Related: Cyber attacks drive insurance purchases in early 2015

You're invited to join us on Facebook!

(Photo: Thinkstock)

1. Botnets

Botnets are large networks of infected computers (sometimes called bots) under the control of a computer hacker. Hackers can use the distributed computing capabilities of botnets to send millions of spam emails, launch distributed denial-of-service attacks, conduct widespread theft of banking credentials, enable the mass installation of ransomware, and many other activities.

Related: Meet the winner of NU's 2015 Excellence in Cyber Security Risk Management Award 

(Photo: Thinkstock)

2. Denial of service and distributed denial-of-service

In these malicious attacks, hackers interrupt a website or computer network to prevent a company or its customers from accessing it.

According to Techopedia, a distributed denial-of-service (DDoS) is a type of computer attack that uses a number of hosts to overwhelm a server, causing a website to experience a complete system crash. This type of denial-of-service attack is perpetrated by hackers to target large-scale, far-reaching and popular websites in an effort to disable them, either temporarily or permanently. This is often done by bombarding the targeted server with information requests, which disables the main system and prevents it from operating. This leaves the site's users unable to access the targeted website.

DDoS differs from a denial-of-service (DOS) attack in that it uses several hosts to bombard a server, whereas in a DoS attack, a single host is used.

Related: Hacked! The cost of a cyber breach, in 5 different industries

(Photo: Thinkstock)

3. Internal threats

Employees can be the weakest link in an organization's defenses. Costly errors and intentional malicious activity can lead to serious consequences, including the loss of sensitive data, financial theft and unauthorized access to network resources.

The best way to prevent cyber incidents by employees is to ensure that they are trained to be continually aware of the seriousness of protecting the company's data.

Related: 7 Cyber risk stakeholders and why they matter

(Photo: Thinkstock/KeremYucel)

4. Exploits

Malware relies on flaws in computer software and hardware to function.

Sometimes a programming mistake can be exploited to gain escalated privileges, install additional malware or instruct a computer to perform unintended commands. Malicious code that takes advantage of these weaknesses are often termed "exploits."

Related: The Dark Web: A look into the cyber criminal underworld 

(Photo: Thinkstock)

5. Hacktivists

Hacktivists wreak havoc on a company's or organization's website or systems to promote a social or political cause.

The best known hacktivist group is Anonymous, described by USA Today as "an amorphous group of hacker activists who have inserted themselves into several conflicts worldwide. There is no one Anonymous group but rather several individuals and groups that make statements and take action under the broad umbrella of the name." Anonymous has made claims that will destroy ISIS through its hacking activities.

Related: 4 common but dangerous cyber threats and steps to address them

(Photo: Shutterstock)

6. Malware

Short for malicious software, the term "malware" describes the spectrum of tools used nefariously by cybercriminals to hack computer networks including exploitation kits, computer viruses, network worms and remote access trojans.

According to Technopedia, some forms of malware "spy" on user Internet traffic. Examples include spyware and adware. Spyware monitors a user's location and if enabled, it can capture sensitive information, for example, credit card numbers, promoting identity theft. Adware also acquires user information, which is shared with advertisers and then integrated with unwanted, triggered pop-up ads.

Related: Nearly 20% of company devices communicate with criminals 

(Photo: Thinkstock)

7. Network reconnaissance

Just as a common thief canvasses a neighborhood looking for vulnerable homes, a computer hacker often uses automated tools to scan large blocks of the Internet looking for systems and software to exploit.

After finding targets of opportunity, the hacker's next step is to identify the ones that may contain data or services that can be monetized.

(Photo: Shutterstock)

8. Ransomware

Modern ransomware attacks often use advanced encryption techniques to render a victim's data useless until the hacker's demands are met or a sum of money is paid.

Additional terms for ransomware include "crypto-virus," "crypto-Trojan" or "crypto-worm."

A well-known ransomware that surfaced on the Internet in 2013 is called CryptoLocker.

Related: Cyber crime: The gift that keeps on giving

(Photo: Shutterstock)

9. Social engineering

Not all attacks are technically sophisticated. Social engineering involves classic deception to trick individuals into parting with their data and funds.

In some instances, employees are misled into making a payment to a fraudster posing as a client or vendor through email, fax or even over the phone. Generally, the person emailing or calling has just enough information to sound legitimate.

Related: Social engineering scams: How hackers are stealing from your clients 

____________

How can you transform your risk management preparedness and response strategy into a competitive advantage?

Introducing ALM's cyberSecure — A two-day event designed to provide the insights and connections necessary to implement a preparedness and response strategy that changes the conversation from financial risk to competitive advantage. Learn more about how this inaugural event can help you reduce risk and add business value.