Categories: Ethics

What are Cyber Threats of different types?

A cyber threat or cyber-security threat is a malicious act that generally hunts for damaging data, steals data or disrupts digital life. The perpetrators of these attacks are organized crime groups, terrorists, industrial spies, unhappy insiders, business competitors, hackers, and Nation-states*

(*where a Government trying to learn other countries’ national secrets and critical infrastructure like electrical grids, transportation systems, water treatment facilities, military systems, etc. of rival country are at risk of high-tech foul play).

The following are ten common types of cyber-attacks with different intents like financial gain, disruption, and espionage (including theft of patents, corporate espionage, and state espionage).

Malware: Malware, or malicious software, is any program or file that is specially designed to disrupt damage, or gain unauthorised access to a target device or network like corrupting data or taking over a system. Computer viruses, worms, Trojan horses spyware, etc. are the types of malware.

Mobile malware: Mobile malware is malicious software specifically written to attack Android mobile devices such as smartphones, tablets, and smart-watches. These types of malware attacks are just like other computing hardware. The perpetrators may implant malware in app downloads, mobile websites, or phishing emails and text messages. Once compromised the culprits gain personal and financial information, location, etc. of the device user.

Phishing: Phishing is an e-mail-borne fraudulent attempt to obtain confidential information from the recipient such as usernames, passwords, and credit card details by disguising oneself as a reliable entity or downloading malware by clicking on a hyperlink in the message.

Spear-phishing: Spear-phishing is a fraudulent attempt to steal sensitive information by sending emails ostensibly from a known or trusted sender inducing to reveal confidential account information, credentials, or financial information from a specific victim.

Man-in-the-middle attack (MitM): A man-in-the-middle attack is a type of cyber-attack where the attacker secretly intercepts a conversation between two parties, impersonates both parties and gains access to information that the two parties are trying to send to each other. A MitM attack might be used in the military to confuse an enemy.

Trojan: A Trojan is a malicious code or software designed by thieves and hackers to gain access to a targeted system and damage, disrupt, steal, or in general inflict some other harmful action on the data or network.

Ransomware: Ransomware is a type of malware program that infects, locks or takes control of a system and demands a ransom to undo it. The victim may be an individual or business.

Denial-of-Service
(DoS): A denial-of-service (DoS) attack is a cyber-attack in which culprits attempt to prevent legitimate users from accessing the service by temporarily or indefinitely disrupting the services of a host connected to the Internet.  In DoS attacks, the attacker achieves this by flooding the target with excessive messages that have invalid return addresses or sending it information that triggers a crash due to an overload of demands.

Distributed
Denial of Service Attack
(DDoS): The DDoS attack is different from DoS attack. The DoS attack typically uses one computer and one Internet connection to flood a targeted system or resource whereas the DDoS attack uses multiple devices to invoke the functions of the target system.

Attacks
on IoT Devices
: In the Internet of Things (IoT) attacks things like industrial sensors, televisions, cars, and other internet-connected devices are vulnerable to multiple types of cyber threats. New entry points to the network are prime targets for malicious actors and therefore pose an increasing security and privacy risk of sensitive data being collected.

Data breach: A data breach occurs when a cybercriminal successfully infiltrates a data source and extracts sensitive, confidential information or otherwise protected data. This can be done physically by accessing a computer or network to steal local files or by remotely bypassing network security. The motive behind data breaches includes collecting personal health information (PHI), personally identifiable information (PII), espionage, trade secrets, or intellectual property.

Security Considerations related Posts:

What are Cyber Threats of Different types?Control Mechanism for risk concerning Computer networkComputer Audit/IT Audit  
Understanding IS security and IS auditEvaluation Requirement for IT SecurityWhat are Data Security and Privacy?
What is Digital rights management (DRM)? WHAT IS A PHISHING? Explained: Customer Education/awareness of safety and precautions in banks

Surendra Naik

Share
Published by
Surendra Naik

Recent Posts

Features of a Computerized Accounting System

Accounting is a multifaceted discipline. It caters to the diverse informational needs of stakeholders within…

11 hours ago

What is the meaning of computerized accounting?

As the name says ‘computerised accounting’ is the use of computers, software, and hardware to…

2 days ago

Supreme Court overrules capping of Credit card charges

The Supreme Court today overruled a 2008 decision by the National Consumer Disputes Redressal Commission…

3 days ago

Preparation and Presentation of Financial Statements of Banks

The Bank’s financial statements are prepared under the historical cost convention, on the accrual basis…

3 days ago

Accounting Treatment of Specific Items under accounting policies of banks

The term "accounting treatment" represents the prescribed manner or method in which an accountant records…

3 days ago

Explained: Disclosures Prescribed by RBI under Basel-III

The Basel Committee on Banking Supervision (BCBS) is the primary global standard setter for the…

4 days ago