• Support
  • Login
  • Contact
  • Blog
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    SERVICES
    • Active Security Services
      Test your security controls.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Critical Infrastructure
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard
  • Support
  • Login
  • Contact
  • Blog
  • Support
  • Login
  • Contact
  • Blog
SecurityScorecard SecurityScorecard
  • Products
    PRODUCTS
    • Security Ratings
      Identify security strengths across ten risk factors.
    • Security Data
      Get actionable, data-based insights.
    • Security Assessments
      Automate security questionnaire exchange.
    • Attack Surface Intelligence
      NEW
      On-demand contextualized global threat intelligence.
    • Automatic Vendor Detection
      Uncover your third and fourth party vendors.
    • Cyber Risk Quantification
      Translate cyber risk into financial impact.
    • Reporting Center
      Streamline cyber risk reporting.
    • SecurityScorecard Marketplace
      Discover and deploy pre-built integrations.
    SERVICES
    • Active Security Services
      Test your security controls.
    • Cyber Risk Intelligence
      Partner to obtain meaningful threat intelligence.
    • Digital Forensics & Incident Response
      Prepare to respond to any threat.
    • Third-Party Risk Management
      Reduce risk across your vendor ecosystem.
    BUY NOW
    • Compare All Plans
      Choose a plan that's right for your business.
    • Try Free Account
      Make informed decisions with confidence.
    • Buy Pro Now
      Add automated event responses.
    • Buy Business Now
      Expand on Pro with vendor management and integrations.
    • Request Enterprise Demo
      See the capabilities of an enterprise plan in action.
    icon__SSClogoMark icon__SSClogoMark

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Solutions
    BY USE CASE
    • Compliance
    • Cyber Insurance
    • Digital Forensics
    • Due Diligence
    • Enterprise Cyber Risk
    • Executive-Level Reporting
    • Incident Response
    • Regulatory Oversight
    • Third-Party Risk
    BY INDUSTRY
    • Critical Infrastructure
    • Enterprise
    • Financial Services
    • Government
    • Healthcare
    • Insurance
    • Retail & Consumer
    • Technology
    Help your organization calculate its risk
    View All Solutions
  • Customers
    OUR CUSTOMERS
    • Customer Overview
      Trusted by companies of all industries and sizes.
    • Peer Reviews
      Find out what our customers are saying.
    SUCCESS AND SUPPORT
    • Customer Success
      Receive award-winning customer service.
    • Support
      Get your questions answered by our experts.
    COMMUNITY
    • SecurityScorecard Connect
      Engage in fun, educational, and rewarding activities.
    • Connect Login
      Join our exclusive online customer community.
    icon__SSClogoMark icon__SSClogoMark
    Understand and reduce risk with SecurityScorecard.
    Free account sign up
  • Partners

    Partner Program Overview

    Partner with SecurityScorecard and leverage our global cybersecurity ratings leadership to expand your solution, deliver more value, and win new business.

    Learn more
    • Locate a Partner
      Access our industry-leading partner network.
    • Value-Added Resellers
      Enter new markets, deliver more value, and get rewarded.
    • Managed Service Providers
      Meet customer needs with cybersecurity ratings.
    • ISAC Partner Program
      Learn more about the industries we support and ISAC member benefits.
    • Technology Alliances
      Access innovative solutions from leading providers.
    • SCORE Portal Login
      Use the SCORE Partner Program to grow your business.
    • SecurityScorecard Marketplace
      Find a trusted solution that extends your SecurityScorecard experience.

    Understand and reduce risk with SecurityScorecard.

    Free account sign up
  • Resources
    RESOURCES
    • Resource Center
      Explore our cybersecurity ebooks, data sheets, webinars, and more.
    • SecurityScorecard Blog
      Read the latest blog posts published weekly.
    • Research & Insights Center
      Access our research on the latest industry trends and sector developments.
    • SecurityScorecard Academy
      NEW
      Complete certification courses and earn industry-recognized badges.
    TOOLS AND DOCUMENTATION
    • Free Security Rating
      Get your free ratings report with customized security score.
    • Product Release Notes
      Visit our support portal for the latest release notes.
    • Free Account Signup
      Start monitoring your cybersecurity posture today.
    • Chrome Extension
      NEW
      Show the security rating of websites you visit.
    • Assessments ROI Calculator
      Calculate the ROI of automating questionnaires.
    Trust begins with transparency. Take a look at the data that drives our ratings.
    Learn more
  • Company

    Working at SecurityScorecard

    Committed to promoting diversity, inclusion, and collaboration–and having fun while doing it.

    Join our team
    • About Us
      SecurityScorecard is the global leader in cybersecurity ratings.
    • Leadership
      Meet the team that is making the world a safer place.
    • Press
      Explore our most recent press releases and coverage.
    • Events
      Join us at any of these upcoming industry events.
    • Policy Insights
      Raising the bar on cybersecurity with security ratings.
    • Careers
      APPLY TODAY
      Come join the SecurityScorecard team!
    • Contact Us
      Contact us with any questions, concerns, or thoughts.
    • Trust Portal
      Take an inside look at the data that drives our technology.
    • Help Center
      We are here to help with any questions or difficulties.
Request a demo
SecurityScorecard SecurityScorecard
BLOG

20 Cybersecurity Threats to Protect Against in 2021

01/07/2021

Everyone hopes that by ringing in the new year, they go out with the old and in with the new. Unfortunately, in cybersecurity, the old rarely goes out while the new still keep coming in. As organizations look to enhance their cybersecurity posture for 2021, they need to consider these 20 cybersecurity security threats to protect against.

20. 1=1 SQL injection

Structure Query Language (SQL) is a coding language used in web-based databases and servers that programmers use to organize information into readable tables. SQL injection attacks considered one of the oldest and least sophisticated cyberattacks, use malicious code to replace the web application’s login page. When users enter their name/ID and password, the cybercriminals can steal the credentials.

A 1=1 attack exploits vulnerabilities in the user tables, the code that matches people to passwords. The underlying code, for example, links to a table that matches a specific “username” with the associated “password.” In SQL, 1=1 means that a value is “true.” In a 1=1 SQL injection, the malicious code removes the definitions and replaces them with “1=1.” By doing so, any entry in the forms is automatically “true.” Once they insert this code, cybercriminals can then put “admin” for the username and anything in the “password” box to gain unauthorized access.

19. Union-based SQL injection

With a union-based SQL injection, malicious actors infiltrate the system tables rather than the user login tables. System tables define how users and information are linked together which is how the attack gets the name “union.” In this attack, cybercriminals set the code so that the system returns an error. That error message indicates what information led to the error. Most systems have similar types of tables on the backend, such as database, user, username, and password. Cybercriminals look to retrieve the content of the table, and if they’re wrong, the error message tells them what information is missing. They can then ask how many columns the table has and keep using error feedback until the system shows the data list.

18. Stored cross-site scripting (XSS) attack

Cross-Site Scripting (“XSS”) exploits web applications by targeting user browsers while they enter information. In a stored XSS attack, the malicious actors place code into something that looks legitimate, such as an image or comment on a web page. Every time someone visits the page with the malicious code, that person downloads and executes that malicious code. Although XSS attacks are common, they are also effective. Problematically, a simple stored XSS attack is often the first step in a more sophisticated attack.

17. Reflected cross-site scripting

A reflected XSS attack usually stores the malicious code in the URL, rather than in an element on the page such as an image. Every time someone clicks on the link, that person executes the code. Often, links in phishing emails will be so long that hiding the malicious code in them is easy. For example, www.fakewebsite.com/something/somethingelse/maliciouscode/realinfo/. Another way that cybercriminals insert the code is in the search function of the website. When someone types in the search, they get a webpage with the results that often has a long and confusing URL like www.fakewebsite.com/search?q=something/. Cybercriminals insert the malicious code into that URL, www.fakewebsite.com/maliciouscodesearchq?=something. This then executes the code.

16. Browser extension

Extensions are codes with special privileges that add functionality to a browser, such as Chrome, Safari, or Firefox. However, because these small programs download to the browser and change what it can do, they also create an opportunity for malicious actors. Once a user installs a malicious extension, anyone who uses the browser is at risk. Additionally, malicious browser extensions can collect sensitive information sent through other extensions, such as a password manager.

15. Spyware/Adware

Spyware, or Adware, is software that creates pop-up ads to appear when users search the internet, such as those asking for them to subscribe to newsletters. When the pop-ups appear in the user’s browser, they run code that cybercriminals use to collect information such as user names or passwords.

14. Spear phishing

Spear phishing, a type of social engineering attack, occurs when cybercriminals target users at an organization by sending fake emails that have malicious links or downloads attached. They often use legitimate-looking “sender” information and rely on users’ emotions to get them to take action. For example in March 2020, spear-phishing attacks increased by 667% as cybercriminals leveraged people’s concern around the COVID-19 pandemic.

13. Whale phishing

Similar to spear phishing, whale phishing involves sending phishing emails to senior leadership or management team members who might have privileged access, such as Chief Executive Officers (CEOs) or Chief Financial Officers (CFOs). These users can often access sensitive corporate information or approve wire transfers. Then, the cybercriminals either gain unauthorized access to important data or perpetrate financial fraud.

12. Social media phishing

With social media phishing, cybercriminals look to obtain unauthorized access to a company’s social media accounts. Then, they either send malicious links to followers or post fake contests that require users to input information. For example, in 2020, malicious actors gained access to 130 social media accounts that led to $180,000 in Bitcoin.

11. Ransomware

Often, other attack methods such as phishing, are used to distribute ransomware. Ransomware is a type of malicious software, or malware, that installs on a user’s computer and encrypts the information. Encryption scrambles information, making it unreadable. Then, the cybercriminals ask for a “ransom,” often in the form of cryptocurrency. In recent years, ransomware attacks have started to steal the data as well because many organizations have strengthened their data backup and recovery processes, meaning that they did not need to unencrypt the information.

10. Trojan malware

Trojan malware, similar to the Greek Trojan Horse, disguises itself as legitimate software. For example, Trojan malware can pretend to be free antivirus software, but once downloaded, it executes, runs in the background, and steals data.

9. Buffer overflow

A buffer overflow attack is a type of Denial of Service (DoS) attack, where cybercriminals send the targeted network so many requests that it ultimately shuts down. Buffers temporarily hold data while it transfers from one device to the next. In a buffer overflow attack, cybercriminals overload the buffer’s storage capacity. When the network reroutes the information, the lack of “buffer” storage means that the data can be damaged or exposed.

8. ICMP flood

Also referred to as a ping flood, ICMP flood is another type of DoS attack. In an ICMP flood attack, malicious actors overwhelm the network with request packets or formatted units of data. When the network attempts to respond, the incoming and outgoing data use too much bandwidth, shutting the network down.

7. SYN flood

A SYN flood is a Distributed Denial of Service (DDoS) attack that uses multiple devices, increasing the severity and making it more difficult to trace. SYN flood attacks leverage the Transmission Control Protocol (TCP) that allows devices to talk to one another over a network. The synchronize (SYN) is the request a device sends asking to connect to the network. Once sent, the network responds with the synchronize-acknowledge (SYN-ACK) packet, agreeing to the process. Finally, the original device sends the acknowledge (ACK) packet, giving a digital “RSVP” before finally connecting. This process, known as the “TCP handshake” makes sure that data is received in the correct order. In a SYN flood attack, malicious actors create fake IP addresses and use multiple servers to send a large number of connect requests. However, the cybercriminals’ devices never send the final “RSVP,” leaving the network overwhelmed with requests and unable to respond to legitimate requests.

6. UDP flood

UDP stands for “User Datagram Protocol,” a communication protocol that enables rapid data transference between computers on a network by confirming that the targeted device can accept data, sending information all at once, and checking to ensure that it arrived. In a UDP flood attack, malicious actors use fake or “spoofed” IP addresses. When the targeted server tries to check that the spoofed IPs can receive data, it gets no response answer. The malicious actors send so many requests from so many different locations, none of which respond that they can accept packets, which ultimately leaves the server sending out messages but not being able to receive any. This shuts down the server which shuts down all data sharing between devices on the network.

5. Dictionary attack

Dictionary attacks take advantage of poor password hygiene. Cybercriminals can use lists like SecLists/Passwords/Common-Credentials in conjunction with software to try to find a login ID/password combination that gives them access to an organization’s networks, systems, or applications. Some of the most successful attacks arise from administrative accounts that still have default passwords attached to them. For example, the default router usernames and passwords can be found online. Many of the usernames are “admin” and the default passwords are also located on the most used passwords list. This means that a dictionary attack for any of these devices would give cybercriminals privileged access to those resources.

4. Brute force attack

Brute force and dictionary attacks are often confused with one another because they both look to infiltrate systems by exploiting weak passwords. However, while a dictionary attack uses a list of well-known passwords, a brute force attack tries every possible combination of login and password. Although brute force attacks are more complex, they may also take into account the most commonly used passwords and prioritize those. They also take longer to complete and may make assumptions based on common password rules, including capitalization of the first letter or the number 1 at the end.

3. Eavesdropping attack

This network attack can also be called snooping or sniffing. An eavesdropping attack leverages an unsecured network, such as a home WiFi connection, to access the data as it is transmitted from a device to a server. Because the network is not secure, cybercriminals can place network monitors on a server or computer to capture the data-in-transit. Ultimately, any device sending or receiving information on the network is at risk.

2. Man-in-the-Middle (MiTM) Attack

A man-in-the-middle attack is a specific type of eavesdropping attack that often exploits public WiFi connections. During a MiTM attack, the malicious actors change or steal the data transmitted across the network. For example, if a user is accessing their bank account using a public WiFi network, the malicious actors can steal the account login information which can lead to identity theft.

1. DNS Tunneling

The domain name system (DNS) is the set of rules for translating numeric IP addresses into memorable text. For example, when a user types in www.fakecompany.com the actual address looks like this 10.10.10.10. Since people would have a hard time remembering the number, the DNS server translates it into a text-based URL. Because DNS is required for internet communications to work, it is a trusted set of rules for sending and receiving digital information. In a DNS tunneling attack, the attacker exploits this trust. Malicious actors deploy malware on a device and set up a fake domain like www.badfakecompany.com. Then, they create a subdomain such as www.badfakecompany.com/stealing. They then configure the subdomain to catch data going to the legitimate website so that when the infected device tries to communicate with the legitimate website, the cybercriminals’ subdomain intercepts the communication, enabling the malicious actors to steal the data.

SecurityScorecard protects against cybersecurity threats

SecurityScorecard’s security ratings platform provides an outside-in look at your organization’s and supply chain’s security postures. We passively monitor your ecosystem across ten risk categories including DNS health, network security, endpoint security, web application security, IP reputation, patching cadence, information leak, hacker chatter, and social engineering. Our easy-to-read A-F ratings give you at-a-glance visibility into your controls’ effectiveness while our platform provides actionable remediation steps to help you mature your security posture.

Return to Blog
Join us in making the world a safer place.
FREE ACCOUNT SIGN UP
Products
Solutions
Customers
Marketplace
Partners
Resources
Company
Trust Portal
Security Ratings
Login
Blog
Contact
Careers

SecurityScorecard
Tower 49
12 E 49th St
Suite 15-100
New York, NY 10017

[email protected]

United States: (800) 682-1701
International: +1(646) 809-2166
Social-linkedin Social-facebook Twitter Instagram Youtube