COMP3143›Cyber threat landscape

Cyber SecurityTopic 3 of 21

Cyber threat landscape

2 minread

394words

Beginnerlevel

Cyber Threat Landscape

The Cyber Threat Landscape refers to the constantly changing environment of cyber threats, attackers, attack methods, and vulnerabilities that organizations and individuals face in the digital world.

It helps us understand:

Who is attacking?
What are they targeting?
How are they attacking?
Why are they attacking?

1. Key Elements of the Cyber Threat Landscape

a) Threat Actors (Who attacks?)

Cybercriminals – Motive: money
Hacktivists – Motive: political or social causes
Nation-state attackers – Motive: espionage, warfare
Insiders – Employees or contractors who misuse access
Script kiddies – Amateur hackers using pre-built tools
Cyber terrorists – Motive: cause harm and fear

b) Threat Vectors (How attacks happen?)

Paths or methods used by attackers:

Phishing emails
Malware downloads
Exploiting software vulnerabilities
Compromised credentials
Social engineering
Ransomware
Network-based attacks (DDoS, MITM)

c) Targets (What is attacked?)

Personal data
Financial systems
Government networks
Critical infrastructure (power, water, transport)
Cloud services
Enterprise networks
IoT devices

2. Major Types of Cyber Threats

1. Malware

Harmful software like viruses, worms, trojans, spyware.

2. Ransomware

Encrypts data and demands payment for recovery.

3. Phishing

Fake messages trick users into giving sensitive info.

4. Social Engineering

Manipulating people to break security rules.

5. Advanced Persistent Threats (APTs)

Long-term, targeted attacks usually by nation-states.

6. Distributed Denial of Service (DDoS)

Flooding a server to make it unavailable.

7. Zero-Day Attacks

Exploiting unknown software vulnerabilities.

8. Insider Threats

Attacks from employees or trusted individuals.

3. Trends in the Modern Threat Landscape

a) Increasing sophistication

Attackers use AI, automation, and advanced tools.

b) Growth of ransomware-as-a-service

Cybercriminals rent ransomware tools like online services.

c) Cloud and IoT vulnerabilities

More devices = more attack points.

d) Supply chain attacks

Hackers target vendors to reach larger organizations.

e) Data breaches

Massive theft of personal and financial data.

f) Mobile attacks

Smartphones becoming major targets.

4. Factors Influencing the Threat Landscape

Rapid digital transformation
Widespread remote work
Lack of cybersecurity awareness
Increasing value of data
Global political tensions
Use of AI by attackers

5. Importance of Understanding the Threat Landscape

Helps organizations stay prepared
Supports better risk management
Enables faster threat detection
Improves defense strategies
Guides investments in cybersecurity tools and training

Conclusion

The cyber threat landscape is dynamic and constantly evolving, with attackers becoming more creative and dangerous. Understanding the landscape helps individuals and organizations strengthen their defenses and stay safe in the digital world.

Previous topic 2

Networks and the Internet

Next topic 4

Understanding security and information security principles

Past Papers

Open this section to load past papers

Click on Show Past Papers to see past papers.

COMP3143›Cyber threat landscape

Cyber SecurityTopic 3 of 21

Cyber threat landscape

2 minread

394words

Beginnerlevel

Cyber Threat Landscape

It helps us understand:

Who is attacking?
What are they targeting?
How are they attacking?
Why are they attacking?

1. Key Elements of the Cyber Threat Landscape

a) Threat Actors (Who attacks?)

Cybercriminals – Motive: money
Hacktivists – Motive: political or social causes
Nation-state attackers – Motive: espionage, warfare
Insiders – Employees or contractors who misuse access
Script kiddies – Amateur hackers using pre-built tools
Cyber terrorists – Motive: cause harm and fear

b) Threat Vectors (How attacks happen?)

Paths or methods used by attackers:

Phishing emails
Malware downloads
Exploiting software vulnerabilities
Compromised credentials
Social engineering
Ransomware
Network-based attacks (DDoS, MITM)

c) Targets (What is attacked?)

Personal data
Financial systems
Government networks
Critical infrastructure (power, water, transport)
Cloud services
Enterprise networks
IoT devices

2. Major Types of Cyber Threats

1. Malware

Harmful software like viruses, worms, trojans, spyware.

2. Ransomware

Encrypts data and demands payment for recovery.

3. Phishing

Fake messages trick users into giving sensitive info.

4. Social Engineering

Manipulating people to break security rules.

5. Advanced Persistent Threats (APTs)

Long-term, targeted attacks usually by nation-states.

6. Distributed Denial of Service (DDoS)

Flooding a server to make it unavailable.

7. Zero-Day Attacks

Exploiting unknown software vulnerabilities.

8. Insider Threats

Attacks from employees or trusted individuals.

3. Trends in the Modern Threat Landscape

a) Increasing sophistication

Attackers use AI, automation, and advanced tools.

b) Growth of ransomware-as-a-service

Cybercriminals rent ransomware tools like online services.

c) Cloud and IoT vulnerabilities

More devices = more attack points.

d) Supply chain attacks

Hackers target vendors to reach larger organizations.

e) Data breaches

Massive theft of personal and financial data.

f) Mobile attacks

Smartphones becoming major targets.

4. Factors Influencing the Threat Landscape

Rapid digital transformation
Widespread remote work
Lack of cybersecurity awareness
Increasing value of data
Global political tensions
Use of AI by attackers

5. Importance of Understanding the Threat Landscape

Helps organizations stay prepared
Supports better risk management
Enables faster threat detection
Improves defense strategies
Guides investments in cybersecurity tools and training

Conclusion

Previous topic 2

Networks and the Internet

Next topic 4

Understanding security and information security principles

Past Papers

Open this section to load past papers

Click on Show Past Papers to see past papers.