There are two types of cyber threats, Active and Passive attacks
An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target. An Active attack attempts to alter system resources or affect their operations. Hacker steals an authorized user’s login information. The intruder gains access and the ability to do anything the authorized user can do. The active attack involves some modification of the data stream or creation of the false statement
A Passive attack attempts to learn or make use of information from the system but does not affect system resources. In a passive attack, the attacker intercepts the transit information with the intention of reading and analyzing the information not for altering it.
Cybersecurity reports by Cisco show that thirty-one percent of organizations have at some point have encountered cyber-attacks on their operations technology. By and large, research indicates that cybercrime is on the rise — news headlines support these findings as major companies like Marriott, Equifax, Yahoo, and Facebook find themselves in the crosshairs of cyber attacks. In cyber attacks, a series of companies exposed almost 600 million citizens’ CVs.in April 2019. April 2019 saw 1,334,488,724 breached records. ( Read more at https://www.thesslstore.com/blog/80-eye-opening-cyber-security-statistics-for-2019/)
Organizational awareness for cybersecurity is on the rise, But hackers are finding new and creative ways to bring organizations to their knees.
Cryptojacking also called crypto-malware is one of the latest cybersecurity threat. Cybercriminals hijack third-party home or work computers to “mine” for cryptocurrency. Ransomware has been one of the biggest threats impacting businesses in the past two years, exploiting basic vulnerabilities including lack of network segmentation and backups, According to Symantec, UK cryptojacking attacks increased 1,200%, in recent times.
2. Fileless Malware
Fileless malware is a type of malicious software that uses legitimate programs to infect a computer. Attackers program file-less malware to occupy the RAM. Cyber threat analysts find it hard to trace this kind of malware as they don’t have any file on the hard drive and don’t leave any footprint.Ponemon Institute claims that fileless attacks are 10 times more likely to succeed than file-based attacks.
3. IoT security issues
Companies are adding more and more devices to their infrastructures, According to Statista.com, the number of devices connected to the IoT is expected to reach almost 31 billion by 2020. Cybersecurity is often the last consideration when it comes to IoT. They are more prone to cyber attacks.
4. Zero-day threats
A threat that exploits the computer’s security vulnerability.A cyber attack which takes place before or on the first (or “zeroth”) day of a developer’s awareness of the exploit or bug.
5. Cross-site scripting (XSS)
6. Mobile malware
Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches. it is a growing threat to consumer devices. The number of mobile malware attacks has doubled in 2018. Mobile malware is becoming more effective as cybercriminals improve their distribution strategies and it is on rising as the world is going mobile.
7. Banking Malware
Banking malware is a class of information stealing malicious software that targets the financial industry It delivers the information to cybercriminals to steal money from victims. Emotet malware originally engineered as a banking trojan is one of the most dangerous strains of malware.The trojan is primarily spread through spam emails to steal sensitive information. Global Threat Index reported that over the preceding four months, banking Trojans had increased their global impact by 50 percent.
Stegware is the use of steganography by malware to avoid detection. Steganography is a method of concealing a file, message, image or video within another file, message, image or video. Researchers at RSA Conference 2018 discussed the rise of stegware hacking tools that use steganography techniques. Steganography is the latest weapon of cyber attackers. Steganography is used to hide the various type of malware.
9. Connected Cars and Semi
Autonomous Vehicles-By 2020, an estimated 90 percent of new cars will be connected to the internet, according to a report titled “7 Connected Car Trends Fueling the Future. One recent study suggests 2035 as a more reasonable date for most cars to be self-driving, with nearly all cars being autonomous by 2050. For hackers, this evolution in automobile manufacturing and design means yet another opportunity to exploit vulnerabilities in insecure systems and steal sensitive data. In addition, connected cars pose serious privacy concerns.
10. Phishing Scams
Phishing is a fraudulent attempt, usually made through email, to steal your personal information. According to the 2019 State of the Phish report from security experts Proofpoint, two-third of us knows what is phishing and how to be protective. Hackers are developing new ways of phishing. Recent phishing scams of 2018-19 indicate how cybersecurity challenges are coming up.
1.Attempts to use Google Translate
2.Apple phishing scam
3.Netflix payment details
4.Vacation rental scams
5.fake Instagram assistance apps
Phishing scams are evolving and need to be taken care in 2019