The word Cyberattack strikes fear in every business, but do you know what the specific threats really are? This blog post will give you greater understanding about some of the IT Lingo used to identify and describe the most common and dangerous Cybersecurity threats to your company.
As a leading provider of IT Support services in the greater DC area, Network Depot has a deep understanding of the many types of Cybersecurity threats that companies face. Using our experience, we have prepared this guide for your reference. It’s always good to know your enemy and their tactics, so please read on for more information.
Malware
This catch-all term broadly describes any intrusive program, file, or software that gathers information from a user’s computer without permission.
Computer Virus
A malicious program or programming code that enters a user’s device without their knowledge and replicates by being copied or initiating its copying to another program, computer boot sector, or document. Virus sources are normally infected emails or other downloaded files. Some viruses cause negative impact immediately while others lie dormant. Damage from viruses can range from fairly benign–such as annoying messages or images– to serious harm including the disruption or disabling of a computer’s hard drive or company’s network.
Computer Worm
A computer worm is a standalone malware program that replicates by resending itself as an email attachment or as part of a network message. Unlike a virus, it does not need to attach itself to an existing program to cause damage. It often accesses a company’s network through a security failure on one target computer.
Trojan Horse
A type of malware disguised as a legitimate document or software. It is designed to look innocent in order to trick the user into loading it onto their system. Once the Trojan Horse is activated, Cybercriminals can spy on you, steal sensitive data, and gain backdoor control over a user’s device or a company’s network for their own ends.
Maladvertising or Malvertising
This process involves the insertion of malware-laden advertisements into normal online advertising networks and websites. Cybercriminals exploit the wide reach of legitimate websites and networks to infect the devices of users, even when the targets don’t click on the advertisements.
Ransomware
This is malware designed to steal sensitive data from the rightful user and then hold it for ransom. The Cybercriminal steals the data, encrypts it, and then extorts money from the victim by demanding a ransom be paid in order to receive the decryption key to recover their data. Opinions differ on whether a ransom should be paid, as the criminals sometimes do not return the data even after receiving the payment. Experts recommend that companies should always have excellent backup systems, so that they can easily restore the lost or compromised data without paying a ransom.
Spyware
This is any type of malware that is installed on a user’s device without their knowledge or consent in order to collect personal information about them or their company. The goal of spyware is usually to learn about the user’s internet usage, password data, and other useful information. Spyware usually infects a system by piggybacking on a piece of free software installed by the user. Some developers also bundle spyware with their legitimate software.
Adware
This is any software that downloads or displays unwanted advertisements, such as banners and popup ads, for an online user. It can also redirect search requests to advertisers. Developers can also design Adware to collect marketing data and other user information without the knowledge of the user.
Scareware
This broad term describes any type of malware designed to deceive web users into downloading or purchasing software out of anxiety. Examples of Scareware include pop-ups that look like legitimate Microsoft Windows system warnings for anti-virus software, firewalls, or registry cleaners. The user clicks for assistance and unknowingly downloads malware to their system.
Phishing
Phishing is a malicious attempt to obtain financial or confidential information from companies or individuals, typically by sending an email that appears to be from a legitimate source. The bad guys pose as trusted sources such as a large financial institution or a social networking site. They use the appearance of legitimacy to try to “fish (phish)” for sensitive information from unsuspecting employees.
Spear Phishing
This is a more targeted form of Phishing. Cybercriminals create an email that appears to come from a source closer to the intended target, such as a particular company they do business with or individual from their contact list.
Boss Phishing
This is the latest twist on Spear Phishing. Cybercriminals send an email from a boss or other authority figure, such as a CEO or CFO, asking for the personal information of employees or clients or other sensitive information. The email appears legitimate at first glance with the proper email address, name, and title, which lulls the employee into a false sense of security. However, the email is actually being sent by a Cybercriminal who has either spoofed or forged the boss’s email or has hacked into the email account and taken temporary control over it.
There are effective methods to defend against this wide range of Cyberattacks, as discussed in our earlier blog posts listed below:
Two Keys to Keeping Your Company Secure
Boss Phishing-The Latest Cybersecurity threat you need to know about
The Psychology of a Computer Virus
We also have an informative eBook on how to protect your devices from Cybersecurity threats when surfing the internet called Surf Safely.
For assistance with your Cybersecurity challenges and any other IT-related issues, please contact us here at Network Depot.