The nowadays they are quite frequent due to the use of the Internet that all the activities we carry out require. For this reason, being attacked virtually is a fairly high possibility.
So that you know what a computer security threat is and what its objective is, we have prepared this article. In it you will find all the information related to this important topic.
You can also read a complete list of the main threats to information security that we face today. Do not miss anything if you want to have your data protected.
What is a computer security threat and what is its objective?
We consider an information security threat to Any strategy or action capable of overcoming the protection protocols of a device or network. Whether these are aimed at protecting computer equipment or sensitive information of a large company, SMEs or individuals. Said threats They can have an external or internal origin and can be intentional or due to the carelessness of the user.
For example, natural disasters, inexperience with technological means and infrastructure damage. All of these factors are potential unplanned threats. Nevertheless, planned (or intended) threats are a predominant risk and the most frequent. This is due to the way it works. The more connected a person is to the webthe more you will be exposed to cyberattacks.
As there is a strong combination of skills related to the advanced programming knowledge of hackers and the social engineering it’s much easier spot and benefit from cybersecurity vulnerabilities. Considering these as failures or weak points in the processing, exchange and storage of data.
For this reason, these attacks are aimed at impair the proper handling of information or systems. Bringing with it great economic losses for the companies that depend on it. They are also intended steal private information to receive financial compensation. You must not forget that the blackmail and extortion They are also methods used whenever private data is obtained from people.
List of the main threats to information security that we face today
Staying alert is part of understand what threats you may face every time you browse the Internet. Then it is appropriate to know the main techniques used by cyber attackers.
Here is a list of the main threats:
malware
constitute a set of malicious software that is created with the purpose of infiltrating a person’s devices, regardless of the operating system they have and whether it is a mobile or computer.
The main malicious programs are:
- Virus: are the most common malicious codes. They are capable of spreading easily on technological devices. They put computers to sleep, send spam, generate abnormal traffic and steal information, among other actions.
- logic bombs: also called “of time” They are a subtype of virus that have the particularity of being activated by means of a certain command that the user executes, when a date arrives or when a specific action is carried out. This causes devastating effects, which range from the deletion of files to its use for DDoS cyberattacks.
- worms: worms or computer worms are malware that have a great ability to reproduce without the need for user action. They hide in the automated functions of the OS to remain undetected. In general, they are not easy to detect except when their reproduction takes too much of the resources of the computer. They mainly aim to attack the network using email and programs to make copies of themselves.
- Trojans: Its name is due to the Trojan horse from mythology and is based on its particular harmless appearance and its ability to hide in some computer element. Therefore, the user downloads it confidently and inadvertently authorizes hackers to enter their entire computer. Usually, when they run, they destroy files, send data to remote sites, and gain full control of your computer.
- root kits: This refers to a group of software that nests in the OS to give remote access to an intruder. They are very slippery, which is why they tend to bypass the controls of antivirus and other security systems. Depending on the level of authorization you have achieved, you can have access to the entire administration of the computer.
Ransomware
One of the most feared computer viruses due to its ability to “hijack” the device. As an obstacle, they impose an access password that only intruders know. With this they ensure that you cannot use your computer until you release funds or perform the task that they indicate.
It is common for them to ask credit card and bank account passwords, among other data. The key to your success is computers without updates, with detectable vulnerabilities and without reliable antivirus. The ransomware Petya Y wannacry they are well known as the ones that have wreaked the most havoc.
adware
If when you browse the net you find endless ads, pop-ups and pop-ups it is very likely that you are in the presence of adware software. Although many take it as a less harmful malware, it significantly affects the performance of the computer. It even gives rise to harmful spam and phishing.
Spam
A spam is it a message or email for advertising or malicious purposes Usually shipped in bulk. Through this method, the frauds of the Phishing. That’s not counting the thousands of viruses that it spreads to devices. Therefore, far from being harmless emails that fill your mailbox, they are more dangerous than they appear. Try to remove them immediately every time you see one in a folder in your mail.
Phishing
Widely used to execute financial fraud, Phishing Disguises an email as coming from a legitimate source and installs malicious code on your device. They can pose as banks, insurance or public services to build trust in the user who will open the email. In this way, they manage to access private data that may be sensitive in aspects personal and economic. It is considered a class of Spam.
Social engineering
They are a broad set of practices that seek to exploit weaknesses in the human business component. They appeal to growth desires and look for weaknesses to extract relevant corporate information. Yet they profit from employees’ computer inexperience and job dissatisfaction. Later use other techniques to access the network and thus obtain benefits.
Advanced Persistent Threats
also calls ATPs. In contrast to those random attacks, ATPs are highly organized hacking strategies. They are characterized by exploring the vulnerabilities of a certain entity over time to develop custom malware so that they can penetrate the protection barriers.
Using in turn to achieve their objectives, direct their “computer assault” with the help of a human component that is in charge of monitoring their progress. This helps to correct deviations and thus be able to continue obtaining for a long period data and achieve damage.
DoS and DDoS attacks
In this class of server intrusion it is observed a continuous denial of services to those users who have legitimate access. With this, it is possible to hinder different actions. For example, online purchases, platforms or cloud services. Logically, every minute with the server down generates monetary losses.
Its operation is based on flood the hosting with requests to overload the server and in this way to the websites that are hosted on them. This prevents normal operation by denying access to people who want to enter as they always do. while the threat Two is done from a single machine, the DDoS act different.
This latest cyber attack You can use the famous “zombie network” or “Botnets” which are a set of infected computers that attack constantly. Since this overloaded traffic is done from multiple computers spread all over the world, it is more complicated to exterminate. It should be noted that the objectives always in sight are online stores and casinos. Without forgetting the companies that use their website to sell.
Brute force
This is one of the most classic modalities where the attacker employs various tools to crack a user password. Using dictionary or inverse techniques, they try combinations until they find the correct password, giving the cracker access to banking platforms, online services, files, WiFi networks and encrypted files.
In fact, they have specialized in creating automated software such as John the Ripper, Brutus either THC Hydra to easily guess the credentials. That is why, when users create a weak password or repetitive behavior increases the risk of being attacked. An example of this is the Stuffing where they use username and password games.
sniffing
Another technique that has undermined cybersecurity is sniffing.. With it, malicious agents use a software or hardware component to “listen” to web traffic. only the advanced encryption tactics They can make this danger disappear from an infected computer or mobile.
trashing
Until the data you discard can be used against youthis is the origin of the term Trashing. This cyber attack refers to a computer crime that extracts personal or private data directly from the recycle bin. Therefore, every password, browsing history or file that passes through there could be analyzed by intruders.
farming
Such cybercrime method goes unnoticed by most people. The farming is the action of lure visitors to contaminated or fraudulent websites. In general, they use the redirection of secure web pages and with this measure they manage to get the unsuspecting visitor to give up valuable personal information.
Intrusion into Cloud services
Most of the companies do not stop to make a correct study of the cloud technologies next to the CSPs. Cloud services are still considered as means that can be vulnerable to cybercriminals due to the existing possibility that exists in this data hosting type. Therefore, you must know what security measures your provider takes before storing data there. For this reason, it is always advisable to use supports known as OneDrive either iCloud.
Social media manipulation
The social networks that exist can make you become a victim of information manipulation through a cyber attack. For experienced hackers it is quite easy to enter one of them and extract the information they want.
of course these obtain files, data or images that…
Facebook Comments
Disqus