Current Threats & The Resolution

The first type of attack is centered around tricking / misleading users to give up sensitive information about themselves to people that are actively looking for data to collect from individuals who fall for those tactics. It can also lead to higher levels of phishing such as "whaling" which is centered around targeting executives, or "smishing" which is through SMS through mobile messages (Cyber). 

The goal behind this specific method of attack is that it aims to implant malicious software inside of a device with the goal to lock important data. Where the hackers then initiate and demand money in order to release that information back to the owner, with the threat usually coming to leak the information if the demands are not met.

This type of attack is set around Artificial Intelligence with them utilizing AI to craft more convincing phishing emails and task it to find vulnerabilities faster than a human could detect one.

This attack is set to target not the main target (Ex: Amazon), but rather one of the third party vendors/ software that is associated with the main target. In order to gain access to customer's systems, through software updates that the main company releases to the public.

The final type of attack is used for security lapses, that are improperly secured databases or exposed credentials that are existing in cloud services that are not fully protected, by companies, that are easily accessible (Cyber).

The first type of attack is centered around tricking / misleading users to give up sensitive information about themselves to people that are actively looking for data to collect from individuals who fall for those tactics. It can also lead to higher levels of phishing such as "whaling" which is centered around targeting executives, or "smishing" which is through SMS through mobile messages (Cyber). 

The goal behind this specific method of attack is that it aims to implant malicious software inside of a device with the goal to lock important data. Where the hackers then initiate and demand money in order to release that information back to the owner, with the threat usually coming to leak the information if the demands are not met.

This type of attack is set around Artificial Intelligence with them utilizing AI to craft more convincing phishing emails and task it to find vulnerabilities faster than a human could detect one.

This attack is set to target not the main target (Ex: Amazon), but rather one of the third party vendors/ software that is associated with the main target. In order to gain access to customer's systems, through software updates that the main company releases to the public.

The final type of attack is used for security lapses, that are improperly secured databases or exposed credentials that are existing in cloud services that are not fully protected, by companies, that are easily accessible (Cyber).

With the creation of a training program, and simply spreading more awareness at what to look out for to avoid being at risk of a cyber attack can go along way. No matter what industry you are in, being at risk of a cyber attack can happen anywhere, from work, to personal life (Cyber). By offering a course that can improve ones knowledge about it, can massively decrease the likelyhood of personal or company data being at risk.

This point is all about improving the detection tools that are geared towards preventing a cyber attack from happening initially, by ensuring these measures are up to date, will reduce the likelyhood of a cyber attack taking place.

This one is simply being able to identify which sites are malicious, and what not to do when browsing the web, which is downloading anything you see from the web. 

Which can be mischievous malware, to something that is not a threat at all. 

The risk and return value of this is not worth it, as one wrong download can lead to your system being taken over, and data being leaked.

By having someone who is knowledgable being in complete management of user access controls, of what people can and can't do is a good way to ensure no possible cyber attacks can be successful. 

Such as having it be restricted as to what people can download at a company, which can heavily reduce the chances of an attack being successful.

By conducting vulnerability assessments across all machines and penetration testing can also help to detect vulnerabilities in a system, before someone with malicious intent finds it is a good way to keep a system up to date (Cyber).