Top 5 Cyber Threats in 2020

Table of Contents

What’s a Cyber Threat?

Cyber threats can be defined as any type of offensive action that targets computer information systems, infrastructures, applications, computer networks and much more. Their primary objective is: stealing, altering, exposing or destroying data, gaining unauthorized access to sensitive information, or make unauthorized use of a particular asset.

Cyber threats are on the rise. According to a report by the University of Maryland and Symantec, there is a cyberattack every 39 seconds. These figures emphasize the need for organizations to be proactive in protecting themselves from hackers. With that said, this article will highlight the 5 most common types of cyber threats in 2020, and how to prevent each one.

1. Cryptolocker / Ransomware

How it works: A cryptolocker, also known as a Ransomware, is a threat that has gained a lot of notoriety over the last several years. It acts as a Trojan horse, infecting your computer and searching for any files it can encrypt on your computer and other devices connected to the network. Once the files have been encrypted, a ransom paid in cryptocurrency is requested from the attackers. Refusing to pay within a specific deadline can lead to the data being leaked or destroyed altogether. For example, a medical clinic in California who didn’t have the necessary measures in place was forced to shut down permanently following a devastating ransomware that deleted all of its patient data.

How to prevent: One of the most efficient way to recover from a Ransomware attack is to regularly back up your data. This way, you can revert the infected systems to its state before it was encrypted, thus limiting the impact on your business operations and saving your valuable data. It’s also recommended to filter .exe emails within your email client and to only open attachment from known senders, as 93% of ransomware attacks occurred through an infected phishing email attachment.

In addition to these measures, you should always perform updates when possible. Whether it’s for software, anti-virus and operating systems on your computers/networks, a large portion of updates are released to patch security vulnerabilities. Once these vulnerabilities are publicly known, hackers incorporate them into their toolset and look for any vulnerable targets that did not perform the update. They use bots that constantly scan the internet looking for these vulnerabilities in order to infect the vulnerable systems. A good example of this, is Microsoft urging its users to update their Windows servers after they’ve detected active exploitations of a critical vulnerability recently patched in an update. Another example is one of the biggest ransomware attack in history, which targeted the UK’s NHS medical centers. This ransomware attack, which cost the NHS over €92m, occurred through the exploitation of a vulnerability in an outdated version of Windows.

2. Cross-Site Scripting (XSS) Attack

How it works: XSS attacks make use of 3rd-party web resources to execute scripts in the targeted user’s web browser (or “scriptable” application). While attackers can use XSS methods within VBScript, ActiveX, or Flash, JavaScript is the programming language most commonly abused by cyber criminals, primarily because of its widespread support across the Internet.

In an XSS attack, the attacker will inject a payload with malicious JavaScript into an application or a website’s database. When the victim requests a specific page from the website or web application, the page will carry the attacker’s payload to the victim’s browser as part of the HTML body. The browser will then execute the malicious script and extract the victim’s “cookie.” Thereafter, the attacker can use that cookie for session hijacking and impersonate the user. This vulnerability is often rated as critical according to CVSS (Common Vulnerability Scoring System) depending on where it exists within your application, requiring immediate attention.

How to prevent: The best way to protect your company from this cyber threat is to conduct a comprehensive penetration test. A penetration test will confirm the existence of vulnerabilities within your applications or networks — such as vulnerabilities to XSS attacks. Supported by evidence, it will prove the impact that this vulnerability could have on your users or your company as a whole if it was exploited by hackers. Penetration testing thus allows you to prioritize what needs to be fixed through concrete technical recommendations. It gives you the perspective of an attacker by replicating techniques they would use in a real cyberattack, identifying every way in which these XSS attacks could be performed and how exactly you can prevent them.

3. Insider Threat

How it works: As the name suggests, insider cyber threats comes from an internal source, such as current or former employees, contractors, or business associates. These individuals have more information regarding the organization’s security measures, data, and computer systems, which they could potentially leverage their knowledge for nefarious ends. These attackers are generally connected directly into your company’s internal network, which are known to be less secure than external networks. With this specific access and knowledge, they can gain access to and compromise critical assets for the company that are not properly secured internally.

How to prevent: To protect your company from insider threats, it is vital that you periodically perform enterprise-wide cybersecurity assessments and clearly document cybersecurity measures. Networks and systems should be rigorously segmented and access provided to employees should be restricted to the strict minimum. In addition, it is crucial to have your user permissions and segmentation audited by a third-party regularly to ensure that they cannot elevate privileges within your systems, allowing them to gain unauthorized access to critical assets.

4. Phishing

How it works: Phishing attacks are convincing emails sent to persuade an employee to perform a certain action (e.g.: downloading an infected email attachment or providing their credentials in a malicious web page). It often impersonates a trusted source, such as a client, a provider, the government or even another employee. It can be highly targeted (sent to specific employees only) or in the form of a mass email campaign delivered to every single employee. The scammers generally act under a feasible pretext, such as filling out a document for a new company policy. They often leverage publicly known information to make their emails as convincing as possible or link to web pages that replicate a resource the user can trust, hosted on a web domain with a similar name to the one it is impersonating. Phishing is the primary vector of infection used by attack groups to perform various types of cyberattacks and has shown to be very efficient in organizations of all sizes.

How to prevent: Employees who regularly process emails should be thoroughly trained to identify phishing attempts and their level of awareness should be regularly assessed with the help of a phishing test. These tests replicate a real phishing scenario in the way they would be carried out by hackers. This way, companies can be aware of which employees are susceptible to fall for phishing attacks so they can be further trained to identify it. It will also prove to their employees that it actually represents a risk for the company. Organizations with an Office 365 environment should also consider Microsoft’s ATP (Advanced Threat Protection), which has built in protections for phishing.

To Wrap Things Up

As you can see from the 5 types of cyber threats discussed above, modern attackers use a wide variety of methods to target your company. It is important to note that these are only common attacks, but they only scratch the surface of common cyberattacks. For that reason, mounting a good defense against cyber threats is crucial for any business. The measures stay the same no matter what type of attack you are trying to prevent:

  • Keep your systems and software updated
  • Assess and train your employees
  • Audit your user privileges
  • Segment your networks and assets
  • Perform penetration tests regularly
  • Use a least-privilege model in your IT environment
  • Regularly back up your data
  • Continuously audit your IT systems
Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

Share this article on social media:

Recent Blog Posts

Featured Services

Categories

The Latest Blog Articles From Vumetric

From industry trends,  to recommended best practices, read it here first:

2024 EDITION

PENETRATION TESTING Buyer's Guide

Everything You Need to Know

Gain confidence in your future cybersecurity assessments by learning to effectively plan, scope and execute projects.

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.