Do you know that businesses and individuals fall victim to cyber-attacks every year? The growing dependence on technology has paved the way for cybercriminals to exploit vulnerabilities and gain unauthorized access to sensitive information.

From phishing emails to ransomware attacks, several types of cyber threats can cause significant harm to your online security and privacy.

In this blog post, we will explore some common cyber threats you should be aware of and provide tips on protecting yourself from these potential dangers. Have you ever wondered what the most common cyber threats you should watch out for are? Keep reading to find out!

Cyber Threats Definition:

A cyber threat or cybersecurity threat is a malicious act done with the intention of stealing or damaging data or disrupting the digital wellbeing of an individual, organization, or system.

Cyberattack is attempted by cybercriminals, digital adversaries to access a computer network or system. The attempter’s try to access sensitive and valuable company resources, such as intellectual property (IP), customer data or payment details. It can be of various types such as data breaches, computer viruses, denial of service attacks, and so many.

Common cyber threats in Bangladesh:

In Bangladesh, cyber-attacks that often took place, caused loss of assets in very recent time. The number of attacks ratio is also going up with the increasing number of internet users.

Some common cyber threats in Bangladesh are:

• Malware
• DOS Attack
• Phishing
• Spoofing
• Identity Based Attack
• Code Injection Attack
• Supply Chain Attack
• Insider Threats
• DNS Tunneling
• IOT Based Attack

Malware: Any software or program designed with the intention of causing damage to a computer, network, or server is known as malware, or malicious software. Hackers can encrypt a victim’s files and demand a ransom payment in exchange for the decryption key. Ransomware, trojans, spyware, viruses, worms, keyloggers, bots, crypto jacking are some examples of malware.

DOS Attack: DOS stands for Denial of Service. A calculated attempt by hackers to stop usual traffic to a server, service, or network by flooding it with requests is known as a denial of service attack. It’s very common in telecom. For registered users, the rush of traffic may cause the targeted system to become fatigued, unresponsive, or completely inaccessible. There are several ways to carry out denial-of-service (DoS) attacks, including hitting the target with excessive traffic.

Phishing: Phishing is a type of cyberattack that involves using disguised emails or messages to deceive recipients into divulging sensitive information, downloading malware or taking actions that compromise their security. It is a common concern in the digital world because they can result in large financial loses and data breaches.

Spoofing: Spoofing is a scam in which criminals try to do a communication from an unknown source as being from a known, trusted source. Spoofing is applicable to webpages, phone conversations, and emails.

Identify Based Attack: An identity-based attack is a type of cyber-attack that aims to steal, manipulate, or misuse identity-related information, such as usernames, domain names, email addresses and so on.  Their main goal is often to gain unauthorized access to systems, data, or resources, commit fraud, or conduct malicious activities while pretending as legitimate users or entities.

Code Injection Attack: In this type of attack, malicious code is injected into an application through user input and the execution of this code by the server is done. In this attack, malicious code is written in the same language of the language used to run the application and when the interpreter reads and runs it thinking as same.

Supply Chain Attack: Supply chain attacks refers to attacking third party vendors providing services or software to an organization. In this attack, all the users of the infected services or software becomes prey. Supply chain attacks are difficult to detect, as they are performed on trusted and widely distributed software.

Insider Threats: Insider threats is a threat that is done by the insiders of an organizations such as employees, business partners, Ex-employees possessing important information regarding the organization. Many people also do it in the greed of money.

DNS Tunneling:  DNS tunneling is a hard-to-detect exploit that sends DNS requests to the attacker’s server, giving them a way to silently exchange data and execute command and control. DNS assists in converting IP addresses and domain names, acting as a phone directory for the internet.

IOT Based Attack: Cyberattacks known as “IoT-based attacks” use flaws in Internet of Things (IoT) devices to breach networks or obtain private information. This involves infecting IoT devices with malware, taking advantage of security flaws, or controlling the device to get access to private or corporate data. Device memory, firmware, web interfaces, physical interfaces, and networking services are common targets for attacks.