Cyberattacks - the 4 most common cyber threats in 2022
4 May 2022 / Article
The geopolitical situation has changed the threat landscape for companies and organisations. Digitalisation is the premium growth factor for Swedish companies, but the transformation also brings with it a digital commercial risk. And as a result, more and more companies have come to understand the importance of developing a readiness to deal with cyberattacks – and cybersecurity has quickly become one of the highest priority areas for most businesses. But what does the threat landscape actually look like, and what are the most common forms of cyberattack that currently pose a threat to Swedish businesses? In this article, we review four common types of cyberattack and explain what the attackers are trying to achieve through these different approaches.
Private individuals and companies alike can be targeted by numerous different types of cyberattacks. The attack types differ, both when it comes to the attackers’ approaches and their underlying purpose. In some cases, the attackers are trying to gain access to confidential information or to sabotage, while in others, it’s about stealing data to demand a ransom from the organisation attacked. We’ve listed some of the most common types of cyberattacks below, to help you develop a better understanding of companies’ vulnerabilities to these threats.
4 common types of cyberattacks
Ransomeware attacks
Ransomware attacks are one of the most common types of cyberattacks. In attacks of this kind, the attacker will often use some form of phishing, i.e. they send emails containing harmful links or attachments to employees within the organisation. When one of the recipients opens the attachment, the attacker gains access and can use malware to navigate through the operations’ systems and gain control of files and other data via encryption. The attacker then demands a ransom to decrypt the files and restore access to the information they have kidnapped.
Today’s ransomware attacks take place on a large scale and the people behind the attacks use a wide-ranging and indiscriminate method that often involves attacking large numbers of companies, organisations, and individuals at the same time. The hostile parties behind these attacks are often, to all intents and purposes, well-run “organisations” that operate like normal companies and whose primary focus is on making a profit.
Jesper Blomé, Head of Security & Compliance at Iver says it's important to remember, in connection with this type of attack, that the attacker’s objective is to make money and may not, first and foremost, be to gain access to some specific information.
Organisations who have the attitude that they don’t have any data worth stealing need to remember this. All that matters to this type of attacker is that the information is sufficiently important to the person from whom they’ve stolen it.
DDoS attacks
DDos attacks are another common type of attack. DDos stands for Distributed Denial-of-service, and the attacker’s goal, during this type of attack, is to overload a website or function and thereby make the resource unavailable to legitimate users. In purely practical terms, it involves the attacker using a botnet made up of millions of units flooding a target machine or resource with huge numbers of requests at the same time, resulting in an overload and the service or system locking up and becoming unavailable.
– DDoS is a type of attack that can be carried out relatively cheaply by an attacker but which has major consequences for the target, in that a service’s or server’s entire functionality is eliminated. The damage caused by this type of attack is, however, usually transient – when the attack ends, the infrastructure is still intact and as a result, it’s a type of attack that’s relatively easy to recover from in purely technical terms, says Jesper Blomé.
Cyber espionage
Espionage is nothing new, but as digitalisation has increased, it has moved to the digital arena and grown in both magnitude and frequency. Cyber espionage is usually the work of a foreign government, and its aim is to gain access to official secrets or to collect significant amounts of information intended to be confidential. Cyber espionage can also target companies conducting operations of critical importance to society, such as manufacturers of defence materials, or organisations such as the Swedish Armed Forces, or others with an important role in our society.
We often see links to States such as China, Russia, and Iran – who engage in systematic cyber espionage against both government organisations, private companies, and private individuals in conjunction with this type of attack. The threat landscape for companies in connection with this type of cyberattack is complex, and defence against these attacks can be difficult in that they also pose a potential threat to those who are not the espionage’s primary target.
– The fact that the Iranian government systematically persecutes individuals in Sweden who they regard as a threat to their own State can, indirectly, pose a threat to a company with employees who have links to Iran. Which means there can also be an indirect threat landscape for companies too, in this respect, says Jesper Blomé, Head of Security & Compliance at Iver.
Cyberterrorism, sabotage and disinformation
The increasing digitalisation of society at large has created a new digital arena for nation states, extremist groups and terrorists to engage in terrorism and disinformation campaigns. Cyberterrorism can be summarised as cyberattacks designed to take out or disrupt major, fundamental societal functions, to disrupt the prevailing social order, to cause unease, and to spread fear amongst the public.
And whilst the digitalisation of societal processes offers substantial benefits in the form of increased efficiency and financial savings, the digital management of societally important functions also increases the degree of vulnerability. Today’s cyberterrorists can now, potentially, use an attack to affect the operational ability of core functions such as drinking water supplies, the electricity grid, or the medical sector. Another form of cyber threat associated with terrorism involves attacks in the form of a virus infection, or of DDos attacks on societally critical operations – or on news sites that can be made unavailable to the population in order to disrupt the social order.
We’ve seen an increase in the number of attacks in the Nordic region since war broke out in the Ukraine.
– Companies with direct links to Ukraine (and, to some extent, Russia) are the ones who have been hit hardest. Many people are aware that the Ukrainian authorities have been repeatedly targeted by cyberattacks since war broke out – and they still are – but even in Sweden, banks with operations in the Ukraine, IT companies with personnel there, and even companies operating in the retail sector etc., have been targeted and are seeing a changed threat landscape, says Jesper Blomé.
Would you like help with your cybersecurity work? We have extensive experience of designing and implementing security solutions that are tailored to your organisation’s specific requirements when it comes to proactivity, accessibility, and security.
Find out more about Iver’s cybersecurity offering.
