The core functionality of cybersecurity involves protecting information and systems from major cyberthreats.
These cyberthreats take many forms (e.g., application attacks, malware, ransomware, phishing, exploit kits). Unfortunately, cyber adversaries have learned to launch automated and sophisticated attacks using these tactics – at lower and lower costs.
As a result, keeping pace with cybersecurity strategy and operations can be a challenge, particularly in government and enterprise networks where, in their most disruptive form, cyberthreats often take aim at secret, political, military or infrastructural assets of a nation, or its people.
Some of the common threats are outlined below in more detail.
Cyberterrorismis the disruptive use of information technology by terrorist groups to further their ideological or political agenda.
This takes the form of attacks on networks, computer systems and telecommunication infrastructures.Cyberwarfareinvolves nation-states using information technology to penetrate another nation’s networks to cause damage or disruption. In the U.S. and many other nations, cyberwarfare has been acknowledged as the fifth domain of warfare (following land, sea, air and space). Cyberwarfare attacks are primarily executed by hackers who are well-trained in exploiting the intricacies of computer networks, and operate under the auspices and support of nation-states. Rather than “shutting down” a target’s key networks, a cyberwarfare attack may intrude into networks to compromise valuable data, degrade communications, impair such infrastructural services as transportation and medical services, or interrupt commerce.
Cyberespionage is the practice of using information technology to obtain secret information without permission from its owners or holders. Cyberespionage is most often used to gain strategic, economic, political or military advantage, and is conducted using cracking techniques and malware.