Chapter 2 – Types of Security Threats and Attacks
Source: Author designed/modified image
A cybersecurity firm, called Cybersecurity Ventures, predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. Cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades. Everyone needs to be aware of it and be prepared to face this with adequate cybersecurity measures.
The extent of vulnerability can be grossly related to the attack surface that the world is likely to be exposed to. And, this is much bigger than one usually thinks. It ranges from internet transactions to social media, devices, cloud, wearables to name just a few. Many times, hackers know more about your digital attack surface than you do. Impersonating domains, subdomains, landing pages, websites, mobile apps, and social media profiles are all used, many times in combination, to trick consumers and employees into giving up credentials and other personal information or installing malware. Mobile also provides an attack surface in many cases. Contrary to a general perception that there are a small number of mobile app stores; there are many secondary and affiliate stores primarily serving the Android market which provide an opportunity for malicious actors.
The more data there is in cyberspace, the greater the risk for businesses and bigger the opportunity for hackers. It stands to reason the more data growth, the more attacks. Plus, as organizations continue to integrate systems and applications, cyber-attacks will become far wider-reaching. Moving forward, we will see more cyber-attacks impacting the entire business. Using the organization’s connectedness against it, hackers can take down a website, revoke access to key documents, systems, and applications, and even cut lines of communication.
As costs come down, IoT adoption will rise next year, especially in the corporate environment. These connected devices are becoming less “nice to haves” and more expected in business. With more devices connected to the internet via 5G, the more opportunity cyber attackers will have to compromise systems and networks. And while we’ve seen an increase in IoT-enabled office spaces, we haven’t necessarily seen the same rise in security around them.
By the end of this module, you will learn:
- Common security threats
- The evolving security threats,
- Increasing cost/variety of emerging security threats.
Common security threats
The landscape of cybersecurity is always changing. Attackers are constantly probing for new weaknesses and vulnerabilities to exploit in corporate networks, while organizations are being forced to take new, more open approaches to IT systems to support trends like Bring-Your-Own-Device and cloud computing. In addition to the few popular security threats that we covered in chapter 1, here are a few more common cybersecurity threats for reference. It should be noted that as cybersecurity is evolving, new threats will keep emerging and old threats losing their relevance. It is a dynamic area and one should keep updated on development in this area.
| CYBERSECURITY THREATS | DETAILS |
| Malware | Software that performs a malicious task on a target device or network, e.g. corrupting data or taking over a system. |
| Spear Phishing | A more sophisticated form of phishing where the attacker learns about the victim and impersonates someone he or she knows and trusts. |
| “Man in the Middle” (MitM) attack | Where an attacker establishes a position between the sender and recipient of electronic messages and intercepts them, perhaps changing them in transit. The sender and recipient believe they are communicating directly with one another. A MitM attack might be used in the military to confuse an enemy. |
| Trojans | Named after the Trojan Horse of ancient Greek history, the Trojan is a type of malware that enters a target system looking like one thing, e.g. a standard piece of software, but then lets out the malicious code once inside the host system. |
| Brute force attack | Comprises of repeated attempts to gain access to protected information (e.g. passwords, encryption, etc.) until the correct key is found, and information can thus be reached |
| Distributed Denial of Service Attack (DDoS) | Where an attacker takes over many (perhaps thousands) of devices and uses them to invoke the functions of a target system, e.g. a website, causing it to crash from an overload of demand. |
| Attacks on IoT Devices | IoT devices like industrial sensors are vulnerable to multiple types of cyber threats. These include hackers taking over the device to make it part of a DDoS attack and unauthorized access to data being collected by the device. Given their numbers, geographic distribution, and frequently out-of-date operating systems, IoT devices are a prime target for malicious actors. |
| Data Breaches | A data breach is a theft of data by a malicious actor. Motives for data breaches include crime (i.e. identity theft), a desire to embarrass an institution (e.g. Edward Snowden or the DNC hack), and espionage. |
| Malware on Mobile Apps | Mobile devices are vulnerable to malware attacks just like other computing hardware. Attackers may embed malware in app downloads, mobile websites, or phishing emails and text messages. Once compromised, a mobile device can give the malicious actor access to personal information, location data, financial accounts, and more. |
| Water Holing | Setting up a fake website or compromising a legitimate one to exploit the visiting users |
| Cross-Site Scripting | is an attack method that often involves the hacker sending an internet link to their target. This link will take you to a vulnerable website with malicious code on it and, as a result, exploit your computer. |
The Evolving Cyber Security Threats
As cyber attackers become more sophisticated, organizations and cybersecurity experts become better at dealing with threats. And as cybersecurity evolves, so too does the ingenuity of the cyber-criminal. It’s not quite chicken-and-egg, but rather an ongoing cycle of improvement on both sides.
That’s not to say that the cyber attackers are winning; it just means in the current threat landscape businesses and individuals need to do all they can to mitigate the risk to their operations and customers, whether that’s from running the latest antivirus software to having to deal with ransomware, DDoS, or a data breach. Especially when it comes to the fallout of these attacks.
In an ever-changing digital landscape, it is vital to keep pace with the trends in cyber threats. Cyberattacks are changing primarily due to:
- Evolving targets: Information theft is the most expensive and fastest-rising consequence of cybercrime. But data is not the only target. Core systems, such as industrial controls, are being hacked in a dangerous trend to disrupt and destroy.
- Evolving impact: While data remains a target, theft is not always the outcome. A new wave of cyberattacks sees data no longer simply being copied but being destroyed—or even changed in an attempt to breed distrust. Attacking data integrity—or preventing data toxicity—is the next frontier.
- Evolving techniques: Cybercriminals are adapting their attack methods. They are targeting the human layer—the weakest link in cyber defense—through increased ransomware and phishing and social engineering attacks as a path to entry. An interesting development is when nation-states and their associated attack groups use these types of techniques to attack commercial businesses. Attempts are being made to categorize attacks from these sources as ‘acts of war’ in an attempt to limit cybersecurity insurance settlements.
As per some experts in this area, some of the predictions for the near future are highlighted below to make aware of such possibilities and to prepare themselves for extra vigilance they should have with their digital presence.
5G Technology will make the existing IoT related vulnerabilities even worse, new vulnerabilities will emerge from the new infrastructure required to support 5G — and malicious actors will exploit these vulnerabilities via IoT devices.
Biometrics will be used more frequently to authenticate users creating additional risk (attack surface) for the users. With passwords becoming less secure and some end-users failing to embrace multi-factor authentication, biometrics will become more commonplace.
Targeting mobile banking apps to steal credentials and funds is already on the rise, and this trend is expected to continue in the near- and medium-term future, as more people turn to the ease of mobile banking.
AI (Artificial Intelligence) has been used to impersonate individuals by realistically mimicking their voice, which is useful when requesting the transfer of funds. This year, hackers will continue to use AI advancements to scan networks for vulnerabilities, automate phishing attacks, and conduct large-scale social engineering attacks to propagate the spread of “fake news,” among other things.
Ready-to-use hacking toolkits, capable of exploiting vulnerabilities or stealing data and credentials has never been easier, making the barrier to entry as low as ever. Naturally, the increased volume of hackers with the means to attack will increase the likelihood of attacks.
Increasing Cost/Impacts of the (Emerging) Cyber Security Threats
By better understanding the impact associated with cybercrime, one can understand the seriousness and pervasiveness of such crimes. The total annual cost of all types of cyberattacks is increasing. Malware and Web-based attacks continue to be the most expensive as per a report by Accenture. The cost of ransomware (21 percent) and malicious insider (15 percent) attack types have grown the fastest over the previous years.
SOURCE: NINTH ANNUAL COST OF CYBERCRIME STUDY – BY ACCENTURE
The rapid growth of information loss over the last three years is a worrying trend. New regulations, such as GDPR and CCPA, aim to hold organizations and their executives more accountable for the protection of information assets and in terms of using customer data responsibly. Future incidents of information loss (theft) could add significantly to the financial impact of these attacks as regulators start to impose fines. The cost of business disruption—including diminished employee productivity and business process failures that happen after a cyberattack—continues to rise at a steady rate. Business disruption continues to grow steadily and is the second-largest consequence of cybercrime. Resources should be targeted on denial-of-service attacks, malicious insiders, and malware attacks to reduce this cost.
Attention should also be given to the rate of growth in each type of attack. The financial consequences of ransomware have increased by 21 percent in the last year alone. Although one of the smaller costs of cybercrime overall, organizations should not overlook this fast-growing threat.
Global ransomware damage costs were predicted to exceed $5 billion in 2017, up more than 15X from 2015. Ransomware damages are now predicted to cost the world $11.5 billion in 2019, and $20 billion in 2021.
Here are a few more statistics (from Cybersecurity Ventures1). There were nearly 4 billion Internet users in 2018 (nearly half of the world’s population of 7.7 billion), up from 2 billion in 2015. Cybersecurity Ventures predicts that there will be 6 billion Internet users by 2022 (75 percent of the projected world population of 8 billion) — and more than 7.5 billion Internet users by 2030 (90 percent of the projected world population of 8.5 billion, 6 years of age and older).