A cybersecurity threat is a malicious act that aims to damage or steal data and disrupt digital life in general. These threats include data breaches, computer viruses, distributed denial-of-service (DDoS) attacks, and other attack types. Cyber ​​threats also include obtaining unauthorized access to data, theft, damage or destruction of information technology resources, intellectual property and other forms of confidential information. Cyber ​​threats can come from within a company through trusted users, or from remote locations from unknown parties.

Sources of cyber threats can be:

Hostile Nation-States

National programs designed for cyberwar include cyber threats in the form of propaganda, website corruption, espionage, critical infrastructure destruction, and even death. The programs are state-sponsored and increasingly sophisticated, posing serious threats. Their active development can cause widespread and long-term damage to the national security of other countries.

Terrorist organizations

Terrorist organizations use cyberattacks to harm national interests. They use cyber defense systems less, which makes them more vulnerable. The threat of terrorist groups increases with the entry of a more competent generation into their ranks.

Corporate spies and organized crime

The main threat of corporate spies and organized crime lies in their ability to carry out industrial espionage in order to steal trade secrets or embezzle large amounts of money. The criminals’ main interest is in making a profit or disrupting the ability of the business to make a profit.

Hacktivists

The main hacktivistsэ goal is to spread propaganda. They seek to support their political program.

Disgruntled Insider

Is a common source of cybercrime. Insiders do not need to have a high knowledge level to disclose confidential information, as they may have access to the data. Third party vendors and employees who inadvertently introduce malware into systems, upload sensitive data, and share it online also qualify as insider threats.

Hackers

Cybercriminals can use a zero-day exploit to gain access to data. They also hack information systems to challenge or brag. Now, such attacks do not require a high level of knowledge and experience. Many automated attack scripts and protocols can be obtained from the Internet making it much easier to launch an attack.

Natural disasters

Natural disasters represent a cyber threat disrupting the infrastructure.

Random actions of authorized users

Incorrect S3 configuration by an authorized user can lead to data leakage. Some of the biggest data breaches were caused by bad configuration.

Major Cyber ​​Threats in 2021

Phishing attacks related to Covid-19

The attack was carried out using «harmless» emails or sites infected with malicious links. Interaction with such links will leak credentials. Because the topic of the pandemic aroused user interest and fear, the attacks had high success rates.

Insider threats

According to Verizon’s 2019 report, 57% of all database breaches were related to insider threats. Unfortunately, this type of cyber threat can’t be mitigated with a control strategy. To provide better protection against insider threats, it is worth restricting access to confidential information.

Ransomware attacks

This type of cyber threat is one of the most powerful. During such an attack sensitive data is encrypted by cybercriminals. It is possible to decrypt them only after paying the ransom.

Polyglot files

Such files may have multiple file type identifiers (for example, they may be classified as PPT and JS). Cybercriminals pack malicious code into a file, which helps bypass security controls.

DDoS attacks

As the adoption of IoT devices increases the risk of DoS attacks increases. The attack occurs because of sending many network requests from several compromised IoT devices to the site targets. As a result the servers are overloaded.

Malvertising

The attack occurs as a result of the introduction of malicious codes into advertising links. Such ads may be placed on sites that allow third-party advertising, even on social media feeds.

The Latin American Mlspadu is a prime example of an advertising attack. The malicious code was embedded in an advertising campaign for McDonald’s coupons on Facebook. While interacting with the ad a zip file was downloaded and installed on the user’s system, which contains a Trojan to steal banking credentials.