Page 75 - Cyber Defense eMagazine for July 2020
P. 75
What Are the Different Types of Threats?
Phishing
The U.S. Securities and Exchange Commission defines phishing as “the use of fraudulent emails and
copy-cat websites to trick you into revealing valuable personal information — such as account numbers
for banking, securities, mortgage, or credit accounts, your Social Security numbers, and the login IDs
and passwords you use when accessing online financial services providers.”
The goal, of course, is to use your personal information to steal your money and/or your identity. Phishing
also targets short message service (text messages) — and there’s also the possibility of “spearfishing by
video,” which allows hackers to “leverage new tools such as ‘deep fake’ technology to look and sound
like a trusted person (e.g., a Facetime with an attacker posing as a CEO).”
An article about 2020 cybersecurity predictions from SC Media predicts that “company microtargeting
with industry-specific tools will rise.” It’s more important than ever that organizations have the proper
controls in place to educate their employees and detect these kinds of threats.
Ransomware
The Department of Homeland Security defines ransomware as “a type of malicious software, or malware,
designed to deny access to a computer system or data until a ransom is paid. Ransomware typically
spreads through phishing emails or by unknowingly visiting an infected website.”
According to a recent Forbes article, business ransomware attacks were on the rise in the first quarter of
2019, and the trend is expected to continue in 2020 because “as the FBI softens its stance on businesses
paying ransoms, the number of ‘successful’ ransomware attacks (i.e. those in which the ransom is paid)
will double, with total losses of all reported attacks increasing significantly.”
Mobile Attacks
The Pew Research Center estimates that more than 5 billion people around the globe have mobile
devices (over half of which are smartphones), and according to HubSpot, 52% of web traffic around the
world is mobile.
With so much widespread cell phone ownership and use, it’s no wonder that hackers are threatening
mobile devices. According to Lookout, “traditional secure email gateways block potential phishing emails
and malicious URLs, which works for protecting corporate email from account takeover attacks, but
neglects mobile attack vectors, including personal email, social networking, and other mobile centric
messaging platforms such as secure messaging apps and SMS/MMS.”
It’s also worth noting that with every new piece of technology (such as the latest smartphone model)
comes security challenges. For example, the debut of 5G means new problems with malware aiming to
take advantage of the security features, according to AVG.
Cyber Defense eMagazine –July 2020 Edition 75
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.