The Big Cyber Threats Breakdown: Types of Cyber Attacks

The Big Cyber Threats Breakdown: Types of Cyber Attacks

cyber threats types of cyber attacks

Last year, I published a series breaking down various cyber threats: how they work, infamous case studies and how to defend yourself against them. In this post, I have compiled the entire list amounting to nine types of cyber-attacks. I’ve added some high-level statistics reported from 2016 as well as more recent case studies exhibiting these attacks at play.

I hope you find this list informative and that it will help you, not only to understand the risks, but to have a better holistic understanding of cyber security and what cyber security experts are defending you against. I’ve also included relevant courses which address these specific types o attacks. Read, learn and enjoy!

Start your cyber security training today with a FREE trial!

Phishing Attacks

IT Security and Privacy Awareness Compliance Training

cyber threats types of cyber attacks

Phishing: When internet fraudsters impersonate a business to trick you into giving out your personal information

Phishing Attacks are the primary vector for malware attacks and are usually comprised of a malicious e-mail attachment or an e-mail with an embedded, malicious linkPhishing e-mails, typically, falsely claim to be an established or legitimate enterprise.

Phishing e-mails are often easy to detect, if you know what you’re looking for. They often have a slew of grammatical and spelling errors and tend to ask for personal or credit information. On top of that, it’s usually from a source which doesn’t typically require this information, already has the information or typically doesn’t direct the user towards external links via email.

Recent Case: PHISHING NATO

Stats:

How to defend:

  1. Awareness Training
  2. Remove Admin rights for those who don’t absolutely need it
  3. Patch the operating system and application
  4. Invest in solutions such as
    1. Web protection
    2. Email protection
    3. Managed online backup
    4. Mobile device management
    5. Password Manager

Spear-phishing Attacks

IT Security and Privacy Awareness Compliance Training

cyber threats types of cyber attacks

Spear-phishing: the fraudulent practice of sending emails ostensibly from a known or trusted sender to induce targeted individuals to reveal confidential information.

A Spear phishing attack is among the most popular entry points of cybersecurity breaches. A spear phishing attack requires advanced hacking skills and are very hard to detect because they typically rely on the end-user’s opening a file in a personal, targeted email. Spear phishing attacks typically target decision makers within a company. Often pretending to be a trusted colleague, friend or partner company- owners, managers and administrators need to be thoroughly trained and taught about “tells” in these cleverly malicious messages

Recent Case: The Yahoo breaches started with spear-phishing

Stats:

  1. Per a report fromTrend Micro, 91% of cyber-attacks are initiated by a spear phishing email.
  2. SANS Institute reports, 95% of all attacks on enterprise networks are the result of successful spear phishing.
  3. Intel Reports, 97% of people around the world cannot identify a sophisticated phishing email.

How to defend:

  1. Comprehensive awareness training
  2. Secure manager end-points
  3. Remove administrative privileges whenever possible
  4. Cybersecurity solutions and tools (as listed above)

Network-probes

Certified Ethical Hacker boot camp 

cyber threats types of cyber attacks

Network-probe: a probe is an attempt to gain access to a computer and its files through a known or probable weak point in the computer system.

Network Probes are not an immediate threat. However, they do indicate that someone is casing your system for possible entry points for attack. It’s a network monitor which analyzes protocols and network traffic (in real-time).

Recent Case: The Russian Parliament is probing U.S. media outlets operating in Moscow

How to defend: Once you have a comprehensive understanding and have recorded events, report the probe. You’re going to want to alert management and the security team about the probe so they can conduct forensic analysis and make executive decisions about how to proceed. Once reported, continue monitoring the activity by placing extra intrusion detection sensors on uncovered network sections and leverage your operations center. From here, you may want to contact the source- if not given further instruction- and try to determine what had attracted the attention in the first place. This will help you prevent future occurrences.

Brute-force Cracking

IT Security and Privacy Awareness Compliance Training

cyber threats types of cyber attacks

Brute-force Cracking: a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.

Brute-force cracking basically amounts to continually guessing a password until one gets it right, allowing entry to a site. It can also mean similar trial-and-error means of finding hidden pages.

Recent Case: 35% of leaked LinkedIn passwords, over 63 and a half million, were already known from previous password dictionaries; 65% could be easily cracked with brute force using standard off-the-shelf cracking hardware.

Stats: In 2016, brute force attacks more than doubled over the span of two months. WordPress had especially high levels of brute force attacks.

How to defend: When it comes to Windows, authentication mode and lockout privacy settings are an easy and effective way to prevent brute-force cracking attempts as they make the attack even more time consuming. It’s important to never use a domain administrator account as an SQL database connection account because it could lead from a brute-force attack to a denial of service condition.

SQL server authentication brute-force attack vulnerability lacks features which detect systems under a brute-force attack, making it a whole new, messy beast. It is a very difficult task to secure an application which requires domain level administrative privileges and lacks the ability of running on an old version of SQL server. You can look at the encryption of database connection as well as how it connects and authenticates to the application. Each database system and application are a little different and require variations of precautionary measures.

Drive-by Download

Cyber Security Malicious Software Defender

cyber threats types of cyber attacks

Drive-by Download: a program that is automatically downloaded to your computer without your consent or even your knowledge.

Drive-by Download Attacks are ignited simply by a victim clicking a link which, unwittingly to them, injects malicious software onto their computer- or another device. The malware most frequently used in Drive-by Download Attacks are called Trojans.

Recent Case: Google Chrome will be taking Internet Explorer’s place for highest rates of drive-by download attacks.

Stats: Cyber-criminals prefer using well-established, high-traffic websites to conduct their attacks. According to a 2012 study by Barracuda Labs, over 50% of all sites serving drive-by downloads were more than five years old.

How to defend: There are a few ways to prevent against Drive-by Download Attacks. One easy way to prevent attacks is to keep your software up to date. This will help prevent drive-by downloads which are often inserted into out-dated plug-ins and browsers. Install, and keep updated, an antivirus software as well as a web-filtering software. Disable JavaScript within PDF documents and uninstall Java from any system control. Unsigned applets can run arbitrary Java code with unrestricted access. Finally, don’t give users admin access to their computers. With all of this and the usual precautions (such as awareness training and an in-practice reporting system in place) drive-by download attacks will be few and far between.

Distributed Denial of Services [DDoS]

Cyber Security Malicious Software Defender

cyber threats types of cyber attacks

Distributed Denial of Services [DDoS]: an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.

DDoS attacks are one of the most common attacks used to compromise an organization’s system. They are a type of DOS attack which uses multiple compromised systems to target a single system. These compromised systems are typically infected with a Trojan and are used to overwhelm an online service, impacting abilities to publish and access important information.

Recent Case: Mirai Botnet takes down the internet

Here is a curated list by SecureList of the top DDoS attacks of 2016

Stats:

How to defend: While routers and firewalls are a great start, but are cannot fight against the sophistication and complexity of these larger, volumetric attacks. Properly configured server applications can minimize effects and awareness training can help avoid additional intrusion points- such as phishing e-mails. Installing an intrusion-detection system is another great precautionary measure, however, once a DDoS attack has begun, DDoS mitigation appliances are the best defense against stopping the systems breach. At CyberTraining 365, students learn the best mitigation methods and the most current technologies to handle DDoS attacks as well as the array of other cybercrimes.

Advanced Persistent Threat Attack [APT]

Cyber Security Advanced Persistent Threat Defender 

cyber threats types of cyber attacks

Advanced Persistent Threat Attack [APT]: a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period. 

The goal of an advanced persistent threat attack is to maintain covert, ongoing access to a network. This allows hackers to continuously gather valid user credentials and access to more, and more, valuable information. An advanced persistent threat attack aims to gather information rather than shut down a network, requiring continual code rewrites and sophisticated evasion techniques.

Recent Case: Ukraine power grid advanced persistent threat attacks

Stats:

·       Trustwave Security Stats, as of 2015, reported 28% of organizations have experienced an advanced persistent threat attack, and three-quarters have failed to update their third-party vendor contracts to include better protection against APTs.

How to defend: The companies which fall victim to APT attacks are usually based on the enterprise level and are prone to cyber risks because of political, cultural, religious or ideological products or services, often making for high-profile cases. Due to the vast impact and complexity of APT attacks, multiple technologies are required in combating it. Specific security sets are needed, around-the-clock monitoring and incident reports are necessary, extreme use of encryption of data at rest is crucial and network segregation, intrusion detection systems and application white listing capabilities should be added to reverse the damage of an APT attack. There are also preventative measures such as having a “vulnerability management system in place, keeping security patches up to date and continually testing the security posture of the IT infrastructure”, per Ionut Ionescu- head of threat management at Betfair.

Ransomware

Cyber Threat Detection and Mitigation 

cyber threats types of cyber attacks

Ransomware: a type of malicious software designed to block access to a computer system until a sum of money is paid.

Ransomware is getting popular and hackers are increasingly recognizing the financial benefits of employing such tactics. Ransomware occurs when a hacker(s) infects a computer, either with a malicious software shutting down their system (locker-ransomware) or by custom encrypting important files in their system and demanding a ransom (typically in bitcoins) in return for their systems/files (crypto-ransomware).

Recent case: There were so many ransomware cases last year, 2016 was officially deemed (by Kaspersky Lab) The Year of Ransomware.

Stats: The following statistics and facts are from Symantic’s Ransomware and Business 2016 report.

  • The average ransom demand has more than doubled and is now $679, up from $294 at the end of 2015.
  • The advent of ransomware-as-a-service (RaaS) means a larger number of cybercriminals can acquire their own ransomware, including those with relatively low levels of expertise.
  • Between January 2015 and April 2016, the US was the region most affected by ransomware, with 28 percent of global infections.
  • Consumers are the most likely victims of ransomware, accounting for 57 percent of all infections between January 2015 and April 2016.

How to defend: Some ways to prevent against Trojans like CryptoLocker include employing awareness and behaviors which avoid phishing emails and disabling hidden file extensions. The BEST way to defend against ransomware is to BACK UP YOUR FILES. Those deploying ransomware will have nothing to hold over you if your files are safely backed up.

Call to Action

cyber security business challenges

CyberTraining 365’s Data Security and Privacy Training is a comprehensive training solution aimed at teaching employees how to identify, mitigate and report cyber threats; creating awareness of information security risks for all roles across a company, Finance, HR, Legal, IT, Marketing, etc. This training is available on https://datasecurity365.com.

The training is subscription based, which is great for optimizing your budget with rotating seats, and has white-labeling availability. This way, you can keep your academy consistent with your internal branding.

On top of this, you can create a wider library for your business with advanced cyber security training courses for your IT team, data security and privacy training for your non-technical employees and the most current, up-to-date methodologies for your cyber security team to keep up with the industry.

See our Promotional Video to learn more here!

CyberTraining 365 is an online academy that offers nearly 1,000 hours of relevant and cutting edge cyber security training. Our training provides the most in demand industry certification prep courses including EC-Council, CompTIA, (ISC)2 and Cisco; all taught by leading cyber security experts. All of our offerings are aligned with the national initiative for cyber security education (NICE) and ensure the most up-to-date information for this constantly shifting field. With engaging content in a scenario-based format, CyberTraining 365 uses bite-sized micro-learning methodology ensures learners are not overwhelmed with information. On Demand LMS platform has white-label capabilities ideal for internal training purposes.

2 thoughts on “The Big Cyber Threats Breakdown: Types of Cyber Attacks

  1. Tejasvi Nagananda

    As cyber criminals become more sophisticated and more transactions migrate online, the number of threats to people and businesses will continue to grow.

    Reply
  2. zzday

    There are many more types of cyber threats out there, but these are the biggest, judging by industry wide trends and concern among cybersecurity experts.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *