Cybersecurity Threats and Attacks

  • Published: Tuesday, May 4, 2021

There are inherent risks that accompany online activities. These threats can cause financial and reputation damage, disruption of business and legal issues. How can you possibly protect against all of the attacks coming from so many different sources? A good first step is to understand the possibilities so you can prepare for the probabilities.

Cyber threats are malicious and intentional. The goal is to disrupt an organization and perhaps, steal it's assets. There are a variety of methods the cyber crook can pull out of their arsenal.

  • Denial of Service (DoS, DDoS): The aim of this type of attack is to disrupt normal server traffic by overwhelming it with a flood of Internet traffic, making a network slow or unusable.
  • Phishing: This ruse tries to entice the victim into doing something. It may be a malicious link to click or a phony login page for stealing credentials. The goal is to convince the user to take action.
  • Spear phishing: A targeted phish that takes aim at a particular person or group. This may be someone in charge of financial information or sensitive information for the company or employees.
  • Malware: A broad term for malicious software that can be applied to specific types of infections: virus, worm, spyware, adware and ransomware.
  • Ransomware: A form of malware that will encrypt your files and then demand payment in order to release the decryption key.
  • Man in the Middle Attacks: When the criminal places themselves in between a two-party communication. They may steal the information exchanged and send different responses to the user.

Defenses

  • Install anti-virus, anti-malware software. Keep it up-to-date and schedule routine scans.
  • Lock down your environment.
  • Turn off unused ports and services.
  • Set permissions and controls to regulate access and software installation.
  • Use a blackhole DNS server to prevent access to malicious sites.
  • Teach your users about social engineering, malicious links and downloads.
  • Keep up-to-date backups.

There's no guarantee that you can be 100 percent protected from threats and attacks, but you can put together strategies and defenses to minimize the likelihood.