There are several different types of cyber threats for information security experts to be aware of. The threat types can be broken into various categories based on the reason for the attack or the type of attack. The three most common types of threats are cybercrime, cyberattacks and cyberterrorism.
Here are a few of the most common methods used to initiate a cyberattack:
Malware: This is an abbreviation for "malicious software," and it is exactly that. It includes several types of software like adware, botnets, spyware, viruses and ransomware. This threat type relies on getting someone to install software, or forcefully installing software, onto their device.
Phishing: This is a common type of cybercrime that targets people through email. Phishing emails often rely on posing as a legitimate entity, like a bank or the IRS, in order to get users to hand over sensitive data. Similar scams are often carried out through the mail or through phone calls/text messages.
Denial of service (DoS): A denial of service attack aims to prevent computer systems, such as a website, from performing basic functions and requests by overwhelming the server with illegitimate traffic. Many notable denial of service attacks have occurred in the form of a distributed denial of service attack (DD0S) that relies on several computers rather than a single device.
Man-in-the-middle attacks: Man-in-the-middle attacks rely on unsecure networks to intercept sensitive data being transferred between two parties. An example of this attack would be someone breaking into a public Wi-Fi network and intercepting the bank password of someone accessing their checking account.
A cybercriminal may use any of these methods to commit a cyberattack, cybercrime or cyberterrorism. The main elements that determine which category a threat fits into are the scale of the attack and the goal. For instance, cyberterrorism may be committed against a government or major company, while a cybercrime can be committed against an individual.