top of page
TYPES OF THREATS
Cybersecurity threat actors steal data and damage or disrupt computing systems with various goals in mind. Cybersecurity threats may arise from hostile sources, like state-sponsored attacks and malicious hackers, or trusted individuals, such as untrained or disgruntled workers.
Knowing your enemies and their tactics is critical to protecting your organization's technologies. CTIQ provides insight into the threats targeting your environment so you know exactly who and what you're up against.
CYBER THREAT ACTORS
COMMON CYBER THREATS
BRUTE FORCE ATTACKS
Aim to breach credentials or personal data through rapid trial and error. The attackers test random passwords until they break in via “brute force.” In a reverse brute force attack, the password has already been breached and is tested against a database of usernames.
CREDENTIAL DUMPING
An attacker extracts hashed or encrypted passwords from compromised systems in credential dumping. The credentials can be decrypted or rehashed later and may be used in future attacks. Credential dumping exploits the common bad habit of using the same password for multiple accounts.
DISTRIBUTED DENIAL-OF-SERVICE (DDOS) ATTACKS
A DDoS attack is an attempt to flood websites, servers, and other online services with traffic, rendering them unusable. The brute force-style attack prevents users from accessing their accounts and disrupts business operations.
LIVING OFF THE LAND (LOTL)
LOTL is a cyberattack technique that uses native tools within the compromised system to sustain the attack, rather than installing malicious code or scripts.
TRICKBOT
TrickBot malware works in phases to access confidential data, change network traffic, or open a backdoor for future attacks. TrickBot attacks first disable antivirus software, then extend privileges to spread plug-ins and load malware. The data collected is externally forwarded to the attacker with little to no trace.
COMMAND AND CONTROL
In a command-and-control attack, a hacker takes over a computer to send commands to other systems on the network. The attacker may move laterally across the network to gather data or launch attacks.
CROSS-SITE SCRIPTING (XSS)
XSS attacks occur when an attacker sends a website user malicious code through a browser script. Neither the browser nor the user can tell the malicious script from a legitimate one. When it runs, the browser allows it to access cookies, tokens, and browsing data.
EMOTET
Emotet is malware that spreads like a computer worm and attempts to infiltrate a network through malicious links or documents attached to spam emails. Once Emotet accesses the network, it can use brute force to find passwords or exploit vulnerabilities to install malware.
PACKET SNIFFING
Packet sniffing is the live analysis of data in motion within a network. Cybercriminals use sniffing tools to access data from network packets, including customer credentials and propriety information.
ZERO-DAY
Zero-day attacks exploit new security vulnerabilities to access a system. Attackers find “zero-day vulnerabilities” before vendors can create patches. Once they infiltrate a system, attackers evade detection and wait for the perfect opportunity to attack.
bottom of page