Brute Force Attack

This is a very sophisticated software or algorithm that is written to do whatever it can to attack your system, by searching for vulnerabilities. In many cases, the malware attacks a password-protection mechanism.

The brute force attack will use specially designed software to go through hundreds of thousands of different words, combinations of words, and numbers to try to crack your password, said Caracciolo. He added: “They will even go through every word in the dictionary to see if they can access something like a password.”

Social Engineering/Cyber Fraud

“If you're in the treasury department, and I send you an email that looks like it's coming from the CEO or CFO requesting that you 'wire funds on the merger acquisition that we have pending, I would like that money wired today—this is your authorization to get it done,' whoever is working in that accounting or treasury department will wire the money,” said Caracciolo.

He added that the thieves are not attacking your system; they're attacking individuals and the company's wire-transfer policies and procedures: “We're seeing a prevalence of that today, and that's significant because the losses tend to be in the seven figures. This type of attack doesn't target data, it targets the money, and once it's transferred it's unlikely that you're able to retrieve that money.”

Distributed Denial of Service (DDoS) Attack

This happens when a server is overloaded with connections, with a goal of ultimately shutting down the target's website or network infrastructure. “This is just where [hackers] are overloading your system, hoping it will shut down your network and you will not be able to operate your business,” Caracciolo said.

Phishing Attacks

Phishing may be the most commonly reported form of cyber attack, said Caracciolo, and keeping up with the methods of some phishing attacks is proving to be very difficult.

There are various types of phishing attacks, and the type that is used usually depends on the industry. “Hackers send out hundreds of thousands of emails [with an attachment or link] hoping that someone will click on them,” he added. “That's the hacker's means to access your system.” Once you open it, you're giving them access to your computer system and the information on it.

“Once they're in, then they're able to really attack the software's vulnerabilities, whether it's personal passwords, firewall or lack thereof, or unpatched status security software.”

Viruses, Worms, Spyware, and Ransomware

Each of these types of attack has its own objectives. All are attacks on your software, your systems, your theft prevention software—getting access through any one of the malware-type attacks.

“It's basically a malicious software with the intent to gain unauthorized access, and that could include viruses, spyware,” Caracciolo explains. “More recently, we've see ransomware, where they'll lock down your system and essentially say 'We have your data; if you want it back you're going to pay a ransom and we'll let you gain access back to your information.'” Caracciolo added that there are also Trojan horses and key loggers that track keystrokes to gain access to passwords or gain access to your system.

Some malware erases all the information contained on the user's hardware. And malware often targets individuals who aren't with the IT department and may not have the same level of sophistication, or may not even be paying attention, he noted. “You're busy, you get an email, you don't pay much attention to who it's from or if it's an accurate email address. You click and allow them access to your system. It's as simple as that. Whether it's a link or an attachment, you basically provide that malware into your system, which will then accomplish whatever the objective is.”

Spyware is software that hackers introduce into your system that looks for the simplest way to track keystrokes to get passwords or electronically spy on your network, whether to gain access to confidential information or to gain access to unidentifiable information.

A “worm” is similar to a virus, but it spreads differently. In order to affect your files, a worm eats into your system and runs on its own. If a worm is introduced into your system, it could replicate by resending itself from your system to everyone in your contacts list; so one person lets it in and then it just compounds itself. Depending on how it's written, it could get back to every contact on your list.