COMMON CYBERTHREATS scareware uses social engineering to take advantage of a user’s fear, coaxing them into installing fake antivirus software. Social engineering is a serious and ongoing threat to many organizations and individuals. Education is the first step to prevent falling victim to clever attackers using increasingly sophisticated strategies to gain access to sensitive data.
VIRUSES, WORMS, AND TROJAN HORSES Viruses, trojan horses, and worms are just a few terms used to describe malware. They are programs installed remotely to disable systems, acquire information, or gain access to internal systems. Malware is software written with the intent to damage, exploit, or disable devices, systems, and networks. It is used to compromise device functions, steal data, bypass access controls, and cause harm to computers and other devices and the networks they are connected to.(It is often placed on a computer through social engineering tactics). Ransomware is a type of malicious software that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data. Employees can unknowingly download malware or ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that’s embedded with malware (often placed on a computer through a social engineering tool like phishing). Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions encrypt files and folders on local drives, attached drives, and even networked computers. Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments. A further complication of ransomware is that traditional antivirus software does not detect/eliminate it. Instead, there is a need to consider upgrading your end-point technology to include strong ransomware detection and response components. 7


