The Top 9 Cybersecurity Threats

06.12.2018

 

Years ago the biggest cybersecurity threat came from a pop-up window or suspicious email asking you to share your social security number in exchange for a share of a Prince’s inheritance. Today there are dozens of threats to cybersecurity. Hackers have become sophisticated; forming large groups who aim to develop viruses that take down large corporations and capture millions of people’s personal information. Viruses infiltrate entire systems instead of one device and can be transferred across protected networks. With threats growing in severity – what should you focus on to protect your business? Here are what today’s security experts say are the top threats:

1) Cyber Crime Groups

As we said above, a single cyber hacker is rare. Today, traditional organized crime groups have started participating in online money grabbing. There are several key hacking groups that dominate the field but more and more are proving to be real threats to cybersecurity.

Small groups still hack, but more and more we see viruses and attacks come from large corporations dedicated to rogue behavior. These organizations have full-time employees, HR departments, project management teams, and team leaders. Most operate publicly, and some — like the Russian Business Network — even have their own Wikipedia entries. A single, tech-savvy, hacker mastermind will lead the group. Specialists will then execute the plan by creating malware, marketing, and a distribution plan.

2) Small Time Cons

Not all cyber crimes come from large groups looking to capture millions of user’s data. There are small time operations who have one goal in mind: money.

Although they may steal identities and passwords, they only want money. They initiate credit card fraud or online shopping fraud and take what they stole and convert it into local currency using money mules, electronic cash distribution, e-banking, or some other sort of money laundering.

It’s not hard to find money launderers. There plenty of entities competing to take a large percentage cut of the illegally procured funds. The race to launder illegally capture funds can even be competitive and public nature. They advertise “no questions asked,” “bulletproof” hosting in countries outside the reach of legal subpoenas. These companies even offer public bulletin boards, software specials, 24/7 telephone support, bidding forums, satisfied customer references, anti-malware avoidance skills, and all the servicing that helps others to be better online criminals. Companies like this can earn tens of millions of dollars each year.

 

3) “Hacktivists”

Most cyber criminals aim to fly under the radar with the exception of “hacktivists.” Hacktivists are dedicated to political activism, like the infamous Anonymous group. Politically motivated hackers have existed since hacking was first born. The big change is that more of it is being done in the open and it’s being accepted as a form of political activism.  Their intent is to embarrass and bring negative media attention to the victim as much as possible, whether that includes hacking customer information, committing distributed denial of service (DDoS) attacks, or simply causing the victim company additional strife.

4) Stealing Intellectual Property

It’s no secret that today’s marketplace is increasingly competitive. The competition to win consumers is strong and companies hold their services, products, and innovations close. This can lead to a different type of cybersecurity threat: corporate espionage.  Hackers goal here? Break into a company’s IT assets, dump all the passwords, and over time, steal gigabytes of confidential information: patents, new product ideas, military secrets, financial information, business plans and so on. They will then shop the information to your competitors or use for their own personal gain.

5) Malware

Every cyber crime includes malware. In the past, a single programmer would make malware for his or her own use, or perhaps to sell. Today, there are teams and companies dedicated solely to writing malware to bypass specific security defenses, attack specific customers, and accomplish specific objectives. Malware is now openly sold and traded on the dark web and with different internet forums.

 

Malware is multi-level and can infiltrate many compartments. It is designed to survive reboots and once into your systems will contact the mothership for further directions. Think of it as a domino effect: for every step it reaches, it will create a chain of new reactions until it has infected every aspect of your tech.

This makes removal challenging and leave many organizations having to re-boot their entire systems. It is critical for organizations to have a secure back-up of their data as a precaution with this type of malware.

6) Botnets

Today’s botnet owners will either use the botnet for themselves or rent it to others by the hour or another metric. Each version of the malware program attempts to exploit up to tens of thousands of computers in an effort to create a single botnet that will operate at the creator’s bidding. Each bot in the botnet connects back to its command and control server to get its latest instructions. Those instructions often include dropping off a ransomware program. Botnets have been found with hundreds of thousands of infected computers. Malware fighters will often attempt to take down the C&C servers or take them over so that they can instruct the connecting bots to disinfect their host computers and die.

7) All-in-one malware

Malware no longer aims to infect one computer. They are designed to break into websites and modify them to help infect more victims. These programs come with management consoles so that owners can keep track of what the botnet is doing, who they are infecting, and which ones are most successful.

The best example of this is a Trojan horse. The end-user is tricked into running a Trojan horse that’s advertised as a necessary antivirus scan, disk defragmentation tool or some other seemingly essential or innocuous utility. The user’s normal defenses are fooled because the web page offering the rogue executable is a trusted site they’ve visited many times. The hackers compromised the site, using a host of tricks, and inserted a few lines of JavaScript that redirect the user’s browsers to the Trojan horse program.

8) Compromised Internet

In very simple terms, a website is simply a computer, just like a regular end-user workstation. The webmasters are end-users like everyone else. It’s not surprising to find the legitimate Web is being littered with malicious JavaScript redirection links.

It’s not a question of hackers infecting the webmaster’s computer. Attackers will find a weakness or vulnerability in a website that allows them to bypass admin authentication and write malicious scripts.

Common website vulnerabilities include:

  • Poor passwords
  • Cross-site scripting vulnerabilities
  • SQL injection
  • Vulnerable software
  • Insecure permissions.

Many times it isn’t the web server or its application software but some link or advertisement that gets hacked. It’s common for banner ads, which are often placed and rotated by general advertising agencies, to end up infected. Malware attackers have even purchased ad space to distribute infected links.

 

9) Cyber warfare

Cyber warfare programs are in a class to themselves and aren’t something that come up on a regular basis. These covert operations create complex, professional cyber warfare programs intent on monitoring adversaries or taking out an adversary’s functionality. We now even have nations, like North Korea, taking down and exploiting a Fortune 500 company because it didn’t like a particular movie.

So what can you do? The reality is that some victims never recover from cyber attacks. Credit records can be permanently damaged, companies may not have the funds necessary to fix the attack, and organizations may not have back ups of their current data. Your best defense is to protect your organization before an attack happens. If you have never had a professional IT company come in and evaluate your company’s cybersecurity, the time to do so is now. Datasmith can provide a complete cybersecurity analysis to determine your organization’s weak spots and the right solutions to protect your data.

Share