Common Cyber Threats

ohse.ca

1 week ago

Table of Contents

- Overview:
- Learning Objectives:
2.1 Phishing
2.2 Malware
2.3 Data Breaches
2.4 Social Engineering
2.5 Ransomware
2.6 Distributed Denial of Service (DDoS)
Key Takeaways:

Overview:

In this module, you will learn about the most common types of cyber threats that individuals and organizations face in today’s digital world. Understanding these threats is the first step in protecting yourself, your data, and your organization from cybercriminals. By recognizing how these attacks work, you can adopt preventive measures to reduce your vulnerability.

Learning Objectives:

By the end of this module, learners will:

Identify different types of cyber threats and how they work.
Understand the impact of cyber threats on individuals and organizations.
Learn how to recognize and avoid common cyber threats.

2.1 Phishing

Phishing is one of the most common and dangerous cyber threats. It involves cybercriminals attempting to trick individuals into providing personal information, such as passwords, credit card numbers, or other sensitive data, by pretending to be a trustworthy entity. These attacks are often delivered through emails, text messages, or websites designed to look legitimate.

How Phishing Works:

Email Phishing: You receive an email from what looks like your bank, asking you to verify your account information. The email contains a link that directs you to a fake website designed to look exactly like your bank’s login page.
Spear Phishing: This is a more targeted form of phishing where the attacker tailors the email to a specific individual, often using personal details to make the scam more convincing.

How to Avoid Phishing Attacks:

Always verify the sender’s email address and look for signs of suspicious activity (such as poor grammar or generic greetings like “Dear Customer”).
Do not click on links or download attachments from unknown or unexpected emails.
Use two-factor authentication (2FA) for important accounts, making it harder for attackers to access your data even if they steal your password.

2.2 Malware

Malware refers to any malicious software designed to damage, disrupt, or gain unauthorized access to computer systems. Malware can come in many forms, including viruses, worms, ransomware, and spyware.

Common Types of Malware:

Viruses: A virus attaches itself to legitimate software and spreads to other files on your device, causing damage or disrupting operations.
Ransomware: Ransomware locks users out of their devices or encrypts their files and demands payment to restore access. The famous 2017 WannaCry ransomware attack impacted organizations worldwide.
Spyware: Spyware secretly monitors your activities, such as keystrokes or browsing behavior, and sends this information to cybercriminals.

How to Protect Against Malware:

Install and regularly update antivirus software.
Be cautious when downloading files from unknown sources or clicking on links from untrusted websites.
Regularly back up important data to avoid losing access in case of a ransomware attack.

2.3 Data Breaches

A data breach occurs when sensitive information is accessed by unauthorized individuals. This often involves personal data such as financial information, social security numbers, and login credentials being stolen and sometimes sold on the dark web. Data breaches can result from weak security systems, social engineering attacks, or vulnerabilities in software.

Impact of Data Breaches:

Personal Loss: Identity theft and financial fraud are common outcomes for individuals whose personal information has been compromised.
Business Impact: Companies can suffer significant financial and reputational losses after a data breach. They may also face legal consequences for failing to protect customer data.

How to Minimize Data Breach Risks:

Use strong, unique passwords for each account, and store them in a secure password manager.
Enable two-factor authentication to add an extra layer of security.
Regularly monitor your accounts for suspicious activity and report any unauthorized transactions immediately.

Social engineering refers to tactics that manipulate individuals into divulging confidential information or performing actions that compromise security. These attacks often involve psychological manipulation rather than technical methods.

Examples of Social Engineering Attacks:

Pretexting: Attackers create a fabricated scenario (a “pretext”) to convince the target to share sensitive information. For instance, they may pose as IT support and ask for login credentials to “fix” an issue.
Baiting: Attackers leave physical media, like USB drives, in public places in the hope that someone will pick them up and plug them into their computer, unknowingly installing malware.

How to Avoid Social Engineering Attacks:

Be cautious about sharing personal or work-related information, even if the person asking seems legitimate.
Verify the identity of anyone asking for sensitive information, especially through unsolicited phone calls or emails.
Be wary of offers that seem too good to be true or requests that urge you to take immediate action without verifying details.

2.5 Ransomware

Ransomware has become one of the most damaging forms of malware in recent years. It encrypts a victim’s data, making it inaccessible until a ransom is paid. Ransomware attacks can disrupt businesses, cripple healthcare systems, and affect critical infrastructure.

How Ransomware Works:

Cybercriminals send malware disguised as legitimate software or files, which users download and execute on their devices.
Once activated, the malware encrypts the victim’s files and displays a ransom demand.
In some cases, even if the ransom is paid, the attacker does not restore the files.

Steps to Protect Against Ransomware:

Regularly back up your files to an external or cloud-based system not connected to your primary network.
Be cautious of email attachments, especially from unknown senders, as they may contain ransomware.
Use comprehensive security software that includes protection against ransomware attacks.

2.6 Distributed Denial of Service (DDoS)

A DDoS attack occurs when an attacker floods a network or website with an overwhelming amount of traffic, rendering it inaccessible to legitimate users. DDoS attacks are often used to disrupt businesses and websites temporarily.

How DDoS Works:

Attackers use a network of compromised computers (known as a botnet) to send a massive amount of traffic to a target, overwhelming its servers.
The target’s systems slow down or crash, causing a denial of service to legitimate users.

How to Mitigate DDoS Attacks:

Use content delivery networks (CDNs) to distribute traffic across multiple servers, reducing the impact of DDoS attacks.
Invest in DDoS mitigation tools that can detect and block malicious traffic before it overwhelms your servers.
Work with your internet service provider (ISP) to respond quickly to any DDoS attack.

Key Takeaways:

Phishing, malware, data breaches, and social engineering are some of the most common cyber threats.
Being aware of these threats and how they operate helps individuals and organizations protect themselves.
Preventative measures like antivirus software, strong passwords, regular data backups, and cautious behavior online are essential for mitigating cyber risks.