Cybersecurity threats are happening on a constant basis and is easily monitored from Check Point’s live threat mapping honeypot service. These are live attacks happening in real time and represent a fraction of what the industry considers as serious threats. In this article we are going to take a look at 8 ominous cybersecurity threats.
Ransomware is encrypted malware that when sent to a subject, encrypts the data on their personal devices and the intruder blocks all access to their machine. Traditionally, the hacker will then ask for a ransom and that is how the name came about. This has forced countless victims to pay up cash but more noticeably bitcoin to the attackers’ accounts. Many people have been victimized by this crime and incidents like this have spread to organizations. Just a few days ago a Malaysian media group was scammed by this threat.
Billed as the next industrial 2.0 wave into Smart City development and technological breakthrough, IoT devices are becoming more and more prevalent in today’s modern society with every device having an IP connection. Security is not much of an issue on these devices yet but they should be. IoT devices have full operating systems on them and even if some have scaled down versions, they would also be subject to the same amount of attacks as normal PC’s. Some are linked via Ethernet and others through Wi-Fi make it inextricable susceptible to cyber threats. IoT has become a part of our lives from refrigerators, to washing machines, to TV set-top boxes. This means they are just as vulnerable even more as part of our daily lives become intertwined in them.
Phishing is a cyber threat disguised as an email to attack victims. The goal is to trick the recipient into believing the message is something they want and when the targeted employee opens the email with the infected attachment, advertisement, or link the attacker is able to scan or retrieve all kinds of information off the victims machine. This can spread to other nodes on the network where users on this network are redirected to websites that appear to be the original site but in fact they are a clone of them. These sites are exact match copies and can operate in the same way. As the victims go onto these sites their keystrokes are retrieved, their data is syphoned to a fake backend where hackers will gather the data and sell them off on the dark web. This data can be credit card details, banking usernames and passwords, or whichever scheme the perpetrator is trying to get into.
Rootkits install themselves as part of downloads, backdoors or worms. They take steps to prevent the owner from detecting its presence on a system and once it is installed the Rootkit provides hackers with everything, Hackers can target IoT devices, which we covered earlier, and take over hundreds of devices. Stacking these devices in a daisy-chain can create a DDoS attack. However, employers can also use Rootkits to monitor their employee workstation usage and activity and even in some cases will enable law officials to investigate data on criminal computers. Rootkits are becoming harder to detect as operating systems are becoming better equipped at closing backdoors. However, the door is wide open to attack IoT devices and this will be the new frontier to protect.
Exploits are vulnerabilities in the system that allow hackers to infiltrate outdated systems. Exploit kits scan for different kinds of software holes, and if detected, shoots malware to further infect a device. In the early stages Adobe Flash was the weapon of choice for hackers to exploit but more recently Microsoft Windows has become the victim of choice. Even how bad that might sound, Microsoft is aware of this and keeps a list of vulnerabilities.
A RAT stands for Remote Access Trojan and is used to take complete control of the victim’s PC for the purpose to intentionally attack it. Unlike viruses and worms, RAT’s are harder to detect and remains even after removal. Popular places to find RAT’s are attached to games, or smaller programs as well as email attachments. Kaspersky, a well-known anti-virus firm, recently reported on its RAT ICS CERT that during the first half of 2018 at least one in three industrial systems were loaded with RAT’s. This is troubling and discerning considering cyber security threats are more likely to occur within known states They advise reducing the risk by avoiding programs like VNC, and TeamViewer are software tools network engineers use to access remote devices.
Spyware is what the name implies. It is software installed on a PC to spy on the current user of that machine. It gathers information about a person or organization and relays this data to other parties. Spyware comes in different forms. It can be adware, trojans, legitimate programs, deceptive pop-up windows. Keylogging is also another form of spyware and it is used to steal usernames, passwords, or other credentials from victims. Spyware can come from external means or from employers wanting to find information about their employees. Popular methods to prevent spyware is to use anti-spyware scanners or a firewall.
A PC virus is malicious code that replicates itself to another program. Viruses are often referred in some circles as malware but spread in similar fashion by opening email attachments, clicking executable files, visiting infected websites or viewing infected websites. Viruses has evolved from security testing software to Trojans, to OpenSSL attacks.