infected with malware and
controlled by a hacker, according to Jeff Melnick of Netwrix, an information technology security software company.
Botnets, sometimes called zombie systems,
target and overwhelm a target’s processing capabilities.
Botnets are in different geographic locations and hard to trace.
4. Man in the Middle
A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-party transaction.
After interrupting the traffic, they can filter and steal data, according to Cisco. MITM attacks often
occur when a visitor uses an unsecured public Wi-Fi network.
Attackers insert themselves between the visitor and the network, and then use
malware to install software and use data maliciously.
5. Phishing
Phishing attacks use fake communication,
such as an email, to trick the receiver into opening
it and carrying out the instructions inside, such as
providing a credit card number. “The goal is to steal sensitive
data like credit card and login information or to install malware on the victim’s
machine,” Cisco reports.
6. SQL Injection
A Structured Query Language
(SQL) injection is a type of cyber attack that results from inserting
malicious code into a server that uses SQL. When infected, the server releases
information. Submitting the malicious code can be as simple as entering it into a vulnerable website search box.
7. Password Attacks
With the right password,
a cyber attacker has access to a wealth of information.
Social engineering is a type of password attack that Data Insider defines as
“a strategy cyber attackers use that relies heavily on human interaction and often involves
tricking people into breaking standard security practices.” Other types of password attacks
include accessing a password database or outright guessing.
