Cybersecurity Threats You Need to Know

June 06, 2017
06_06_security.lock.abstract copy

Small businesses are considered "soft targets" by hackers. For example, according to a Symantec study last year, the number of "spear phishing" attacks against small businesses with fewer than 250 employees has been steadily rising.

You may be taking false comfort in the fact that your business is small, thinking it will escape notice by cybercriminals. But today everyone is a target--whether a solo entrepreneur, employee, small business, or Fortune 500 enterprise.

Below are nine threats you should be aware of, but by no means are they the only ones. More than anything, I hope this list opens your eyes to just how creative cybercriminals have become and how many levels of threats we face--either as individual users or in our business systems.

1. Ransomware. Ransomware is one of the fastest-growing forms of attack. Kaspersky reports the rate of attacks increased to every 10 seconds for individuals and to every 40 seconds for businesses in 2016.

Ransomware is a type of malware that restricts access to your system unless a ransom is paid. The ransom is displayed on the screen with a message stating you must pay a fine or fee in order to access your own system. Ransoms have ranged from hundreds of dollars to tens of thousands of dollars.

Common methods to distribute malware, such as ransomware, include unsecured public WiFi, clicking links in emails, or unknowingly downloading malware when installing legitimate software.

2. Pharming. Pharming is a kind of online fraud designed to redirect a legitimate URL to a malicious website instead. The fake site is designed to look like the real thing. Once you enter your information, the hackers can harvest your login credentials.

3. Phishing. Phishing involves fake emails that look legitimate. They are designed to induce the recipient to visit malicious websites, download malware, or voluntarily give up login credentials by replying to the email. Quite a few hackings start with phishing schemes targeting a company employee. In fact, one study claims that 91% of cyberattacks start with a phishing email--suggesting that employees are one of your company's softest targets.

4. Distributed Denial-of-Service Attacks (DDoS). A DDoS attack involves a cybercriminal using a large number of computers to launch an attack to disable a network, website, or server. This is accomplished by repeatedly sending requests to a server or network, until the target is overwhelmed. The result: a crashed website, or one so slow that legitimate users can't access it.

5. Keyloggers. A keylogger is one of the more insidious types of malwares out there, because it keeps a record of every keystroke you make on your keyboard. So, essentially, it copies every input, giving the hacker important data, such as usernames and passwords.

6. Spyware and Adware. Spyware and adware are used to collect information. They enter your system through a free download, or they are installed without your consent automatically when you visit a malicious site. Once inside, these sneaky software programs start collecting information, including usernames and passwords of sites you visit.

7. Viruses and Trojans. A computer virus, just like its biological counterpart, infects the host and changes how it functions. A Trojan is a piece of software that will install itself on your computer and run automatically. It is an executable file that typically is embedded within legitimate software you download.

These nasty pieces of malware can turn on your camera, disable your security settings, hijack your browser, or infect other computers in your network. And of course, they can give hackers access to personal and business data in your computer or business network.

8. Exploits. Exploits are when a hacker takes advantage of a vulnerability in any software on your system or computer. Websites, operating systems, and apps are all vulnerable to exploits. This is why security updates are issues--and why you should always install those updates promptly.

For example, let's say your website is built on WordPress software. If you don't keep WordPress updated to the latest version, hackers can "exploit" your out-of-date software to access a vulnerability they've discovered. They could hack into your website, deface it with spammy links, or fill it with malware that infects anyone else who visits your site.

9. WiFi Eavesdropping. If the WiFi system you use is not secured, you could be "eavesdropped" by cybercriminals. Your laptop, tablet, or other device would essentially be open to evil doers. So, remember that the next time you are tempted to log in to that free WiFi system.

This article originally appeared on Inc.

Individuals and businesses both face numerous cybersecurity threats.

Locked Content

Click on the button below to get access

Unlock Now

Or sign in to access all content on Comcast Business Community

Sign Up

for our newsletter


Learn how Comcast Business can help
keep you ready for what's next.



for our newsletter