CYBER SECURITY THREATS

AND ATTACKS
Lecture # 01
Instructor: Mr. Sharjeel Ahmed
Slide Elements
• What is Threat in Cyber-Security?
• Types of Cyber-Security Threats
• Cyber Threat Actors
• Practices to Protect from Cyber Threats
CYBER SECURITY THREATS
What is Cyber-security?
• Cyber-security is the art of protecting networks, devices, and data
from unauthorized access or criminal use and the practice of ensuring
confidentiality, integrity, and availability of information.

• It is the practice of defending computers, servers, mobile devices,

electronic systems, networks, and data from malicious attacks.

• Everything relies on computers and the internet now -

communication (e.g., email, smartphones, tablets), entertainment
(e.g., interactive video games, social media, apps ), transportation
(e.g., navigation systems), shopping (e.g., online shopping, credit
cards), medicine (e.g., medical equipment, medical records), and the
list goes on.
What is a Threat in Cyber-security?
• A cyber-security threat is a malicious and deliberate attack by an
individual or organization to gain unauthorized access to another
individual’s or organization’s network to damage, disrupt, or steal IT
assets, computer networks, intellectual property, or any other form of
sensitive data.

• No business and IT organization are safe in the present cyber world.

As cybercriminals increasingly rely on sophisticated technologies,
organizations often feel hopeless as their confidential data and critical
assets fall prey to malicious attacks.

• Moreover, the rapid adoption of emerging technologies, including AI,

the Internet of Things (IoT), and cloud computing, have added new
cyber threats for organizations while adding complexity to existing
risks.
TYPES OF CYBER SECURITY THREATS
Types of Cyber-security Threats
• While the types of cyber threats continue to grow, there are some of
the most common and prevalent cyber-threats that present-day
organizations need to know about:
i. Malware
ii. Phishing
iii. Spear Phishing
iv. Main in the middle Attack
v. Denial of Service Attack
vi. SQL Injection
vii. Zero-day Exploit
viii. Advance Persistent Threats (APT)
ix. Ransomeware
x. DNS Attack
1. Malware
• Malware attacks are the most common cyber security threats.

• Malware is defined as malicious software, including spyware,

ransomware, viruses, and worms, which gets installed into the system
when the user clicks a dangerous link or email.

• Once inside the system, malware can block access to critical

components of the network, damage the system, and gather
confidential information, among others.

• According to Accenture (IT-Company), the average cost of a malware

attack is USD 2.6 million.
1. Malware (Cont. )
2. Phishing
• Cybercriminals send malicious emails that seem to come from
legitimate resources.
• The user is then tricked into clicking the malicious link in the email,
leading to malware installation or disclosure of sensitive information
like credit card details and login credentials.
• Phishing attack accounts for over 80% of reported cyber incidents.
3. Spear Phishing
• Spear phishing is a more sophisticated form of a phishing attack in
which cybercriminals target only privileged users such as system
administrators and C-suite executives.

• More than 71% of targeted attacks involve the use of spear phishing.
4. Man in the Middle Attack
• Man in the Middle (MitM) attack occurs when cyber criminals place
themselves between a two-party communication. Once the attacker
interprets the communication, they may filter and steal sensitive data
and return different responses to the user.
• A man-in-the-middle attack like this is generally not possible if the
initial request from the customer uses HTTPS.
• According to Netcraft (Internet services company), 95% of HTTPS
servers are vulnerable to MitM.
5. Denial of Service Attack
• Denial of Service attacks aims at flooding systems, networks, or
servers with massive traffic, thereby making the system unable to
fulfill legitimate requests. Attacks can also use several infected
devices to launch an attack on the target system. This is known as a
Distributed Denial of Service (DDoS) attack.

• The year 2019 saw a staggering 8.4 million DDoS attacks.

6. SQL Injection
• A Structured Query Language (SQL) injection attack occurs when
cybercriminals attempt to access the database by uploading
malicious SQL scripts. Once successful, the malicious actor can view,
change, or delete data stored in the SQL database.

• SQL injection accounts for nearly 65.1% of all web application attacks.
7. Zero-day Exploit
• A zero-day attack occurs when software or hardware vulnerability is
announced, and the cybercriminals exploit the vulnerability before a
patch or solution is implemented.

• If a hacker manages to exploit the vulnerability before software

developers can find a fix, that exploit becomes known as a zero day
attack.
8. Advanced Persistent Threats (APT)
• An advanced persistent threat occurs when a malicious actor gains
unauthorized access to a system or network and remains undetected
for an extended time.

• 45% of organizations feel that they are likely to be the target of an

APT.
9. Ransomware
• Ransomware is a type of malware attack in which the attacker locks
or encrypts the victim’s data and threatens to publish or block access
to data unless a ransom is paid.

• There is no guarantee of regaining system access even after the

ransom is paid.

• Phishing emails are the most common source of ransomware. Upon

clicking the malicious links or attachments in the phishing email, the
malware corrupts the user’s system or control server.
10. DNA Attack
• A DNS attack is a cyberattack in which cybercriminals exploit
vulnerabilities in the Domain Name System (DNS).

• The attackers leverage the DNS vulnerabilities to divert site visitors to

malicious pages (DNS Hijacking) and remove data from compromised
systems (DNS Tunneling).
CYBER THREAT ACTORS
Cyber Threat Actors
• In order to respond effectively to a cyber attack, it’s imperative to know
the threat actors and understand their tactics, techniques, and
procedures. Some common Sources of cyber threats are:
i. Nation States
ii. Criminal Groups
iii. Hackers
iv. Terrorist Groups
v. Hacktivists
vi. Malicious Insiders
vii. Corporate Spies
Cyber Threat Actors (Cont. )
• Nation States: Cyber attacks by a nation can inflict detrimental impact
by disrupting communications, military activities, and everyday life.

• Criminal Groups: Criminal groups aim to infiltrate systems or

networks for financial gain. These groups use phishing, spam,
spyware, and malware to conduct identity theft, online fraud, and
system extortion.

• Hackers: Hackers explore various cyber techniques to breach

defenses and exploit vulnerabilities in a computer system or network.
They are motivated by personal gain, revenge, stalking, financial gain,
and political activism.
Cyber Threat Actors (Cont. )
• Terrorist Groups: Terrorists conduct cyber attacks to destroy,
infiltrate, or exploit critical infrastructure to threaten national security,
compromise military equipment, disrupt the economy, and cause mass
casualties.

• Hacktivists: Hacktivists carry out cyberattacks in support of political

causes rather than for financial gain. They target industries,
organizations, or individuals who don’t align with their political ideas
and agenda.

• Malicious Insiders: Insiders can include employees, third-party

vendors, contractors, or other business associates who have
legitimate access to enterprise assets but misuse that accesses to
steal or destroy information for financial or personal gain.
Cyber Threat Actors (Cont. )
• Corporate Spies: Corporate spies conduct industrial or business
espionage to either make a profit or disrupt a competitor’s business by
attacking critical infrastructure, stealing trade secrets, and gaining
access.
PROTECT FROM CYBER THREATS
Practices to Protect from Cyber Threats
Protect from Cyber Threats (Cont. )
• Create an Insider Threat Program: Creating an insider threat
program to prevent employees from misusing their access privileges
to steal or destroy data.

• Train employees: Organizations must conduct comprehensive cyber-

security awareness programs to train employees in recognizing and
responding to cyber threats.

• Backup Data: Backing up data regularly helps reduce the risk of data
breaches. Back up your website, applications, databases, emails,
attachments, files, and more on an ongoing and consistent basis.

• Initiate Phishing Simulations: Organizations must conduct phishing

simulations to educate employees on how to avoid clicking malicious
links or downloading attachments.
Protect from Cyber Threats (Cont. )
• Regularly Update Systems and Software: As cyber threats are
evolving rapidly, your optimized security network can become
outdated within no time, putting your organization at the risk of cyber-
attack. Therefore, regularly update the security network and the
associated systems and software.

• Build a Cyber Incident Response Plan: Organizations of all sizes

must build an effective Cyber Security Incident Response Plan
(CSIRP). It enables businesses to prepare for the inevitable, respond
to emerging threats, and recover quickly from an attack.

• Secure Site with HTTPS: Organizations must encrypt and secure

their website with an SSL (Secure Sockets Layer) certificate. HTTPS
protects the integrity and confidentiality of data between the user and
the website.