What are the Major Online Security Threats in 2023?
In 2023, it is essential to be aware of the ever-evolving online security threats that malicious actors may present to both individuals and organizations. Worldwide, political and socioeconomic struggles have made cybercriminals more desperate than ever. These malicious activities can cause significant losses and severe security threats for organizations. During times of economic stress, these attacks often become more severe, which can be quite disastrous for businesses.
Being prepared for these threats means being aware of them, though, foremost. Here is a master list of all the current trends in cybercrime:
1. Social Engineering
Social engineering attacks use psychological manipulation to trick users into carrying out activities that benefit the attackers or that disclose the user’s confidential information.
Social engineering attacks include:
Phishing & Social Engineering Attacks
Phishing is a fraudulent act in which emails containing false information get sent out, with the purpose of tricking users into revealing sensitive data.
Since these emails often appear to be from legitimate sources, it can be difficult for targets to identify the fraud. The email may ask the recipient to click on a link or perform an action that leads them to malicious websites.
Spear phishing
Spear phishing is a type of social engineering attack that targets specific people with privileged access or authority. Examples of this are system administrators or high-level executives.
Malvertising
Malvertising is a malicious form of online advertising which contains malicious code that can infect a device as soon as it gets clicked.
Drive-by downloads
Drive-by downloads happen when hackers create websites and insert malicious software into their code. When users load the infected pages, malware gets automatically installed on their computer. Even worse, the attacker’s script might divert them to a hazardous website that will download more malware.
Scareware security software
Malware attackers often run fake virus scans and deceive users with fraudulent warnings. The attacker may then ask the user to pay a fee to remove these threats.
Baiting
‘Phishing by physical device’ is a tactic used to infect an individual’s device. This involves leaving an infected storage medium, like a USB drive, in an easily accessible spot. Once the target inserts the storage device into their machine, they unknowingly install the malware.
Vishing
Voice phishing (vishing) is an attack based on social engineering. It targets individuals and attempts to get them to divulge financial or personal information via telephone.
Whaling
Whaling is using sophisticated phishing techniques to target high-ranking employees, such as CEOs and CFOs. The goal is often to deceive these individuals to steal confidential information.
Pretexting
Pretexting is a deceptive method used to get confidential information from targets. This social engineering strategy uses false pretenses to persuade the target to disclose sensitive financial or personal data.
Scareware
Scareware deceives victims into believing they have downloaded malware or something illicit. Then, the platform presents what appears to solve the problem. However, this is only to get the victim to install malware or disclose financial information.
Diversion theft
Diversion theft is attempting to deceive the courier or delivery company into delivering or collecting packages from incorrect addresses. This enables the threat actor to compromise data by intercepting the transaction. Scammers use this technique to collect money anonymously from victims.
Honey trap
Social engineers often use false, attractive identities to engage with targets online, called honey traps. The honey trap persona enables them to form an online relationship with the target.
Pharming
Another way to perpetuate cybercrime is through an online fraud scheme. Hackers add malicious code to servers or computers, which causes unsuspecting users to be rerouted to a fake website. There, they get tricked into divulging personal data like passwords or bank details.
2. Malware & Ransomware
Malware is software that gets installed without the user’s knowledge. Malware can monitor user activities, send confidential data to the attacker, and more. Cybercriminals commonly take advantage of a user’s ignorance or negligence by persuading them to click a link, download an attachment, etc. Sometimes, they can also exploit vulnerabilities in browsers or operating systems to install the malware covertly.
Malware attacks include:
Trojan virus
Trojans are a type of malicious software that masks itself as something harmless but can attack a user’s system. They usually allow attackers to establish a backdoor for malicious activities.
Ransomware
Ransomware is a malicious cyber-attack where the attacker blocks users from accessing their data, then threatens to delete or publish the user’s data if they don’t pay a ransom.
Wiper malware
Wipers can delete data or sometimes entire systems. This may be to communicate a political message or to cover-up hacking activities.
Worms
This malware can infiltrate systems and networks through backdoors and security loopholes. After successful installation, the malicious software launches a variety of attacks.
Spyware
Spyware allows attackers to steal sensitive data like payment details and passwords. It can affect mobile phones, desktops, and any device running a browser.
Fileless malware
Malware can now exist without needing to install any software on the system. It can manipulate files like PowerShell and WMI, turning them into malicious tools. This makes it harder to recognize it as malware because it’s hidden inside legitimate software.
Application or website manipulation
The Open Web Application Security Project (OWASP) has listed the ten most common application security risks. Among these include broken access control, security misconfiguration, injection flaws, and cryptographic issues. Once attackers successfully penetrate service accounts, they can further deploy malware, credentials theft, and Advanced Persistent Threats (APTs).
3. Data Breaches & Identity Theft
The number of data breaches has increased with rising cyber hacking and identity theft. 45% of US adults fell victim to identity theft in 2021 alone, according to Javelin Strategy & Research.
A data breach occurs when an unauthorized person gains access to a database containing sensitive information. These usually involve employees who have access to Personally Identifiable Information (PII) as part of their job, and who use this for financial or other unlawful purposes. Sometimes, data breaches are like other malicious cyberattacks by outsiders. These hackers can breach defenses and gain access to the most sensitive data of their victims.
Data breaches include:
Insider theft
Employees may be prone to external threats, dissatisfied with their employer, or incentivized by money.
Unauthorized access
Cybercriminals may deploy phishing emails, spyware, and other malicious techniques to gain access to the networks they are targeting. People often take their laptops home and neglect to secure them, making them vulnerable to physical theft. A knowledgeable thief can use this opportunity to steal hardware containing valuable data. This type of attack is dangerous, as it requires no digital expertise or access.
Data on the move
Because of the lack of encryption, PII (Personally Identifiable Information) that is transmitted over open networks is especially vulnerable. Therefore, a lot of caution should get exercised when moving large volumes of sensitive data through these networks.
Accidental exposure
Data breaches are more frequent than people assume. Data that should be confidential can end up in places where it can get accessed by anyone. These can range from sample databases for developers or uploaded to public services like GitHub.
4. Password Theft & Weak Passwords
Hackers have different methods of getting hold of an individual’s login credentials. This includes intercepting network traffic (known as ‘sniffing’), using social engineering, guessing passwords, or even getting access to a database containing passwords. An attacker can also attempt to guess the password in either a random or systematic manner.
Password attacks include:
Brute-force password guessing
Cyber attackers use certain software to crack passwords by systematically trying different combinations. The software uses “brute force” tactics and may even leverage some knowledge about the target user, such as their name, job role, or family, to make more relevant guesses.
Dictionary attack
Hackers often use a dictionary of commonly used passwords to gain unauthorized access to computers and networks. One way for them to do this is to start by copying an encrypted file with the passwords, then encrypt a list of popular passwords using the same method. Finally, they compare the results.
Pass-the-hash attack
Cyber attackers may try to exploit authentication protocols and capture password hashes. Attackers may not need to decrypt the hash to access plain-text passwords, either.
Golden ticket attack
The Pass-The-Hash technique gets extended by the Golden Ticket Attack and is used to attack Windows Active Directory (AD) platforms. The attack starts with obtaining the password hash of a user, then forging a Ticket-Granting Ticket (TGT) hash with Mimikatz by accessing the Key Distribution Center.
5. Unsecured Wi-Fi Networks & Public Computers
Hackers and malicious individuals often use public Wi-Fi hotspots to spy on others. It is therefore important to take necessary precautions while using public networks. Secure your connection with a VPN or simply avoid any public Wi-Fi hotspot you come across. You may also want to avoid using public computers, since they are not always secure.
6. Outdated Software
Update any software you use regularly. Periodic updates should get made to all operating systems and browser plug-ins. Software updates often include security patches that reduce the risk of hackers exploiting software vulnerabilities.
7. High Risk Extensions
Extensions that you use may be unnecessary and risky to your computer’s security. Some extensions cause major performance issues and malware infections. If an extension is unnecessary, its removal can help keep your system safe.
8. Shadow SaaS
Often, software that you download is available on a subscription basis. These subscriptions can then get renewed monthly without the user’s knowledge or consent. This can be dangerous for privacy and security. Take caution before downloading any software from a website that offers a subscription service.
9. MFA bypass with AiTM attacks
Multi-factor authentication is a security measure that requires multiple passwords to access your account. AiTM attacks are a kind of attack that can bypass this security measure. They use the radio frequency identification (RFID) chip embedded in your phone or other device to access your account.
This requires an attacker to physically possess the user’s device. The best way to prevent this is to never leave your digital devices unattended with someone you don’t trust.
What is the best way to protect myself from online security threats?
There is no simple answer to this question. The best way to protect yourself online will vary depending on your organization’s security needs and risk profiles. It is always best to consult with an IT professional if you feel unsure about any of your business technology needs. There are some key tools that can keep your data safer, though.
Password generators
Password generators are a great way to make your password more complex, more secure, and harder to guess.
Two-factor authentication
Two-factor authentication, also known as 2FA, is an added layer of security. It requires additional verification when logging in for the first time, usually as a pin number. The pin number either gets texted to the user or generated via an application.
VPNs (Virtual Private Networks)
VPNs cover your IP address and route all internet activity through an encrypted tunnel. This allows you to access websites, services and apps that may normally get blocked from your location.
Encrypting individual files
This is a simple way to make sure you do not expose sensitive information either online or to anyone that gains physical access to your files.
Need More Help Preventing Online Security Threats?
I have been in information technology for over fifteen years as it relates to operations, support, online marketing, and software. I specialize in helping businesses create more secure, efficient, and cost-effective solutions for their digital ecosystems. I am always happy to help a fellow business professional. Schedule a free consultation by phone or video with me today!