As an IT security professional, you must be hyper-aware of all the possible types of cyber-attacks to your network and your business. This has always been one of the most difficult parts of your job, considering the ingenuity and perseverance of the criminals we must guard against, and how frequently cyber-attacks can multiply as our systems (and the technology we rely on) evolve and expand. And now, your security operations processes are further challenged as your workforce shifts to 100% remote.

Now is the time to make sure your organization is able to identify and detect the most prevalent, and potentially the most harmful types of cyber threats against your organization today. The following are nine types of cyber-attacks every security professional needs to be aware of.

• Network intrusion

​​​​​​​Intrusion refers to any unauthorized activity on your network, stealing valuable resources that result in placing your organization’s security at risk. There are a number of common cyber-attack techniques that make up intrusions, including multi-routing, covert scripts, protocol impersonation, and traffic flooding. Network intrusions often present as unusual behaviour, but not necessarily abnormal, which makes them difficult to detect and thus, slip under manual supervision.

• Ransomware

Perhaps the most vicious of threats posed by cybercriminals, ransomware seeks to hold business systems hostage for the purpose of extorting money from victims. It is one of the most common cyber-attack models being used today, in large part because these attacks are successful and often result in pay-outs in the tens of millions. Over the years we’ve seen several examples of why ransomware is one of the most effective and dangerous types of cyber-attacks.

What does ransomware look like? An attack often begins with an on-screen notification that data on your network has been encrypted and will remain inaccessible until the specified ransom has been paid, and a decryption key will follow. Failure to pay results in the key being destroyed, rendering the data inaccessible forever.

• Insider threats

Security insider threats occur when someone close to an organization with authorized access misuses that access to compromise your company’s data or critical systems. Insiders do not have to be employees; they can also pose as partners, third-party vendors, and contractors. That’s the most difficult aspect of detecting an insider threat—it begins with humans, not systems.

• Brute force attacks

We’ve all seen an action movie where the criminal mastermind uses a high-powered computer to cycle through thousands of passwords in order to access a government facility. Well, this common cyber-attack is not necessarily the stuff of fiction. That is essentially a brute force attack—letting the computer do the work, trying possible combinations of usernames and passwords until it finds the right one.
Among the best defences against brute force attacks are multi-factor authentication, as well as requiring frequent password changes with complex alpha-numerical character combinations, making threat detection more likely.

• DDoS attacks

​​​​​​​A distributed denial of service (DDoS) attack takes place when criminals attempt to disrupt normal traffic on a network or to a server or system. Typically, this is done by overwhelming the target’s infrastructure with a flood of internet traffic. Think of it like a traffic jam clogging up the highway, preventing normal traffic from arriving at its destination.

• Data exfiltration

Data exfiltration is the unauthorized movement of data outside of your organization. This common cyber-attack is often conducted manually—for example, information stolen with a printer or a thumb drive by someone with access to company systems or through external malicious actors who have gained access. It can also be executed via outbound email, transmitted to a third party as a file attachment, or via file transfer to an insecure local device such as a smartphone, laptop, camera, or external drive.

• Malware

Short for malicious software, malware is code developed by criminals and designed to gain unauthorized access to a network or cause severe damage to data or systems. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware. It is one of the oldest methods of security threat (first appearing in the 1970s) but remains one of the most effective, preying on human nature.

• Compromised credentials

Also known as credential stuffing, compromised credentials is perhaps the most prevalent emerging cyber threat in 2020. Imagine you are a subscription streaming service with users who use the same credentials across similar services or related access points, such as Amazon a bank account. A criminal can use compromised credentials to break into these systems and gain further access, including to your service.

• Policy violations

Cybersecurity policies and guidelines outline rules for items such as network access, data access, use of passwords, encryption, as well as dictate a hierarchy of access permissions—that grant users access only to what is necessary for the completion of their work— specifies these rules for individuals, as well as groups of individuals throughout the company.
These security policies should keep the malicious users out and also exert control over potential risky users within your organization. No matter whether it is your organization that flouts compliance requirements or individuals in your organization that skirt the rules, it creates openings for criminals to take advantage of and access your network and compromise your systems.

Agape Solutions recognizes that better, stronger, more effective cybersecurity starts with a smarter approach. Our solutions provide new ways to monitor all internal network traffic, while capturing and feeding the right data to existing security tools to improve threat detection and surgically disrupt intrusions. Customers in a range of industries rely on our solutions each and every day to accelerate incident response, automate breach detection, and protect their most critical assets and applications.