Top Cybersecurity Threats Companies Face

Technology moves at breakneck speed, which helps you evolve your product and services to meet customer expectations. Unfortunately, as technology advances, so do the techniques cybercriminals use to steal data, interrupt your service, and ultimately cost you time, money, and potentially your reputation. 

Consider the following statistics:

• By 2025, it’s estimated that the collective amount of data available in cyberspace will reach 175 zettabytes (175,000,000,000,000,000,000,000).¹ That’s a ton of data, and it’s all attractive to cybercriminals.
  
  
• By 2023, the world will have three times more networked devices than people.¹
  
  
• A whopping 39% of security technologies used by organizations are considered outdated.¹
  
  
• More than half of all cyberattacks are executed against small-to-medium-sized businesses. 60% of them go out of business within six months of the attack.¹
  
  
• A single cyberattack (malware, data breach, or ransomware, for example) costs a business an average of $200,000.²
  
  

What Cyberattacks Can Do

There are dozens of different types of cyberattacks, and millions of cybercriminals finding ways to execute them. No matter what form a given cyberattack may take, you can be sure it’s designed to perform one or more of the following basic malicious functions:

• Disrupt, disable, or destroy your organization’s critical infrastructure

• Take control of your computing environment and/or its devices

• Gain unauthorized access to the sensitive data belonging to your organization and/or its internal and external users

• Steal sensitive information to create fraudulent transactions

   

Specific Types of Cyberattacks

Since it’s only a matter of time before your organization comes under attack, it’s critical to understand the top cybersecurity threats you’re most likely to face. More detail will be found on the associated pages. 

Understanding these attacks is the key to preventing them and mitigating their effects as quickly as possible. 

• Account Takeover Fraud is where hackers use compromised login credentials (such as usernames and passwords) to log in.

• Bots originated as scripts to automate simple actions, but they have become capable of mimicking human behavior. Bots are the dominating force in fraudulent online activity.

• Fraudulent Account Creation happens when hackers use fake identities to create new accounts to verify and use stolen payment information for purchases, loyalty point transfers, and more.

• Man-in-the-Middle attacks are where an attacker gains access to the communication line between two devices, usually through spoofing, wifi eavesdropping, or email hijacking. Then, they are able to intercept or modify communications and information.

• Denial-of-Service attacks happen when an attacker intentionally floods a network’s capacity, overwhelming it with their own inbound requests. This flood of data prevents legitimate users from reaching or using the website.

• Botnet attacks occur when a network of computers or devices are infected with malware and used by a hacker as an army of minions to execute malicious orders.

• Brute-force Password attacks are where hackers use bots to execute login attempts using different combinations of usernames and passwords until they are successful, breaking into files, networks, or other password-protected resources.

• Cross-site Scripting/XSS Attacks rely on malicious script injected by an attacker to a user's browser. When the user visits the affected website or application, that script is executed, allowing the attacker to wreak havoc on that interaction.

• IoT (Internet of Things) Attacks are where one or more IoT devices (smartphones, cameras, doorbells—anything with an internet connection) are compromised, putting the whole network at risk (e.g., allowing sensitive information to be stolen).

• Rootkits allow cybercriminals to operate a computer remotely. Hackers can use them to steal passwords, financial data, and more. Rootkits can install other malware to make that computer part of other attacks. They can also disable security software.

• SQL Injection is where malicious SQL code is used to manipulate a backend database and access information that shouldn’t be displayed, such as private customer data or financial information.

• Zero-day (0-day) Exploit is when attackers attack a system with a vulnerability the organization didn’t know they had. It refers to the fact that the organization has had zero days to fix the vulnerability before it is used against them.

• DNS Tunneling is where DNS requests are routed to an attacker’s server. It encodes DNS enquiries with the data of other protocols and programs, including data payloads that can be used to command and control remote applications and servers. 

• Dictionary Password attack is a technique used to break into a password-protected network or computer. An automated system is used to find the password by systematically trying every word in the dictionary. 

• URL Interpretation occurs when an attacker edits the text of a URL in an attempt to reveal a private page of a website. Editing the URL may reveal restricted information organizations mean to keep secure.

• DNS Spoofing is used by attackers to mimic expected server destinations and redirect traffic to unexpected or illegitimate places. It directs unsuspecting victims to fraudulent sites, tricking them into malicious interactions.

• Drive-by Attacks refer to malware or other malicious programs or files that are installed on devices without user consent. For example, drive-by downloads can be used to spread malware.

• Keyloggers are tools used to track and record keystrokes on a device. They monitor activities as unsuspecting users type passwords, credit card numbers, or other sensitive data and pass that information over to cybercriminals.

• Eavesdropping is also known as snooping or sniffing, and it relies on unsecured networks. It occurs when a cybercriminal is able to intercept, modify or delete data transmitted between devices.

• Ransomware/Malware is a general term for any software with malicious intent. Most cyberthreats are based on some form of malware. Sometimes, cybercriminals will use ransomware, demanding payment for removal of the malware they’ve installed.

• Phishing is where cybercriminals pose as trusted organizations or people, usually via email, to trick users into giving up sensitive information, such as credit card numbers.

• Credential Stuffing is a technique where attackers use a list of stolen user credentials from one system to break into another. It works because users often reuse those credentials across different services. 

• Credit Card Testing is how attackers test stolen credit card numbers to see if they are valid. They will “test” stolen payment information with small purchases to see if the transactions are approved before making larger transactions.

• Broken Authentication is an umbrella term for the vulnerabilities in any online platform, which can be exploited by cyberattackers to help them pose as legitimate users.

Common Practices That Increase Risk

No matter the size or type of organization you belong to, there are a few common practices or attitudes that could increase your risk of any type of attack. These risky habits may be adopted as an organization, within company leadership, or among staff at any level.

1. Ignoring or Putting off Software Updates 

   These often include critical security patches and should be required as soon as they are released.
   
   

2. Focusing on Technology Over Employee Training

   Technical solutions are critical, but most cyberattacks are “helped” along by the unintentional actions of employees who simply don’t know any better. Make sure they do.
   
   

3. Leading by (Poor) Example

   Leadership of every department—from sales, to marketing, to IT—should set the right example by strictly following security protocols and insisting their subordinates do the same.
   
   

4. Hyperfocusing on Prevention

   Prevention is definitely key in cybersecurity. However, don’t let all the focus be on that. Sooner or later, there will be a breach of some kind. Make sure attention and training are devoted to knowing how to handle it when it does happen.

Now that you have a better understanding of specific threats and the habits that could make you more vulnerable to them, you can take better advantage of actionable strategies to both detect your risk and mitigate the effects of cyberattacks.

SOURCES: 

1. Steve Morgan, 2022 Cybersecurity Almanac: 100 Facts, Figures, Predictions and Statistics, Cybercrime Magazine, 19 January, 2022

2. Hiscox Group, Hiscox Cyber Readiness Report, May 2022