Short on time? Here’s the best antivirus to protect against cyber threats:
- 🥇Norton 360: Powerful protection against all of the most common cyber threats — malware, phishing, ransomware, spyware, and more. Norton also comes with a virtual private network (VPN), password manager, secure cloud storage, parental controls, and a whole lot more to keep you and your whole family safe from online threats.
The last few years have seen massive growth in the number of online users — largely sparked by the pandemic, which has led to a significant increase in tele-commuting, e-commerce, and overall digital dependence. Unfortunately, with this digital transformation has come increased opportunity for hackers, who have been having a field day, netting record profits and causing widespread stress and damage to users around the world.
In the US alone, reports of internet crime nearly doubled from 2019 to 2020, with almost 800,000 reports of cyber attacks in 2020. Here are a few of the major trends in cyber attacks in 2022:
- Users and businesses are increasingly connected through cloud networks, making massive data breaches both more likely, and more profitable to hackers.
- Hacking techniques are becoming more sophisticated, and cybercriminals are looking for bigger payouts than ever before. The Colonial Pipeline ransomware attack alone made its hackers $4.4 million.
- Phishing and smishing attacks are targeting more people than ever thanks to the explosion of delivery-service use, online shopping, and work-from-home. Smishing in particular has increased by nearly 700% in the first half of 2021 alone.
- Malware targeted at mobile users is on the rise. Android now sees almost 500,000 new malware threats each month.
- Zero-day vulnerabilities are being discovered and exploited at a rapid rate, forcing developers like Apple to scramble to patch serious holes found in their software.
While the specifics of individual cyber attacks may vary significantly, they all make use of a fairly similar set of tools. Here are 10 of the most common types of cyber threats, along with some tips on how to stay safe online in 2022.
Current Cyber Threats in 2022
Here’s a quick rundown of the 10 most common types of cyber attack in 2022:
- DNS spoofing.
- SQL injection.
- Password attack.
Malware is short for malicious software. The last few years have seen over 50 million detections of malware per year (that’s a higher number of annual malware detections than the entire population of Spain). Globally, malware is currently said to cost the economy $6 trillion a year — with predictions for this to continue rising sharply — and it has affected over 16 million US households in the past two years alone. This is why using the best tools available to protect yourself against malware threats is so important.
Here are the most common types of malware:
- Viruses. Viruses corrupt legitimate files and duplicate themselves, consuming CPU power. They often steal or destroy user data, slow down devices, and crowd user screens with popups.
- Computer Worms. Worms have a similar impact to viruses, but they’re designed to replicate themselves in order to spread to other computers — usually through a computer network, but also via email, removable drives, servers, and shared folders.
- Trojans. Trojans mimic legitimate software in order to trick users into opening or downloading the malware onto their devices. Once a trojan has infected your device, it allows hackers to steal or alter data, install more malware on your system, and gain access to your system.
- Rootkits. A rootkit is a malicious software program that allows cybercriminals to gain control of a computer or network. It hides in a device’s system, allowing unauthorized users to have privileged and continued access. Many rootkits can deceive or deactivate antivirus software, and even survive hard-drive reformatting.
- Adware. Adware displays annoying and unwanted pop-up ads on your desktop. It exists to generate revenue for its owner by users clicking on the ads, but it can also gather your personal information, track your browsing history, record your keystrokes, and sell all this information on to third parties.
- Spyware. Spyware is a form of malware that’s designed to enter your computer (often via Adware), gather and steal your personal data, and forward it to a third-party.
Exploits are programs or code that have been designed to attack and exploit a particular vulnerability and are commonly classified as either known exploits or unknown (zero-day) exploits. Cyber researchers and developers also look to develop exploits as a means of defence.
Most exploits are known, meaning developers have already discovered the vulnerability and exploit and issued patches that address it (Microsoft disclosed and patched 478 Windows vulnerabilities in the first half of 2020 alone). These patches are released as security updates, which is why software updates are so important.
A zero-day exploit occurs when hackers discover a vulnerability that hasn’t been patched and use an exploit to attack victims that same day. Zero-day attacks are extremely dangerous because there is no defense against them, and significant damage can be done before developers are able to find a way to patch the vulnerability.
In late 2020, Apple reported a zero-day exploit in iMessage which had allowed hackers to install malware on user devices by sending victims a single text message, without the need for the victims to even click on anything (this zero-click vulnerability has been patched with the latest iOS updates).
Phishing attacks trick victims into giving away personally identifiable information (PII) and money, usually by sending a link to a fake web page that mimics a popular or trustworthy site. According to the FBI, phishing was the most reported cybercrime in 2020, causing losses of more than $4.2 billion.
Here are the most common types of phishing attack:
- Email phishing. Fake emails pretending to be a legitimate company, which encourage the reader to click on fraudulent URLs. These are sent to any email address the hackers can find.
- Smishing. Similar to email phishing, but targeting users through an SMS message that contains a clickable link or return phone number. Fake delivery notifications and fake pandemic information are common smishing techniques.
- Spear phishing. A targeted phishing attack where the hacker has researched their victim.
- Whaling. Phishing attacks purposefully aimed at high-value targets such as celebrities and large corporations.
Phishing websites are often perfect replicas of legitimate sites. However, there are still ways you can identify them, such as studying a site’s URL before clicking on any links, or giving away any PII. For example, Norton’s web address is www.norton.com, but a phishing site may use: www.norton-virus-protection.com. If you’re unsure, look up the real website on a search engine and see if the URLs match.
Man-in-the-middle (MITM) attacks place a third party between two legitimate users, without those users’ knowledge. Once a hacker (or government, or business) is “in the middle”, they can spy on the data being sent, or covertly alter communications between the two victims.
MITM attacks can be very basic (using spoofed email addresses), or complex — using software that decrypts and re-encrypts communications at the network level.
There are two major ways you can fall victim to an MITM attack. The first is through malware that redirects your web traffic to an MITM server. The second is by connecting to a spoofed public WiFi network, which can then allow hackers to establish a connection to your device.
Web encryption protocols like SSL and TLS are designed to make MITM attacks more difficult, but they still occur sometimes.
In 2019, an MITM hacker stole $1 million dollars that was being sent from a Chinese venture capital firm to an Israeli startup, by intercepting and altering email communications between the two parties for a period of weeks. The organizations only realized they’d been hacked when the startup failed to receive their funds and reached out to their financiers directly.
5. DNS Spoofing
Whenever you enter a web address into your search bar, your device sends a request to a DNS (domain name system) server. The DNS server takes your text query (e.g. www.safetydetectives.com) and provides your device with the website’s IP address, allowing your device to connect to the requested website.
Rather than looking up an IP address every time it gets a request, a DNS server relies on a cache of known IP addresses to save time.
DNS cache poisoning and spoofing are the methods used to attack this system. DNS spoofing refers to any attack that involves changing the DNS records that are returned to the user. Cache poisoning specifically refers to a hacker inserting false IP address data into a server’s cache. In both cases, the result is the user being directed to a URL that differs from the correct, legitimate site.
DNS attacks can redirect users to phishing or exploit sites, but DNS cache poisoning is also commonly used by repressive governments to redirect users away from censored web pages. China’s Great Firewall even goes so far as to insert anti-CCP (Chinese Communist Party) websites into its server’s caches, thus redirecting high-volume traffic from its censored sites to these alternative “CCP-unfriendly” sites, in a kind of hybrid DNS spoofing/DDoS (distributed denial-of-service) attack, which can tactically bring down the site in question.
Ransomware is a type of malware that uses encryption to lock a victim’s own files and software, effectively holding their device and/or system ransom until they pay a fee. When the ransom is paid, the hackers will sometimes simply raise the ransom prices instead of giving the victims the decryption key.
One of the most prominent recent ransomware attacks was that on Colonial Pipeline, a major petroleum and natural gas pipeline company in the US. Colonial was forced to shut down its pipeline for over a week in order to prevent the ransomware from spreading, causing gas prices to skyrocket in the US. Colonial paid $4.4 million in ransom to the hackers in order to stop the attack and regain access to their systems.
7. SQL Injection
SQL (structured query language) is a common language used in programming to communicate with databases. It essentially allows programmers and other users to elicit a wide range of information held within databases, in easily understandable formats.
An SQL injection is when an attacker interferes with the queries that a website or application makes to its database. For example, the hacker can insert malicious code in a website’s text fields (like the search, username, or password fields) to essentially ask the database to, “Show me your private information”. This information can include:
- Email addresses.
- Credit card numbers.
- And more.
Hackers can then either steal or alter this data, depending on the type of attack. Even though there are simple tools designed to protect websites from SQL injection, many developers fail to implement them, which is why SQL injection is still incredibly common in 2022.
According to Edgescan, SQL injection still accounts for 42% of web attacks, making it the most common form of web attack. In 2020, millions of emails and passwords were leaked from Freepik because of an SQL injection.
Cryptojackers hijack other devices’ CPUs to mine cryptocurrency. Unlike most other types of cyber attack, crypojackers purposefully intend for the device owner to have zero knowledge of the hijack. These infections can last for years and can lead to significant slow-downs on the victim’s PC, or even PSU/GPU damage if the cryptojacker overclocks the victim’s device.
It takes a lot of processing power to mine crypto, so hackers connect millions of cryptojacked devices to create a botnet, which then has the power to compute massive amounts of data.
Cryptojackers are commonly deployed through malware downloads, exploit attacks, and even hacked cloud services (Docker Hub, the popular cloud container service, was found to be hosting thousands of cryptojacking files that had netted hackers around $200,000).
A medium-sized botnet of 100,000 devices can mine $790,000 worth of cryptocurrency in 30-days. Considering that 64.1 million users were hit by cryptominers in 2019, it’s safe to say that cryptojacking is a very big business.
A denial-of-service attack (DoS) happens when hackers flood a web server by overwhelming it with bots or data packets, causing it to crash. This stops a website from being accessible to its intended users.
When multiple computers/systems are involved — all synchronized to attack a single target — it becomes a distributed denial-of-service attack (DDoS). This is a more severe attack that can flood a website more quickly and is harder to stop.
While DoS and DDoS attacks are different from other cyber attacks (which seek to gain unauthorized access and/or control to a device or information), they can still be a major threat to a company’s servers and revenue. DoS and DDoS attacks can usually be resolved in just a few hours. However, more extensive attacks can deny services for several weeks at a time.
In 2020, Amazon’s web shields defended against the largest DoS attack ever recorded, which attempted to flood Amazon’s servers with 2.3 Tbps (terabytes per second) worth of data.
10. Password Attack
A password attack is an attempt to steal a user’s password. Hackers use different methods to do this, such as:
- Keyloggers. Malware that registers a user’s keystrokes and sends them to the hacker.
- Brute force. Programs (e.g. hashcat) that can test millions of possible password/username combinations in a matter of seconds in an attempt to randomly uncover user passwords.
- Traffic interception. Software that monitors unsecured network traffic and captures any unencrypted passwords.
- Default passwords. Hackers trawl the web for insecure IoT (internet of things) devices, then spam them with well-known default passwords to gain entry into a network (e.g. the Mirai botnet).
- Data breaches. Data breaches like the 2021 LinkedIn breach can release hundreds of millions of logins simultaneously.
- And more.
How to Secure Your Devices from Cyber Attacks
A cyber threat report by Deep Instinct showed that attempted cyber attacks involving malware had increased by 358% in 2020. And that number keeps rising, which is why it’s so important to secure your devices from the latest malware threats. The best protection against cyber attacks is powerful internet security software (Norton is best). A good antivirus can provide several layers of protection, with features like:
- Malware scanner. Scans your system for malware threats already installed on your device.
- Real-time protection. Actively monitors your device and stops new malware threats from being downloaded or opened.
- Web protection. Protects you by blocking malicious web pages that host exploit attacks.
- Phishing protection. Scans emails and web pages for malicious links and prevents you from downloading or opening them.
- Firewalls. Monitors incoming and outgoing web traffic and prevents unauthorized access to your network.
- VPN. Masks your location by giving you a virtual IP address, making it difficult for hackers to track you.
- Password manager. Securely encrypts your login data and generates unique random passwords so that a single leaked login won’t endanger all of your accounts.
If you want to learn more about the best antivirus products currently available in the market, check out our list of the top 10 antivirus software of 2022.
Other ways to protect your devices from malware are:
- Keep your software updated. Exploit attacks and malware frequently target software vulnerabilities that have already been patched. These patches are released in software updates, so updating all of your software regularly is probably the single most important security measure that you can perform.
- Never download pirated software/media. Pirate sites frequently host trojans that masquerade as legitimate files but actually come bundled with harmful malware.
- Always use unique passwords across your accounts. Password managers such as Dashlane and LastPass can generate and store unique passwords.
- Check emails are from a trusted sender or business. Particularly if they include links you need to follow.
- Always check the URL of sites you visit. Be careful with unsecured websites (secure HTTPS sites will display a closed lock symbol in the address bar), and consider using a secure browser or extension that can force HTTPS connections.
Frequently Asked Questions about Cyber Attacks
Are cyber attacks increasing?
Yes. Cyber attacks are increasing. Over the past two decades, cyber attacks have been increasing exponentially. There are now more than 1 billion malware programs in existence, and it is estimated that 560,000 pieces of new malware are detected every day. That’s why it’s so important to protect your devices using a comprehensive antivirus suite like Norton 360.
What are some recent examples of cyber attacks?
Here are some notable cyber attacks that have been reported recently:
- A prominent hacking group targeted schools and universities in a phishing attack, stealing students’ Instagram, Amazon, Netflix, Facebook, and banking credentials.
- Hackers stole voter registration data during the 2020 US elections by spoofing legitimate websites.
- Facebook reported a plot by hackers to actively use its platform to spread malware and compromise user accounts. However, the company was able to disrupt this planned attack before it was successfully executed.
- Hackers in New Zealand were able to breach the country´s central bank, accessing customers´ personally identifiable information (PII).
Can cybercrime be stopped?
Unfortunately, no. Just as technology is constantly evolving, so too is cybercrime. Zero-day threats are on the rise and new malware variants are deployed every day, proving that hackers are constantly innovating and developing new methods to break even the strongest security protections. Cybersecurity is thus a constant battle of innovation between malicious hackers and white hat (ethical) programmers. However, most attacks can be prevented simply by using the right anti-malware technology — such as a powerful antivirus software like Norton.
Are mobile devices also at risk of cyber attacks?
Yes. Although traditionally there has been less malware directed at mobile devices, it is consistently on the rise. A 2020 report found that 40% of all mobile devices are exposed to cyber-attacks, with data leaks, open WiFi networks, phishing attacks, spyware, trojans, and viruses all being common mobile-device threats. The good news is that there are plenty of antivirus software companies that also protect your mobile devices as part of the same package, such as Norton. You can also take a look at our top picks for best Android antivirus and best iOS security app.