The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Live webinar, Oct 13: Attend to learn how you can deduplicate vulnerability and deliver a smarter approach to cyber risk management  | Register  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

Process

The Most Classic Computer Security Threats

Though cyber attacks have become dynamic and more varied in execution, some of the same types of threats still remain. These classic computer security threats first appeared as the internet emerged publicly, but have continued to linger and even evolve.

Orani Amroussi | October 21, 2021

Though cyber attacks have become dynamic and more varied in execution, some of the same types of threats still remain. These classic computer security threats first appeared as the internet emerged publicly, but have continued to linger and even evolve.

Phishing

One of the most famous archetypical computer security threats is the phisher. Phishing is the act of stealing information, often log-in credentials and credit card numbers, often through fraudulent emails from bad actors. Spotting a phisher isn’t as easy as it used to be. They can spoof legitimate email addresses and mimic the formatting of actual vendors. Plus, in 2019, over nine million suspicious emails were reported; a 67% increase from just the previous year. The trend has been towards more targeted, personalized campaigns, rather than bulk emails you can spot as a scam from a mile away. What’s more, phishing emails have been getting clicks more and more often. In 2020, a staggering one in five of all employees were likely to click on a link in an email sent by a phisher. Of the ones who bit the bait, over half—67.5%—will then input their credentials and unwittingly let the phishers in. 

That tenth of your company that has just become a gaping security vulnerability isn’t necessarily at fault either. Common phishing subject lines include panic inducing pronouncements such as “Stimulus Cancellation Request Approved,” or “Changes to your health benefits.” Sometimes, in the post-pandemic age, it’ll be something as mundane as “Zoom: Scheduled Meeting Error.” These are the sorts of emails that you click through without necessarily scrutinizing who sent it. Spotting the difference between www.zoom.us and www.zoon.us is hard enough at a glance without worrying about if your important quarterly review was properly scheduled or not.

Malware

Malware (malicious software) is any intrusive software installed in order to act as a computer security threat. They often destroy data and computers or surreptitiously spy on users. There’s multiple different kinds of malware, from Trojan horses to ransomware to botnets, and they’re all bad news. 

The first computer viruses, dating back to the early 1970s and the inception of ARPANET, were worms, which spread from computer to computer by copying themselves across systems. All the first worm did was flash “Catch me if you can” on infected screens, but malware quickly turned more malicious than mischievous. It’s estimated that malware has now infected over a third of the world’s computers, and losses due to cybercrime are estimated to hit 6 trillion annually, by 2021 -- a number bigger than the combined GDPs of the UK, France, and Italy.

In 1999, the first mass-emailed virus mailed itself to 50 people at a time. The very next year, the ILOVEYOU worm infected an estimated 50 million computers (or, the current population of South Korea), shut down the email servers of the US Pentagon and the UK Parliament, and cost almost $5.5 billion in damages.

That was with tech from the year 2000. Twenty years later, malware has only gotten more and more sophisticated and easier to learn to write. The source code of the malware known as the Zeus Trojan was released as open-source and free for the public to view, use, and improve upon in a quest to steal banking information and credentials.

Trojans

Trojans are a specific kind of malware and like their namesake from Greek mythology, they look harmless at first until you’ve let them inside your computer. Then, they unleash their malware, affecting the system and causing all kinds of untold damage. The aforementioned Zeus Trojan works by logging each and every one of your keystrokes, sending it back to the hacker without the computer owner’s knowledge. While the vulnerabilities it exposed were eventually patched, the Zeus Trojan lives on. After its code was made open-source, it formed the basis for dozens upon dozens of modified Trojans, easily modified into ransomware and the like. 

Trojans are for the patient crook. They can lie in wait for years on a laptop, going undetected by the owner, until the time is right. 

Most employees can’t be expected to be the front line of defense against the thousands of data breaches that occur annually. Most people in general can’t: the sheer amount of threats to look out for are overwhelming. That’s where Vulcan Cyber, armed with the power of AI and machine learning, steps in. We can keep your company safe from the proliferating threats, stopping them before they can even get in, so you don’t have to scrutinize the address of every single email you ever get. Visit Vulcan to get fix done today.