Present and past cyber threats

Point-of-sale malware

Point-of-sale malware

Attackers use <a style="color: #ed1e24" href="http://bit.ly/1yfmYVw" target="_blank">POS malware</a> to steal payment card data. The malware enabled some of 2013 and 2014's biggest breaches, including Target and Home Depot. Backoff and BlackPOS are two examples.
Ransomware

Ransomware

<a style="color: #ed1e24" href="http://bit.ly/1B9Q9M9" target="_blank">Ransomware</a> is a type of malware that forces restrictions on the system it infects and requires users to pay a ransom to lift them. Some ransomware encrypts files. others cause a screen to pop up incessantly. Ransomware exists for personal computers and also for mobile devices. Examples include CryptoLocker and CryptoWall.
Denial-of-Service and distributed denial-of-service attacks

Denial-of-Service and distributed denial-of-service attacks

A <a style="color: #ed1e24" href="http://bit.ly/12kTNne" target="_blank">denial-of-service (DoS) attack</a> typically involves one computer being used to bring down a network by flooding it with traffic. A distributed denial-of-service (DDoS) attack is similar, only multiple systems – generally compromised and enlisted into a botnet – are used. There are various types of DDoS attacks, including Domain Name Server amplification, and SNMP reflection.
Exploit kits

Exploit kits

<a style="color: #ed1e24" href="http://bit.ly/1CC9XJG" target="_blank">Exploit kits</a> are toolkits that automatically exploit bugs in systems that are running vulnerable software applications, typically for the purposes of delivering malware. After navigating to a compromised website, exploit kits take advantage of flaws in Java, Adobe Flash, Internet Explorer and more, and the infection often happens without the knowledge of the victim.
Botnets

Botnets

Malware is used to turn a computer into a bot, which can then be used to perform automated tasks over the internet, possibly without the owner ever knowing. Bots are often used to infect a large number of systems, thus forming a botnet. <a style="color: #ed1e24" href="http://bit.ly/1AcdJVj" target="_blank">Botnets</a> can be used for any number of purposes, including spreading malware, attacking servers and distributing spam. The Cutwail botnet is one example, which has been known to deliver financial malware such as Zeus and Gameover.
Insider threats

Insider threats

The <a style="color: #ed1e24" href="http://bit.ly/12n99Zb" target="_blank">insider threat</a> is fairly self-defined – a threat that comes from within an organization, typically a person. In September, the Internet Crime Complaint Center (IC3) warned that disgruntled and former employees had been increasingly engaging in computer network exploitation and disruption. These individuals use their access to destroy data or steal information, sometimes attempting to extort the organization. These incidents can cost anywhere from $5,000 to $3 million in damages.

Although threats are a constant in the security world, new ones continue to pop up as attackers design new tactics. This list mentions some of the major threats the security community has seen.

More Slideshows

Topics:

You must be a registered member of SC Media US to post a comment.