Common Threats and Attacks

The most common cyber threats and attacks are delivered via email phishing or exploitation of already known vulnerabilities on servers or user devices such as desktops, laptops, smart devices and tablets. Many of these threats are indiscriminate but some are targeted towards businesses.

Without proper security measures in place, every piece of data we generate, whether intentionally or passively, could be misused. That's why implementing security is critical for controlling how data is used.

Based on the  NCSC Incident trend report 2018 - 2019 the top five cyber incidents affecting UK organisations are:

1. Email compromise

Email compromise or business email compromise is when an email account has been compromised and an attacker is impersonating you to scam others in your contact list. The attacker seeks to gain the trust of your contacts to exploit them for money or data or to get them to download malware.

2. Phishing attacks

Phishing is when attackers attempt to trick users into doing 'the wrong thing', such as clicking a bad link that will download malware, or direct them to an unsafe website. The term phishing is mainly used to describe attacks that arrive by email. Phishing emails can reach millions of users directly, and hide amongst the huge number of benign emails that busy users receive.

Attackers can install malware, sabotage systems, or steal intellectual property and money. An attack can have devastating results. For individuals and business, this includes unauthorised purchases, the stealing of funds, data or identity theft. Phishing emails can hit an organisation of any size and type. You might get caught up in a mass campaign (where the attacker is just looking to collect passwords or make easy money), or it could be the first step in a targeted attack against your company. The aim could be something much more specific, like the theft of sensitive data. In a targeted campaign, the attacker may use information about your employees or company to make their messages even more persuasive and realistic - this is referred to as spear phishing.

Other types of phishing:

  1. Smishing stands for SMS phishing. With smishing, a test message is sent to the user's phone instead of email account. The text message usually asks the user to call a phone number or go to a website to take immediate action.

  2. Vishing (voice or VoIP phishing) is an electronic fraud tactic in which individuals are tricked into revealing critical financial or personal information to unauthorized entities usually over the phone.

  3. Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer.

3. Supply chain attack

New guidance from the NCSC on how to take practical steps to help organisations assess cyber security in their supply chains.

A supply chain attack is a cyber attack that seeks to damage an organisation or business by targeting less secure elements in the supply network. An organisation's supply chain includes the suppliers and services that an organisation needs to deliver its business.  

A supply chain attack can occur in any type or size of industry. As your organisation or business grows and starts to work with more customers, partners and suppliers, you become a link in one or more complex supply chains. Being a desirable, trustworthy supplier or customer now extends far beyond delivering good products or services, you must protect and secure the data of suppliers and customers.

Conducting business online means that you must observe good practice (in many cases, compliance) when it comes to cyber and information security. Device and system vulnerabilities put not only your own organisation or business at risk but also that of others in your supply chain.

Supply chain vulnerability risks

  • Customer/client, supplier and partner data are held increasingly on disparate, distributed databases, so one vulnerability could compromise the integrity of the entire chain.

  • Every time a new organisation joins the supply chain, the greater the risk of a security breach.

  • Financial safety, employee safety, intellectual property, data compliance, finances and reputation are all at stake, for all organisations in the chain. 

  • Data could also be shared between more links in the chain, for example via email or a single point of access online portals.

4. Vulnerability scanning

Vulnerability scanners are tools used to find weaknesses or exploitable vulnerabilities in the infrastructure or code of a website. They can be used just as effectively by the “bad guys”, (known as black-hat hackers) to gain access to your devices, systems through any vulnerabilities found. A malicious security breach can have devastating results; this includes unauthorised purchases, the stealing of funds, data or identity theft.

Best practice for organisations/businesses is for penetration testers, (known as white-hat hackers), to run vulnerability scanners against your IT systems and web sites before they are ever deployed. Any vulnerabilities found are quickly corrected, maintaining security prior to launch.

5. Internet of Things (IoT)

In the broadest sense, the term Internet of Things encompasses everything connected to the internet. Usually shortened to the IoT, this collective allows smart devices such as wireless lights, thermostats, home security sensors, TV’s, intelligent streetlights, smart meters, and much more to connect, talk to each other and also to us.

The Internet of Things allows us to carry out activities far easier and faster than ever before. It can help improve how we live and interact with everyday objects. As the cyber landscape develops, we must ensure that it does not present hackers with a back door into our lives. Smart devices present a great opportunity for hackers and a great vulnerability to our security. It is essential that we understand the risks and potential threats associated with their use.

If one thing can prevent the Internet of things from transforming the way we live and work, it will be a breakdown in security.

Many smart devices do not have appropriate security built in. The UK government is working with suppliers to implement their IoT code of practice which will help ensure that smart products in the UK are designed with security in mind.