The Main Types of Cyber Security Threats

Cyber Security Threats

686 Views

Cyber security threats come in many shapes and sizes. It takes a decade or more to become comfortable with all of the different attack methodologies, and be able to formulate a decent response to just about any situation.

The truth is: Most people who are in charge of a company’s cybersecurity are experts in about a third of the kinds of attacks that they may face off against. The smart ones surround themselves with people who are experts in the other types. Then not-so-smart ones have too much pride to spread the burden of constant learning and preparation.

But in order to know what you don’t (yet) know, a list of potential cyber security threats would be helpful. So without further ado, here are the ten most common  types of cyber security threats.

Number 1 – Backdoors

Backdoors are secret ways that can give a normally unauthorized individual access to a system. They might have been used in the testing process to quickly change permissions, but they never got removed. Or they might be mandated by the government of the manufacturing or hosting country for some kind of authoritarian monitoring. Either way, if the backdoor isn’t closed before the system goes live, anyone who knows how to access it will have power over that hardware or software.

Number 2 – Phishing

Phishing is an open invitation for users to give away their personal information and security credentials. It’s a completely remote and often automated (at least at first) version of social engineering (which we’ll cover shortly). Through an E-mail, a web form, a cleverly disguised app, or a trap website, phishing attempts to get the user to fill out forms or otherwise provide information that can be used to gain access to sensitive systems. The non-automated, highly personalized version of this is called ‘spear phishing’.

Number 3 – Malware

Malware, and to a lesser extent old-school viruses, are attempts to hide code on a system that will secretly take actions using the operator’s permissions. Normally malware is downloaded and installed just like any other program or app, often in the guise of pirated software, brand new apps, or code executing documents. The malware then installs alongside the expected contents of the download. Once running, it could spy on the user’s actions, probe the network, eat CPU time by executing crowdsourced computing, attempt to infect more systems, or set up a botnet for later manipulation.

Number 4 – Digital Fingerprinting

Digital fingerprinting refers to the techniques used to gather information about a computer system or network in order to identify or track it. Things like operating system, browser version, software versions, hardware configurations, and other system properties create a unique digital “fingerprint” that can be used to single out a specific device or user. As more aspects of our lives move online, digital fingerprinting poses a major privacy threat since it can be used to track people across websites and build detailed profiles about them without their consent or knowledge. It is an emerging cyber security issue that compromises personal data protection. Privacy apps like Hoody can full protect against digital fingerprinting by spoofing them.

Number 5 – SQL Injection

An SQL injection uses the complex code that makes up Structured Query Language to attack a server that relies on such relational databases. Using tricks that are commonly ignored or overlooked by basic database permissions, SQL injection forces the server to reveal information that would normally only be accessible to privileged users. Many forms of SQL injection submit strings of malicious code via a website’s search box or other DB-connected field.

Number 6 – DNS Tunneling

DNS tunneling is an important secondary attack method often used to exfiltrate (get away with) data that has been collected through other means. By disguising other kinds of traffic as legitimate queries sent over the port dedicated to DNS (often port 53), a hacker can often bypass normal firewall restrictions and fool network monitoring systems. This technique is not only used to get stolen data out of a private network, but also as a command and control method for malware infected computers and botnets.

Number 7 – Social Engineering

Social engineering is the oldest cyber security threat known to man. At a broad level, it’s the process of fooling someone into aiding or committing a security breach by tricking or lying to them. It can also apply to common ways to collect security information that has been handled carelessly, such as via dumpster diving (looking for old hardware or authentication information in trash or recycling) or secondary market recovery (buying a company’s old hardware and scouring it for intact data).

Number 8 – Zero-Day Exploits

Zero-day exploits are vulnerabilities that were discovered and acted upon before a patch could even be considered. Sometimes these hardware, software, or firmware flaws have been part of the core system for years, but simply never saw the light of day. The goal of the hacker is to get as much done as possible before anyone knows how to deal with this brand new threat. Dealing with these types of cyber security threats often requires broad, heavy handed countermeasures until a more sophisticated solution is developed.

Number 9 – Man-In-The-Middle

Man-in-the-middle attacks involve having a presence somewhere in between the victim and the server that they’re trying to access, preferably in a position where the attacker can see an unencrypted or lightly defended data flow. Common examples include authority attacks, where a person in charge of a network resource (such as someone working at an ISP) promiscuously snoops traffic, and public resource attacks, where the hacker pretends to be an access device (a public wi-fi hotspot or a mobile phone tower) but instead acts as a pass-through and scrapes the data as it flows by.

Number 10 Denial of Service

Denial of service (DoS) is possibly the most frustrating of all the types of cyber security threats. It attempts to overwhelm specific network or computing resources with a massive flood of traffic. The goal might be to take something offline by eating all of the bandwidth, or it might be to cause the defenses of certain services to ‘fall over’ under the stress, leaving a system open for access. Distributed denial of service (DDoS) attacks are often performed by botnets with nodes all over the world, to make countermeasures more difficult.

Number 11 – Brute Force Attacks

Brute force attacks attempt to break common encryptions by simply trying every possible key. Generally, these attacks only work against weak or outdated forms of encryption. Smaller key spaces, known flaws in random number generation, and other vulnerabilities that effectively limit the number of possible keys can greatly increase the effectiveness of a brute force attack. Strong, modern encryption methods can effectively increase the brute force time of even the most powerful supercomputers to billions of years. However, vulnerability to quantum computing is a relatively new consideration that older encryption methods haven’t had to consider.

Final Thought

Every advancement in computing brings with it new potential attack vectors. Stay flexible in your thinking patterns. Try to see what can go wrong, what can be manipulated. Then you’ll be ready for the cyber security threats of the next decade.

Leave a Reply