Cyber threats, or cybersecurity threats are any possible malicious attacks on data or an organization's IT equipment that aim to gain unauthorised access to data. Attacks can be random or they can be targeted, organized and may originate from individuals or from a variety of entities, including terrorist groups, hostile national states, criminal organizations, hackers, but can also come from within an organization from disgruntled employees or corporate spies.
What cyber threats can do
- an attacker can illegally obtain data and use it to steal other data information
- an attacker can gain access to financial accounts, steal funds or otherwise damage the organization
- an attacker can obtain personal information and use it against specific people, employees
- the attacker can obtain information that is of an intellectual property nature
- loss or corruption of data can cause long-term damage to a compromised organization, in extreme cases even causing its
extinction
Main cyber threats
- Data encryption (Ransomware)
- Malicious code (Malware)
- Denial of service (Denial of Service)
- Attack „Man in the Middle" (MitM)
- Phishing - type of social engineering attack
- Identity Theft
- Information Leakage
- Web based attacks
- Web application attacks
- Network of infected computers (Botnets)
- Physical Theft / Loss / Damage
- Insider threat
- Spam
- Security holes (Exploit kits)
- Data breaches
- Cyber espionage
Why it is important to know cyber threats
- Threat identification is the second step of cybersecurity risk analysis
- Together with primary assets and vulnerabilities, they help identify risks
Maintaining an overview of cyber threats is essential for risk management
- Information security risk management requires that you have an understanding of the cyber threats from which the risks arise
- Creating a list of cyber threats is therefore one of the inputs for risk analysis. Take a look how you can create your computer catalogue Threats
