#Introduction to Cyber Threats: Part 2
In the previous part, we defined some key terms and concepts related to cyber threats, such as vulnerability, exploit, attack vector, threat actor, and threat intelligence. We also discussed the main motivations and goals of cyber attackers and the common methods they use to launch cyber attacks.
In this part, we will explore different types of cyber threats, how they work, and what are the best practices for preventing or mitigating them. We will also look at some examples of real-world cyber attacks and their impacts.
## Types of Cyber Threats
There are many types of cyber threats, each with its own characteristics, techniques, and impacts. Some of the most common types of cyber threats are:
- **Malware**:
Malicious software that infects a system or network and performs harmful actions. Malware can include viruses, worms, trojans, ransomware, spyware, adware, rootkits, keyloggers, etc. Malware can be delivered through phishing emails, malicious websites, removable media, or other attack vectors. Malware can cause data loss, system damage, identity theft, or ransom demands.
- **Denial-of-Service (DoS) Attacks**:
Attacks that overwhelm a target's network or system with traffic or requests and prevent legitimate users from accessing it. DoS attacks can be launched by a single source or by multiple sources in a coordinated manner (Distributed Denial-of-Service or DDoS). DoS attacks can cause service disruption, performance degradation, or financial losses.
- **Phishing**:
A fraudulent email that tricks the recipient into clicking on a malicious link or attachment, or providing personal or financial information. Phishing can be used to deliver malware, steal credentials, or perform identity theft. Phishing can be generic or targeted (spear phishing). Phishing can cause data breaches, account compromise, or fraud.
- **Spoofing**:
A technique that impersonates a legitimate source such as an email address, a website domain, an IP address, or a phone number. Spoofing can be used to bypass security measures, gain trust, or deceive victims. Spoofing can enable phishing, malware delivery, man-in-the-middle attacks, or spamming.
- **Identity-Based Attacks**:
Attacks that leverage stolen or compromised credentials such as usernames and passwords to access a system or network. Identity-based attacks can be carried out by external threat actors or by insiders who abuse their privileges. Identity-based attacks can cause data theft,
- unauthorized access,
- or privilege escalation.
- **Code Injection Attacks**:
Attacks that insert malicious code into a system or application that executes commands on behalf of the attacker. Code injection attacks can exploit vulnerabilities in web applications,
- databases,
- operating systems,
- or other software components.
- Code injection attacks can cause data manipulation,
- system compromise,
- or remote control.
- **Supply Chain Attacks**:
Attacks that target a third-party vendor or service provider that has access to the target's system or network. Supply chain attacks can exploit vulnerabilities in software updates,
- hardware components,
- cloud services,
- or other dependencies.
- Supply chain attacks can cause data exfiltration,
- malware infection,
- or backdoor installation.
- **Insider Threats**:
Threats that originate from within an organization by employees,
- contractors,
- partners,
or other trusted parties who have legitimate access to the system or network. Insider threats can be intentional or unintentional,
- malicious or negligent.
- Insider threats can cause data leakage,
- system sabotage,
- or intellectual property theft.
