1 – Malware

We will start with the most prolific and common form of security threat: malware. It has been around since the internet’s inception and continues to remain a consistent problem. Malware is when an unwanted piece of programming or software installs itself on a target system, causing unusual behavior. This ranges from denying access to programs, deleting files, stealing information, and spreading itself to other systems.

Prevention: A proactive approach is the best defense. Common sense dictates users and organizations should have the latest anti-malware programs installed, for starters. It is also important to recognize suspicious links, files, or websites, which are effective ways of implementing malware. Often, a combination of caution and anti-virus is enough to thwart most malware concerns.

2 – Password Theft

“I’ve been hacked!” A common conclusion when you log in to an account, only to find your password changed and your details are lost. The reality is an unwanted third party managed to steal or guess your password and has since run amok with the information. It is far worse for an enterprise, which may lose sensitive data.

Prevention: There are several reasons for losing a password. Attackers may guess the password or use “brute force” programs to cycle through thousands of potential attempts.  They may also steal it from an unsafe location or use social engineering to trick a user into giving it away. Two-factor authentication is a robust protection method, as it requires an additional device to complete the login. Additionally, using complicated logins thwarts brute force attempts.

3 – Traffic Interception

Also known as “eavesdropping,” traffic interception occurs when a third-party “listen” to info sent between a user and host. The kind of information stolen varies based on traffic but is often used to take logins or valuable data.

Prevention: Avoiding compromised websites (such as those not using HTML5) is an excellent proactive defense. Encrypting network traffic – such as through a VPN – is another preventive method.

4 – Phishing Attacks

Phishing scams are an older attack method and rely on social engineering to achieve their goal. Typically, an end-user receives a message or email which requests sensitive data, such as a password. Sometimes, the phishing message appears official, using legitimate appearing addresses and media. This compels an individual to click on links and accidentally give away sensitive information.

Prevention: Generally, a common-sense approach to security is the best prevention. Phishing messages are often rife with spelling and syntax errors. Official emails from organizations do not request personal data, so this is a giveaway there is malicious intent.

5 – DDoS

Distributed Denial of Service is an attack method in which malicious parties target servers and overload them with user traffic. When a server cannot handle incoming requests, the website it hosts shuts down or slows to unusable performance.

Prevention: Stopping a DDoS requires identifying malicious traffic and halting access. This can take time depending on how many malicious IPs are used to distribute the attack.  In most cases, servers need to be taken offline for maintenance.

6 – Cross-Site Attack

Referred to as an XSS attack. In this instance, a third party will target a vulnerable website, typically one lacking encryption. Once targeted the dangerous code loads onto the site. When a regular user accesses said website, that payload is delivered either to their system or browser, causing the unwanted behavior. The goal is to either disrupt standard services or steal user information.

Prevention: Encryption is usually required on the host’s side. Additionally, providing the option to turn off page scripts is vital to thwart a malicious payload from activating. Users can also install script-blocker add-ons to their browser if they prefer additional browsing control.

7 – Zero-Day Exploits

Occurring after the discovery of a “zero-day vulnerability,” an exploit is a targeted attack against a system, network, or software. This attack takes advantage of an overlooked security problem, looking to cause unusual behavior, damage data, and steal information.

Prevention: Stopping exploits is challenging, as it relies on the vendor both discovering the loophole and releasing a fix for it. In some cases, a zero-day vulnerability can exist for an extended period before its discovered. Users must maintain good safety habits until a fix is released.

8 – SQL Injection

An SQL attack is essentially data manipulation, implemented to access information that is not meant to be available. Essentially, malicious third parties manipulate SQL “queries” (the typical string of code request sent to a service or server) to retrieve sensitive info.

Prevention: Implementation of smart firewalls is one prevention method; application firewalls can detect and filter out unwanted requests. Generally, the most effective way is to develop code that identifies illegal user inputs.

9 – Social Engineering

Similar to phishing, social engineering is the umbrella method for attempting to deceive users into giving away sensitive details. This can occur on any platform, and malicious parties will often go to great lengths to accomplish their goals, such as utilizing social media info.

Prevention: Remaining skeptical of suspicious messages, friend requests, emails, or attempts to collect user info from unknown third parties.

10 – MitM Attack

A Man-in-the-Middle attack occurs when a third party hijacks a session between client and host. The hacker generally cloaks itself with a spoofed IP address, disconnects the client, and requests information from the client. For example, attempting to log in to a bank session would allow a MITM attack to hijack user info related to their bank account.

Prevention: Encryption and use of HTML5 are recommended.

11 – Ransomware

A nasty variant of malware, ransomware installs itself on a user system or network. Once installed, it prevents access to functionalities (in part or whole) until a “ransom” is paid to third parties.

Prevention: Removal is challenging once installed. Keeping anti-virus updates and avoiding malicious links are the best current prevention methods. Also, current backups and replications are key to keeping ransomware attacks from becoming catastrophic.

12 – Crypto-jacking

Crypto-jacking is an attempt to install malware that forces the infected system to perform “crypto-mining,” a popular form of gaining crypto-currency. This, like other viruses, can infect unprotected systems. It is deployed because the act of crypto mining is hardware intensive.

Prevention: Keep all security apps/software updated and make sure firmware on smart devices is also using the latest version. Crypto-jacking can infect most unprotected systems.

13 – Water Hole Attack

Generally used to target organizations, water hole attacks occur when a group infects websites a particular organization frequently uses. The goal – much like a cross-site attack – is to load a malicious payload from the infected sites.

Prevention: Anti-virus can passively identify dangerous scripts. Keep website scripts off as a default if your enterprise suspects an infection.

14 – Drive-By Attack

In a drive-by-attack, malicious code is delivered onto a system or device. The distinction, however, is that no action is needed on the user end, where typically they need to click a link or download an executable.

Prevention: Avoid suspicious websites. Normally, compromised websites are flagged by search engines and anti-malware programs.

15 – Trojan Virus

Trojan malware attempts to deliver its payload by disguising itself as legitimate software. One technique used was an “alert” a user’s system was compromised by malware, recommending a scan, whereby the scan actually delivered the malware.

Prevention: Avoid downloading programs or executables from unrecognized vendors or those that attempt to alarm the user to a serious problem.