When the internet was young the threats you could encounter online felt simple and easy to understand. You had viruses, adware, and… well, that was it right? Perhaps it was never as simple as all of that, with many of the modern threats simply being refined versions of the risks of yesteryear.
This article will explore the 11 most common cybersecurity threats that we need to protect ourselves against. Additionally, we’ll discuss how you can stay safe, and what you can do to remove viruses and malware when they infect your system!
What is a cybersecurity threat?
Cybersecurity threat is the catchall term for any sort of risk that your computer systems may be exposed to online. Cybercriminals create a wide variety of tools which they variously use to steal your data, hold your data for ransom, or even use your computer’s resources to help them carry out additional cyberattacks.
Types of threats
The name malware is shorthand for Malicious Software, and as such is the broadest term for cyberthreats. Most (although not all) cyber threats utilize one form of malware or another, ranging from self-replicating computer viruses to highly targeted trojan-horses.
While we use the word computer virus to refer to nearly any threat we encounter on a computer, the term refers specifically to the class of malicious code that actively spreads itself. Just like viruses in the real world, a computer virus has the means to self-replicate and infect other hosts.
A common way that this takes place is through hijacked email or messenger apps. The virus first makes its way onto your computer, usually through a compromised file which was downloaded and executed without first being checked for viruses, and then quietly installs itself in the background.
Next, the virus seeks out your contact list in Microsoft Outlook, Facebook, or similar service, and then sends out messages to all of your contacts. The message will be something relatively innocuous and generally include a link or email attachment to an infected file. If any of the recipients open the infected link or attachment then they too will become infected and the cycle will repeat itself.
This infectious behavior is what defines a computer virus – but the act of infecting other computers is not where their risk lies. Computer viruses can steal data, lock you out of your computer, or even just inject pop-up ads into your browser. The exact nature of the virus will vary depending on the creator’s goals.
The term botnet is used to describe a group of internet-connected devices which are all infected with malware and put to a collective use. The precise nefarious use may vary – but generally they are used for cybercrimes which take advantage of the sheer numbers of infected devices.
Botnets can be used to launch distributed denial of service attacks, send spam messages, mine cryptocurrency, or even commit advertisement click fraud.
Internet of things (IoT) devices like wi-fi connected thermostats or even security cameras are commonly sought after by hackers looking to create a botnet. These devices often have unpatched vulnerabilities or are commonly used with default login information, making it easy for hackers to exploit them. Additionally, it can be hard to tell when these devices have been compromised as they will otherwise continue to function normally.
Once a hacker has built a sufficiently large network of infected devices, it is common for these botnets to be rented out to other cybercriminals. A single botnet can include millions of infected devices – with the now-defunct Bredolab botnet at one time exceeding 30,000,000 devices!
Distributed denial of service
A distributed denial of service attack, or DDoS for short, is not a type of malware, but is instead an attack which overloads a server with meaningless requests, making it unable to perform its normal duties. Botnets, as described above, may be used to conduct DDoS attacks, or they may be conducted by individuals or groups of individuals with access to a large number of networked computers.
In some cases, an unexpected surge in attention can result in websites going offline in the same manner as caused by DDoS attacks. The so-called Reddit Hug of Death is a phenomenon where thousands or millions of real users visit a website whose server was otherwise unprepared for the sudden increase in web traffic, causing it to go offline.
A trojan horse is a type of malware named after the large wooden horse which Virgil claims in the Aeneid was used successfully by the Greeks to conquer the city of Troy. Much like the wooden equine of lore, modern trojan horses disguise themselves as a piece of enticing software in order for unwitting users to download and execute them.
Once the trojan horse has gained access, it quietly springs into action, deploying its malicious payload. The exact nature of the attack may vary, ranging from spyware designed to capture your sensitive data to ransomware which will demand a payment in exchange for not destroying your harddrive!
The best way to protect yourself from trojan horses is to only download software from reputable sources. In general, if something seems too good to be true (like getting access to Adobe Photoshop’s premium version for free) then it probably is!
Man in the middle attacks (MitM)
Man in the middle attacks date back to the 1980s and are a type of highly sophisticated internet threat. While there are a few different ways that these attacks can be implemented, at their most basic level they can work by convincing a user to connect to a compromised WiFi network which monitors all of the traffic passing through it.
Sometimes attackers will use spoofing techniques to set up a public WiFi network which resembles a legitimate network. Users will unknowingly connect to the network, thinking it’s safe, and then potentially expose their online banking details, credit card numbers, and other sensitive information to the hackers.
The trouble with MitM attacks is that they are very hard to detect and often are only noticed after the damage has been done. The best way to stay safe from these attacks is to use a virtual private network (VPN) to obfuscate your data when connecting to public networks.
Phishing attacks are fundamentally different from the rest of the internet security threats described here in that they do not require any software at all! Instead, the attackers will use social engineering techniques to get users to reveal their private information themselves!
These attacks take many forms, but may be as simple as an email telling you that a password needs to be reset. You will then be taken to a fake website, perhaps one that looks very much like the institution it purports to be, and asked to provide your current login information and then create a new password.
However, instead of changing your password, the form simply sends your username and login credentials to the attacker who now can do with it what they please!
Avoid these attacks by always being skeptical of anyone who requests that you provide your login credentials to them. If you need to change a password, access the institution directly from your browser, not from links sent to your email. When in doubt, never share private information.
SQL injection attack
This sort of attack exclusively targets servers and relies on using malicious code to exploit server vulnerabilities. Hackers can use SQL injection to steal sensitive user information, modify or delete server information, or even gain access to the operating system the server is running on!
Unless you are running a server, this sort of threat isn’t one you can take any steps to avoid. If you are running a server it is essential to keep it and all of its plugins updated.
Rootkits are a class of malware that install themselves at a very deep level within your computer. Rather than operating like a normal piece of software, rootkits exploit vulnerabilities to gain access to administrative privileges which they then use to screen themselves from detection.
Rootkits are very hard to detect and can be even harder to remove. Working with an information security specialist is your best bet in cases like these.
Rogue security software
This class of threat, sometimes called Scareware or Fraudware, is often added to computers on accident as a part of a bundled installation package. The software pretends to be a legitimate antivirus, and quickly “detects” one or more serious threats.
The program then helpfully recommends a solution – but that solution is only available on a paid version of the program which you don’t have! However, no worries – the program will happily deal with the threat as long as you provide them with your credit card information and part with a relatively sizable chunk of hard-won currency.
The problem here is that there never was any malware to remove – except for the rogue security software itself.
A crucial thing to ask yourself when you receive messages from your computer advising you about potential risks is: did I install this software and is it reputable? If the answer to either of these is no, then you should proceed with caution!
Most free antivirus software can fix common viruses without needing to be upgraded to a premium version. Premium versions often come with greater convenience features, but it is rare that they are actually more capable at removing malware.
Advanced persistent threats (APTs)
Advanced persistent threats are a class of cyber attack that allows attackers to gain, and maintain, access to a computer network. The goal of these attacks is not to disrupt service, but instead to monitor a network over time.
Nation-states will sometimes use APTs against one another as a part of covert operations, while private hackers may employ these tactics against corporations in order to steal large amounts of data.
How can I protect myself against web threats?
There are several strategies to stay safe online, but they work best when used in unison. Here are our top tips for protecting yourself from cyber attacks:
- Always use strong and unique passwords for every website – that way a single compromised password doesn’t impact multiple accounts.
- Always enable multi-factor authentication (MFA) when available. This way even if your password is compromised attackers won’t be able to gain access to your accounts.
- Keep and maintain backups of any important data or files.
- Keep your operating system, firmware, and software updated. Deferring updates makes it easy for hackers to exploit known vulnerabilities to gain access to your computer.
- Regularly scan for malware using reputable anti-malware software.
- Only download email attachments from known senders who you expected to be sending you content.
- Scan all downloads for malware (from emails or websites) before opening them!
- Talk to a home network security advisor to see how else you can harden your network against threats.
Understanding The Complex Landscape of Cybersecurity Threats
Ultimately, staying safe online is an evolving challenge as hackers are constantly working on creating sneakier attacks. However, despite the threats constantly changing, the best defense strategies of today are nearly entirely the same as a decade ago. If you maintain backups, keep software updated, use strong and unique passwords, and be careful about what files you download and open you will avoid the vast majority of online threats.
Are you concerned that your computer has a virus or malware? Working with a cyber security professional is the most reliable way to eliminate viruses and ensure that your computer is safe to use! At Bristeeri Technology we have decades of experience helping users take back control of their computers and stay safe from future attacks!