Cybersecurity has been a hot topic within the IT industry for years and with each day that passes we read news related to yet another cybersecurity threat. The year 2020, however, comes with a whole new level of cybersecurity concerns. Not only are we in the midst of a global pandemic, the 2020 United States presidential election also looms large; and both have cyber criminals working overtime – but for different reasons.
With the coronavirus (COVID-19), the number of remote workers has exponentially increased. While this has been a boon for many, it’s also opened the door for cyber criminals as they see it as a vulnerability they can exploit. By targeting the unaware, they seek to steal company information or personal data, and generate profit from it.
In terms of the US presidential election, the goal is unclear. It could be that criminals are looking to spread disinformation for political gain, to sow doubt, or to just generate chaos. As the fictitious character, Alfred Pennyworth, states in the film The Dark Knight, “…some men aren’t looking for anything logical, like money. They can’t be bought, bullied, reasoned, or negotiated with. Some men just want to watch the world burn.”
Cybersecurity, however, is all about staying ahead of threats rather than managing them later. If you know what to look out for, you’re less likely to fall victim. So, in this blog post, we define some of the most common types of basic cyberattacks so that you can keep yourself, and your organization, safe.
Common 2020 Cyberattacks
Spyware – Defined, spyware is malicious software that enables a user to gather information about a person or organization, without their knowledge or consent. The software hides on your device, monitors your activity, and then steals sensitive information like bank details and passwords. Spyware can affect PCs, Macs, and iOS or Android devices. The most common ways your computer can get infected include accepting unknown prompts or pop-ups, downloading software from an unreliable source, opening email attachments from unknown senders, and pirating media such as movies, music, or games.
Phishing – This is a type of cyberattack that companies and users frequently face. In fact, you probably even have a phishing email in your junk folder right now. In this scam, cyber criminals pose as legitimate institutions in an attempt to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. An example of a common phishing ploy is an email stating that your password will soon expire which is accompanied with a link to change your password. That link then leads to a malicious website.
SMiShing – A form of phishing, smishing (SMS phishing) is when someone tries to coerce you into giving them your private information via a text or SMS message. The goal is to trick you into believing that a message has arrived from a trusted entity and then convince you to take action that gives the attacker exploitable information or access to your phone. A perfect example is the new text message package delivery scam. In it, people receive text messages claiming to be from FedEx with a tracking code and a link to “set delivery preferences.” If you tap the link, you’ll end up on a fake Amazon site requesting credit card information with the promise of a “free reward.”
Adware – Adware, or advertising-supported software, is unwanted software designed to deliver advertisements on your screen, most often within a web browser. It disguises itself as legitimate software or piggybacks on another program to trick you into installing it on your device. Adware generates revenue for its developer by automatically displaying online ads in pop-up windows. If you’ve ever clicked on a link and have then experienced an overload of pop-ups and new tabs opening within your browser, that’s adware.
Ransomware – This is a particularly nefarious type of cyberattack. These attacks block the system of a company or institution, the attacker then demands a ransom from the victim to restore access to the data upon payment. Unlike other malware, which can be removed via anti-malware software, ransomware removal varies from simple to impossible. The most common variants, known as filecoders or encryption ransomware, encrypt your files. Meaning, even if you do manage to remove the malware itself, you still need to decrypt your data to access it. One of the more infamous ransomware attacks was the WannaCry ransomware attack that occurred in May 2017.
Deepfake – Seeing may be believing, but in 2020, you can’t always believe what you see. Introducing, deepfakes. Deepfakes are AI-generated media in which a person in an existing image or video is replaced with someone else’s likeness, such as this deepfake video of former President Obama. Cybercriminals use this technology to foster disruption across various industry segments and it can be used to impersonate CEOs, steal millions from enterprises, spread disinformation, and interrupt business operations. They’re of particular concern this year because of the threat they pose to the upcoming 2020 elections.
Tips for Remaining Safe Online
As you can see, the internet can be a dangerous place. So, here are some to-do’s that can help you stay alert and safe online: keep your software up-to-date, beware of suspicious emails and phone calls, practice good password management, think before you click, never leave devices unattended, install antivirus/anti-malware protection, and always safeguard and backup your data.