Cyber security threats are the malicious and deliberate ways to damage and steal data or disrupt services to their target, even a serious concern about national security. Cyber threats refer to a possibility of successful cyber attacks that aim to access, damage, disrupt or steal valuable, sensitive information from their target. Cyber security threats are either from within the organization by trusted users or from remote locations by unknown parties.
Nowadays, modern enterprise networks are usually made up of many parts that all work with each other. Securing them can become very complex work. The larger the network grows, the harder it is to protect everything until you have identified many vulnerabilities, assessed the many exploits, and exposed where the threats might come from.
To be able to address cyber security threats and attacks, we must first need to understand these types and how they may disrupt the network by accessing sensitive data.
Malware is malicious software that performs a task on a targeted device or a whole network. Once activated, usually by clicking a malicious link or attachment, it can block access to important network components, install harmful software, subtly obtain sensitive information by sending data from the hard drive and disrupting the whole network halting services to users. Below are examples of malware that cyber criminals use to gain unauthorized access to the target and perform a cyber attack:
Phishing is a way of obtaining valuable information about the target by tricking the victim to unknowingly provide their credentials and can be considered a type of social engineering that attacks the users into bypassing normal cyber security protocols and giving up personal data about them.
Phishing attacks can be accomplished in a lot of ways, typically by sending phishing emails that may seem to be coming from trusted sources such as your bank, friends, co-workers, or even your own employer. The cybercriminals try to get users to click on links in the emails that will redirect them to fraudulent websites that request personal information or install malware, such as keyloggers or spyware, on their devices.
Man-in-the-Middle (MITM) Attack
This type of attack happens when there is someone between two parties sharing sensitive information is being exchanged. Once the hacker has gained access, usually by disrupting traffic, they can filter and steal data. MITM usually occurs when a guest uses an unsecured Wi-Fi connection. The attackers insert themselves between the guest and the network by installing malware and utilizing the data maliciously.
Distributed Denial of Service (DDoS)
A DDoS attack is a cybersecurity threat that maliciously attempts to interrupt the normal traffic of a targeted server, service, or network by flooding and overwhelming the target or its surrounding infrastructure with Internet traffic.
DDoS attacks are executed with networks of Internet-connected machines. These networks are consist of computers and other devices which have been infected with malware and permit them to be controlled remotely by an attacker. These devices are called bots or zombies, and a group of bots is called a botnet.
A data breach is a kind of data theft. Motives for data breaches include crimes such as identity theft, a desire to embarrass an institution, and espionage to steal sensitive data and gain access to critical infrastructure for financial gain and even threaten national security.
Domain Name System (DNS) Attack
A DNS attack is a kind of cyberattack in which cybercriminals exploit the Domain Name System (DNS) vulnerabilities. The attackers make use of the DNS vulnerabilities to divert site visitors to malicious pages (DNS Hijacking) and access data from compromised systems (DNS Tunneling).
Structured Query Language (SQL) injection
SQL injection exploits the web security vulnerability of an application. It allows an attacker to intervene with the database queries of the application. Therefore, they can view and retrieve restricted data, including user data or any other sensitive data that the application can access. An attacker can modify or delete this data in many cases, causing persistent changes to the application’s content or behavior.
Malware on Mobile Apps
Mobile devices are also vulnerable to malware attacks, and cybercriminals can use this as a starting point to exploit other devices in the network. Attackers may embed malware in app downloads, mobile websites, or phishing emails and text messages. Once compromised, this can give the attacker access to personal information, location, financial accounts, and more.
Advanced Persistent Threats
An advanced persistent cyber threat is when an unauthorized user gains access to a system or network and stays there without being detected for an extended time.
Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.
We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: