Top 5 Cyber Threats in Today’s Online World

Cyber Threats

We live online. Their is hardly anyone these days who does not know how to access the internet, and most everyone does so daily to perform even the most basic of activities. Banking, shopping, research, liking the hundredth meme you’ve seen that week, these are actions that are basically unimaginable without the internet.

Unfortunately, it’s also unimaginable to navigate online without the threat of a cyber-attack. To keep you aware and safe, below are the top five most common, and most devastating, cyber-attacks.


Ransomware is software with a malicious intent (another form of malware), but ransomware is also deployed by its host with the hopes it will be lucrative, resulting in a ransom paid in exchange for encrypted data. The encrypted (scrambled) files are essentially sold back to their owner with a key to recover the data, although no guarantee is promised that control will be released to the victim once the ransom is paid. Excessive amounts of time and money is lost while suffering from ransomware. Damage costs rose in 2019 to $11.5 billion, with attacks happening every 14 seconds worldwide.

Phishing Attacks

Phishing as we know has absolutely nothing to do with fish, but everything to do with the phrase “hook, line, and sinker,” with unwitting humans ready to take the bait. An attempt to gain sensitive information from an individual or company (or both), phishing emails are convincing, using real company logos, and clickable links that seem to lead to trustworthy websites where credentials or financial information is then stolen. Awareness and education are some of the best ways to decrease risk.

Leaked Data

With data as hot a commodity as gold these days, cyber criminals and data thieves are after any piece of personal information they can get their hands on. Portable storage devices, smart phones, tablets, and laptops are all targets and entry points for bad actors. Preventing data leakage from your organization should be your top priority, meaning all devices should have passcode locks with MFA (multi-factor authentication), GPS tracking, and encryption software at the very least.


Not all devices are portable, and to be hacked they don’t need to be. Remote entry gained into a company’s IT systems means not only is it likely they have access to financials, but also to intellectual property. Some are also surprised to find hacking can be done in-person. it’s called social engineering, where staff are tricked into revealing their passwords or other sensitive information, or even letting an intruder pass security into restricted areas. Access to networks and physical locations should be secured and protected by firewalls, policies and procedures, and with awareness and training.

Insider Threat

Accidents happen, but an accidental (or malicious) data leak from an employee is a huge security hazard. The fall-out from leaked documents, financials, or customer data could potentially dismantle an organization so it’s important to keep access to certain company files as limited as possible, with enough access to perform their job role. Monitoring employee behavior and use of portable storage devices will also help keep insider threats at bay, as well as well-developed processes, procedures, and employee training.

Hardware, software, passwords, applications, employees, etc.… there is so much detail involved in each and every business, and none of it should be glossed over or neglected. An Incident Response Plan should be in place in case any of the above attacks, threats or breaches should land on your doorstep. The goal is to have a plan, but to be secure enough that you’ll never need to use it.

If you need assistance with a strategic cyber plan contact Micropac. Schedule a meeting today: