What is a cybersecurity threat?

The purpose of this article is to explore the common cybersecurity threats, the people and/or organizations behind the threats and some strategies you and your organization can use to protect yourself from these threats. 

Cyber attackers are a continual threat to everyone both individuals and organizations. These attackers evolve their strategies and tactics all the time with the purpose to steal sensitive information or deploy malware for their own gain. 

What is a cybersecurity threat? 

A cybersecurity threat is a malicious act against an individual or an organization to steal sensitive information using different strategies and tactics.  The sensitive information will be used for monetary gains, militaristic options, espionage, revenge, or increased reputation. 

These cybersecurity threats are continuously evolving as cybersecurity teams figure out ways to prevent the threats from penetrating their organizations. 

Top Cybersecurity Threats

In 2021, the top cybersecurity threats were as follows:

  • Phishing attacks
    • Phishing is a malicious act of a cybersecurity attacker tricking you to hand over sensitive personal or organizational information for financial gain. Phishing is like throwing the net into the water and seeing what fish you can capture. Typical phishing is either through email, smishing (SMS), or vishing (phone). The attacker throws out a broad net and sees who bites and attacks the people who were caught in the net. 
    • Targeted phishing to an individual is called spear phishing. In fishing, you spearfish to catch one fish at a time. That is how it works in phishing. If the target is a c-level or executive it is called whaling. The attacker learns everything they can about the person who is targeted and sends a communication to them to earn their trust and get them to bite and reveal personal or organizational sensitive information. 
  • Ransomware attacks
    • Ransomware is a type of malware, malicious software, that locks a device and/or hard drive until a ransom is paid. When the ransom is paid, the cyber gang provides the key to unlock the affected devices. There is a new twist in these types of attacks. Typical attacks in 2021 are not only doing ransomware but also threatening to release sensitive information online if the ransom is not paid. Too many organizations paid these ransoms in 2021. This type of attack will continue to increase into 2022.
  • Supply Chain Attacks
    • In 2021, the transportation industry suffered a bunch of supply chain attacks.
      • An example is the Colonial Pipeline attack – a ransomware attack that temporarily shut down its pipeline operations which caused fuel supply chain issues. They paid the DarkSide hacker group $5 million dollars.
  • Vulnerable Software
    • In 2021, we had the log4j vulnerability, which is a logging application that applications use to log different severity of events in an application. This vulnerability created havoc across the industry. Log4j, owned by the Apache foundation, is used in lots (hundreds if not thousands) of applications around the world. That vulnerability allowed for malware and ransomware attacks to be launched using remote code execution

Common Cybersecurity Threat Actors 

\"\"/

Let\’s explore the different threat actors that exist in the world today.

  • Nation-states – In China, Russia, North Korea, and other countries have organized military-sponsored teams whose job is to steal sensitive information, perform espionage, and disrupt life in other countries through the electrical grid, supply chains, etc. 
  • Cyber gangs – Around the world, cyber gangs came to prominence in 2021 with different ransomware attacks against organizations and the supply chain. They are organized groups of hackers whose main job is to release ransomware for financial gain. 
  • Hacktivists – these groups of attackers want to bring awareness to political or social issues. 
  • Insiders – an underestimated group of internal employees, contractors, vendors, or business partners wanting to perform malicious activities against an organization for various nefarious reasons. 

Protect you and your organization against cybersecurity threats

The best strategy against these cybersecurity threats is using a defense-in-depth or a layered defense strategy for your organization. Start with the following layers:

  • cybersecurity awareness of your users
    • a yearly cybersecurity awareness training for everyone should be mandatory. 
    • training needs to be current and not a repeat of last year\’s training. Threats evolve and users need to know how to protect themselves from evolving threats. 
  • harden your devices
    • using virus and malware detection on your devices to protect them from threats is critical today
    • use host firewalls on your devices 
    • don\’t put passwords on stickies near your computer
    • use complex passwords
    • make sure to lock your screen when not in use even if working from home to keep your kids off your devices
  • harden your data
    • protect sensitive information with encryption
    • shred any physical documents.
    • don\’t leave sensitive information lying around physically or virtually
  • harden your networks
    • use intrusion protection systems (IPSes), firewalls, etc to protect the network\’s perimeter.
  • harden your servers
    • use host firewalls on your servers to lock down ports and services
    • encrypt any communications coming into and out of the server through VPNs, SSH, etc.
  • strengthen your policies and procedures
  • monitor your online activities continuously and act upon the alerts

A strong cybersecurity strategy for you and your organization and continuously validating your protections through penetration testing are strong ways to keep you and your organization safe from harm. 

Consider tools that utilize AI if you have not already for your monitoring activities. Attackers are getting more complex and it is harder for system administrators to be on guard 24×7 but a good monitoring tool with AI can help and save your organization money over the long run. 

Conclusion

In this article, we have explored what is a cybersecurity threat, what were the top threats in 2021, who are the cybersecurity threat actors, and what are some ways you can protect your organization from these threats. Unfortunately, cybersecurity teams have to be on their toes 24×7 to protect an organization\’s people and network from attacks. Using a variety of strategies and techniques is the best way to combat these threats and hopefully prevent a cybersecurity breach from hitting your organization in the future. 

If you have any questions or comments please leave them below. 

Dr. M

Dr. M

Leave a Reply

Your email address will not be published. Required fields are marked *