Short on time? Here’s the best antivirus to protect against cyber threats:
- 🥇 Norton : Powerful protection against all of the most common cyber threats — malware, phishing, ransomware, spyware, and more. Norton also comes with a virtual private network (VPN), password manager, secure cloud storage, parental controls, and a whole lot more to keep you and your whole family safe from online threats.
The last few years have seen a significant increase in telecommuting, e-commerce, and overall digital dependence. Unfortunately, with this digital transformation has come increased opportunity for hackers, who have been having a field day, netting record profits and causing widespread stress and damage to users around the world.
In the US alone, there were over 880,000 complaints in 2023 filed to the FBI’s Internet and Crime Complaint Center, resulting in $12.5 billion in losses. Here are some of the major 2024 trends in cyber attacks and cybersecurity:
- Persistent Ransomware Threat: The FBI reported a 22% increase in ransomware incidents in 2023, with associated costs rising by 74%. Attackers are using sophisticated strategies like “double” and “triple extortion” to maximize their profits, threatening to release or sell stolen data if ransoms are not paid.
- Growing Market for Spyware: The market for sophisticated commercial spyware is expanding. These tools allow remote access to devices without user consent and can be misused by governments to spy on journalists, activists, and officials.
- AI in Cybersecurity: AI continues to evolve, offering both opportunities and risks for cybersecurity. AI can enhance defense mechanisms by detecting threats and improving software security. However, it can also be misused for malicious activities, such as phishing and surveillance.
While the specifics of individual cyber attacks may vary significantly, they all make use of a fairly similar set of tools. Here are 10 of the most common types of cyber threats, along with some tips on how to stay safe online in 2024 (hint: use a good antivirus like Norton).
Current Cyber Threats in 2024
Here’s a quick rundown of the 10 most common types of cyber attack in 2024:
1. Phishing
Phishing attacks trick victims into giving away personally identifiable information (PII) and money, usually by sending a link to a fake web page that mimics a popular or trustworthy site. According to the FBI, phishing was the most reported cybercrime in 2023, causing losses of more than $18.72 million.
Here are the most common types of phishing attack:
- Email phishing. Fake emails pretending to be a legitimate company, which encourage the reader to click on fraudulent URLs. These are sent to any email address the hackers can find.
- Smishing. Similar to email phishing, but targeting users through an SMS message that contains a clickable link or return phone number. Fake delivery notifications and fake tax communications are common smishing techniques.
- Spear phishing. A targeted phishing attack where the hacker has researched their victim.
- Vishing. A type of phishing attack that uses phone calls to deceive individuals into divulging personal information, such as passwords, credit card numbers, or other sensitive data.
Phishing websites are often perfect replicas of legitimate sites, so using common sense and being careful may not always be enough. With phishing techniques becoming more and more sophisticated, using an antivirus with anti-phishing capabilities is the best thing you can do to protect yourself.
2. Malware (Viruses, Trojans & Worms)
Malware is short for malicious software. The last few years have seen over 50 million detections of malware per year (that’s a higher number of annual malware detections than the entire population of Spain). Globally, malware is currently said to cost the economy $6 trillion a year — with predictions for this to continue rising sharply. This is why using the best tools available to protect yourself against malware threats is so important.
Here are the most common types of malware:
- Viruses. Viruses corrupt legitimate files and duplicate themselves, consuming CPU power. They often steal or destroy user data, slow down devices, and crowd user screens with popups.
- Computer Worms. Worms have a similar impact to viruses, but they’re designed to replicate themselves in order to spread to other computers — usually through a computer network, but also via email, removable drives, servers, and shared folders.
- Trojans. Trojans mimic legitimate software in order to trick users into opening or downloading the malware onto their devices. Once a trojan has infected your device, it allows hackers to steal or alter data, install more malware on your system, and gain access to your system.
3. Ransomware
Ransomware is a type of malware that uses encryption to lock a victim’s own files and software, effectively holding their device and/or system ransom until they pay a fee. When the ransom is paid, the hackers will sometimes simply raise the ransom prices instead of giving the victims the decryption key.
According to the FBI’s 2024 Report on the Cybersecurity Posture of the United States, ransomware incidents increased by 22% in 2023 compared to the previous year and a whopping 74% in terms of cost of ransomware attacks. Luckily, there are ways to avoid becoming part of these grim statistics — by installing an antivirus with top-of-the-class ransomware protection (such as Norton).
4. Exploits/Zero-Days
An exploit attack takes advantage of software vulnerabilities (frequently in web-facing programs like browsers and web scripts like Adobe and JavaScript), forcing the software to do something it wasn’t designed to do. For example, hackers can use cross-site scripting (XSS) to force JavaScript to run malicious code in otherwise trusted websites. Hackers can then use this malicious code to install malware on users’ devices.
Exploits are programs or code that have been designed to attack and exploit a particular vulnerability and are commonly classified as either known exploits or unknown (zero-day) exploits. Cyber researchers and developers also look to develop exploits as a means of defense.
Most exploits are known, meaning developers have already discovered the vulnerability and exploit and issued patches that address it. These patches are released as security updates, which is why software updates are so important.
On the other hand, a zero-day exploit occurs when hackers discover a vulnerability that hasn’t been patched and use an exploit to attack victims that same day. Zero-day attacks are extremely dangerous because there is no defense against them, and significant damage can be done before developers are able to find a way to patch the vulnerability.
5. Man-in-the-Middle
Man-in-the-middle (MITM) attacks place a third party between two legitimate users, without those users’ knowledge. Once a hacker (or government, or business) is “in the middle”, they can spy on the data being sent, or covertly alter communications between the two victims.
MITM attacks can be very basic (using spoofed email addresses), or complex — using software that decrypts and re-encrypts communications at the network level.
There are two major ways you can fall victim to an MITM attack. The first is through malware that redirects your web traffic to an MITM server. The second is by connecting to a spoofed public WiFi network, which can then allow hackers to establish a connection to your device.
Web encryption protocols like SSL and TLS are designed to make MITM attacks more difficult, but they still occur sometimes.
6. DNS Spoofing
Whenever you enter a web address into your search bar, your device sends a request to a DNS (domain name system) server. The DNS server takes your text query (e.g. www.safetydetectives.com) and provides your device with the website’s IP address, allowing your device to connect to the requested website.
Rather than looking up an IP address every time it gets a request, a DNS server relies on a cache of known IP addresses to save time.
DNS cache poisoning and spoofing are the methods used to attack this system. DNS spoofing refers to any attack that involves changing the DNS records that are returned to the user. Cache poisoning specifically refers to a hacker inserting false IP address data into a server’s cache. In both cases, the result is the user being directed to a URL that differs from the correct, legitimate site.
DNS attacks can redirect users to phishing or exploit sites, but DNS cache poisoning is also commonly used by repressive governments to redirect users away from censored web pages. China’s Great Firewall even goes so far as to insert anti-CCP (Chinese Communist Party) websites into its server’s caches, thus redirecting high-volume traffic from its censored sites to these alternative “CCP-unfriendly” sites, in a kind of hybrid DNS spoofing/DDoS (distributed denial-of-service) attack that can tactically bring down the site in question.
7. SQL Injection
SQL (structured query language) is a common language used in programming to communicate with databases. It essentially allows programmers and other users to elicit a wide range of information held within databases, in easily understandable formats.
An SQL injection is when an attacker interferes with the queries that a website or application makes to its database. For example, the hacker can insert malicious code in a website’s text fields (like the search, username, or password fields) to essentially ask the database to, “Show me your private information”. This information can include:
- Email addresses.
- Passwords.
- Credit card numbers.
- And more.
Hackers can then either steal or alter this data, depending on the type of attack. Even though there are simple tools designed to protect websites from SQL injection, many developers fail to implement them, which is why SQL injection is still incredibly common in 2024.
8. Cryptojacker
Cryptojackers hijack other devices’ CPUs to mine cryptocurrency. Unlike most other types of cyber attack, crypojackers purposefully intend for the device owner to have zero knowledge of the hijack. These infections can last for years and can lead to significant slow-downs on the victim’s PC, or even PSU/GPU damage if the cryptojacker overclocks the victim’s device.
It takes a lot of processing power to mine crypto, so hackers connect millions of cryptojacked devices to create a botnet, which then has the power to compute massive amounts of data.
Cryptojackers are commonly deployed through malware downloads, exploit attacks, and even hacked cloud services (In March 2021, Docker Hub, the popular cloud container service, was found to be hosting thousands of cryptojacking files that had netted hackers around $200,000).
Cryptojacking is a flourishing business: according to SonicWall, in 2023, there were over 332 million reported cases, a significant increase from the previous year.
9. DoS/DDoS
A denial-of-service attack (DoS) happens when hackers flood a web server by overwhelming it with bots or data packets, causing it to crash. This stops a website from being accessible to its intended users.
When multiple computers/systems are involved — all synchronized to attack a single target — it becomes a distributed denial-of-service attack (DDoS). This is a more severe attack that can flood a website more quickly and is harder to stop.
While DoS and DDoS attacks are different from other cyber attacks (which seek to gain unauthorized access and/or control to a device or information), they can still be a major threat to a company’s servers and revenue. DoS and DDoS attacks can usually be resolved in just a few hours. However, more extensive attacks can deny services for several weeks at a time.
10. Password Attack
A password attack is an attempt to steal a user’s password. Hackers use different methods to do this, such as:
- Keyloggers. Malware that registers a user’s keystrokes and sends them to the hacker.
- Brute force. Programs (e.g. hashcat) that can test millions of possible password/username combinations in a matter of seconds in an attempt to randomly uncover user passwords.
- Traffic interception. Software that monitors unsecured network traffic and captures any unencrypted passwords.
- Default passwords. Hackers trawl the web for insecure IoT (internet of things) devices, then spam them with well-known default passwords to gain entry into a network (e.g. the Mirai botnet).
- Phishing. Instead of stealing your password, scammers can attempt to trick you into willingly giving it away.
How to Secure Your Devices From Cyber Attacks
The best protection against cyber attacks is powerful internet security software (Norton is best). A good antivirus can provide several layers of protection, with features like:
- Malware scanner. Scans your system for malware threats already installed on your device.
- Real-time protection. Actively monitors your device and stops new malware threats from being downloaded or opened.
- Web protection. Protects you by blocking malicious web pages that host exploit attacks.
- Phishing protection. Scans emails and web pages for malicious links and prevents you from downloading or opening them.
- Firewalls. Monitors incoming and outgoing web traffic and prevents unauthorized access to your network.
- VPN. Masks your location by giving you a virtual IP address, making it difficult for hackers to track you.
- Password manager. Securely encrypts your login data and generates unique random passwords so that a single leaked login won’t endanger all of your accounts.
If you want to learn more about the best antivirus products currently available in the market, check out our list of the top 10 antivirus software of 2024.
Other ways to protect your devices from malware are:
- Keep your software updated. Exploit attacks and malware frequently target software vulnerabilities that have already been patched. These patches are released in software updates, so updating all of your software regularly is probably the single most important security measure that you can perform.
- Don’t download pirated software and media. Pirated sites are filled with seemingly legitimate files that carry harmful malware, like trojans.
- Always use unique passwords across your accounts. Password managers such as 1Password can generate and store unique passwords.
- Check emails are from a trusted sender or business. Particularly if they include links you need to follow.
- Always check the URL of sites you visit. Be careful with unsecured websites (secure HTTPS sites will display a closed lock symbol in the address bar), and consider using a secure browser or extension that can force HTTPS connections.
Frequently Asked Questions
Are cyber attacks increasing?
Yes. Cyber attacks are increasing. The White House reports a 28% increase in cyber attacks per organization globally in Q1 2024 compared to the previous quarter, while the Department of Justice highlights the persistent ransomware threat, with over $59.6 million in losses reported to the FBI’s Internet Crime Complaint Center in 2023. These numbers highlight the importance of protecting your devices using a comprehensive antivirus suite like Norton 360.
What are some recent examples of cyber attacks?
Here are some notable cyber attacks that have been reported recently:
- In April 2024, Paris Saint-Germain football club was hit by a ransomware attack, showing that even sports organizations are targets.
- The Royal Mail in the UK was hit by a LockBit ransomware attack in January 2023, resulting in huge financial losses estimated at around £75 million ($90 million).
- In April 2024, a data breach at AT&T impacted 51 million customers, exposing their personal information.
- In April 2023, the City of Oakland declared a state of emergency after a ransomware attack.
- In early 2023, T-Mobile suffered a massive data breach affecting 37 million customers’ personal and account data through an API attack.
Can cybercrime be stopped?
Unfortunately, no. Just as technology is constantly evolving, so too is cybercrime. Zero-day threats are on the rise and new malware variants are deployed every day, proving that hackers are constantly innovating and developing new methods to break even the strongest security protections. Cybersecurity is thus a constant battle of innovation between malicious hackers and white hat (ethical) programmers. However, most attacks can be prevented simply by using the right anti-malware technology — such as a powerful antivirus software like Norton.
Are mobile devices also at risk of cyber attacks?
Yes. Although traditionally there has been less malware directed at mobile devices, it is consistently on the rise, with data leaks, open WiFi networks, phishing attacks, spyware, trojans, and viruses all being common mobile-device threats. The good news is that there are plenty of antivirus software companies that also protect your mobile devices as part of the same package, such as Norton. You can also take a look at our top picks for best Android antivirus and best iOS security app.