Lecture 2. Cybersecurity threats

Cyber threats and their types
What are cyber threats?
A cyber threat is an activity aimed at compromising the security of an information system by changing its availability. Availability means information assets, software and hardware (infrastructure and its components).
Types of cyber threats.
Given the number of different types of devices that can be exposed to cyber threats, there are a number of different types of problems that can occur. Each of these threats is unique in its own right and creates different types of problems for the user, but they generally all have the same end result... the affected system is compromised in some way and the user or their information is put at risk.
While the list below is extensive, it is not exhaustive. There are many types of cyber threats and it is simply not possible to list them all in one article. The most common ones are listed here to give you a general idea of what they are and how often they are used to harm both home and corporate networks.


Social Engineering
Соціальна інженерія - це атака, яка спирається на людську взаємодію. Вона змушує користувачів порушувати процедури безпеки, щоб отримати конфіденційну інформацію, яка зазвичай є захищеною.
Шкідливі програми (Malware)
Malware is a type of malicious software in which any file or program can be used to cause harm to a computer user. Different types of malware include worms, viruses, Trojans and spyware.
Ransomware
Ransomware is another type of malware that involves an attacker locking the system files of a victim's computer - usually using encryption - and demanding a fee to decrypt and unlock them.
Phishing
Phishing is a form of social engineering where fraudulent emails or text messages are sent that resemble messages from reputable or known sources. These are often random attacks that aim to steal sensitive data, such as credit card information or login details.
Spear phishing is a type of phishing that targets a user, organisation or business.
Insider threats
Insider threats are security breaches or damage caused by people - for example, employees, contractors or customers. Insider threats can be malicious or negligent in nature.
Distributed denial-of-service, DDoS
Distributed denial-of-service attacks are attacks in which multiple systems disrupt the traffic of a target system, such as a server, website, or other network resource. By bombarding the target with messages, connection requests, or packets, attackers can slow down the system or disable it, preventing legitimate traffic from using it.
Advanced persistent threats, APT
Advanced persistent threats are sustained, targeted attacks in which an attacker infiltrates a network and remains undetected for a long time to steal data.
Man-in-the-middle, MitM
Man-in-the-middle attacks are eavesdropping attacks in which an attacker intercepts and transmits communications between two parties who believe they are communicating with each other.
Hacking
Hacking is an attempt to exploit a computer system or a private network within a computer. Simply put, it is the unauthorised access to or control of a computer network's security systems for some illegal purpose.