In 2016, the White House estimated that malicious cyber activity cost the US economy up to $109 billion.
Failing to deal with computer security threats can cost your company huge amounts of money. It can also severely impact trust in your business.
With new and more sophisticated attacks being perpetrated all the time, keeping on top of the threats is hard. Knowing how to stop them all is even harder.
So read on as we take a look at 11 of the most serious computer security threats.
Many people think that the term virus relates to any type of cybersecurity threat.
But a virus is a specific type of attack. It gets its name from the fact that it can spread from one computer to another throughout networks, or via malicious emails.
A virus can be programmed to do many harmful things, from corrupting your data to scanning for personal information. They can also be used to shut down security, allowing other forms of cyber attack.
Antivirus software will protect against the more well-known viruses, but with new methods of attack being developed all the time, no antivirus software is likely to be 100% effective.
DDoS stands for Distributed Denial of Service.
The name is an accurate and concise summary of what is it. It denies service from a website, rendering it useless to anyone trying to access it. And it does so by using a large number of other computers distributed around the network.
Computers infected by malicious software flood a website with more traffic than it is able to handle. Doing so means that when a normal user attempts to access the site, they are unable to.
DDoS attacks offer no real benefit to the perpetrators, other than the satisfaction of having shut down a website for a short time.
Software that can spy on your browsing habits for the purposes of financial gain is known as adware.
Many software companies use adware which you consent to when using their products, which allows them to harvest data about you and target you with specific ads. But adware can also install itself without your consent.
Typical behavior from malicious adware can include an increase in pop ads, links redirecting to unrelated websites and strange toolbars and extensions automatically installing.
MitM stands for Man in the Middle.
Man in the middle attacks allow the perpetrator to secretly install themselves in the middle of a connection between two users. They can then have access to the information being sent back and forth that both users still assume to be encrypted and private.
The same method can be used to fool a website such as a banking website that it is communicating with an authentic customer rather than a hacker.
Spyware is similar to adware in that it monitors how you use your computer.
Spyware often installs programs such as keyloggers, which record every single keystroke that you make. This data will contain information such as your login details, passwords, even your credit card details, as well as the contents of any personal and private communications you might send.
6. SQL Injection
SQL is a programming language primarily designed for use with databases.
An SQL injection attack exploits weaknesses in this code to force a server to release the information held in the database. Since this kind of database is often used to store user information, including passwords and credit card details, a successful SQL injection attack can be very lucrative for hackers.
7. Trojan Horse
Trojan horses are named after the wooden horse in which the Greek soldiers hid to enter and overthrow the city of Troy.
In the same way, a Trojan horse cyber attack involves hiding malicious software within a piece of useful software. When the user downloads and installs the software they want, they unknowingly install the Trojan horse too.
As well as running malicious code, Trojan horses can also open backdoors that allow the perpetrators undetected access to the computer in question.
XSS, or cross-site scripting, is similar to an SQL injection attack, but instead of targetting the site’s database, it targets the users themselves.
An XSS attack will run scripts in the user’s browser when they visit a specific site. The user will then continue to use the site as normal, unaware that the code can take malicious action such as stealing cookies, logging keystrokes or even allowing hijackers to remotely control their computer.
An eavesdropping attack is when the perpetrators are able to listen in to the traffic in the network, and steal useful information such as passwords and payment details. A network monitoring program, known as a sniffer, is able to intercept the data as it is passed through the network and extract the information that the hackers need.
Public wi-fi networks are a prime target for eavesdropping attacks.
Most of us receive attempted phishing attacks every day.
All those emails in your junk folder pretending to be from your bank or credit card company are trying to trick you into giving them your login details. And whilst email clients are usually quite good at sending these straight to your junk folder, many still get through.
A simple test is to look at the full email address that the email is sent from and compare it to previous correspondence.
Ransomware is able to take over your computer and render it completely unusable.
It then requests that you make a payment to the perpetrators or they will delete all of the information on your computer. The effects of ransomware can be devastating; in 2017, ransomware hijacked more than 300,000 computers worldwide, including those used by the National Health Service in the UK.
Do you need protection from computer security threats?
If you’re concerned about the impact that computer security threats could have on your business, then you’re in the right place.
We offer a full spectrum security review with penetration testing to find any and all flaws in your computer security. And we’re always on the case, with solutions to protect against new threats as they arise.
If you would like to know about the services we offer then please don’t hesitate to get in touch.
Founder & CEO, LINC Project, INC. a Managed Service Provider in New York and San Francisco