Cyber Security: Common Threats, Vulnerabilities, and Impacts

There are many ways that the data you are trying to protect can be compromised. Today’s attackers are experts at exploiting weaknesses of any type, attacks can originate in the digital space, the physical world, or through social interactions. Here are some examples of these vulnerabilities and descriptions of how they can be exploited.

Scenario 1

Vulnerability

The company still uses computers and servers with out-of-date operating systems, such as Windows 7 or Windows Server 2008.

Threat

Machines that use out-of-date operating systems no longer receive security updates and patches. In other words, there are no fixes for flaws or vulnerabilities that hackers may discover within these systems.

Impact

Theft or destruction of sensitive information, installation of malicious software such as ransomware, modification of user accounts to provide additional privileges to the attacker, and creation of additional back-door accounts to allow for future access and attacks.

Scenario 2

Vulnerability

The company does not encrypt CUI or sensitive information that is kept on mobile devices such as laptops or removable thumb drives.

Threat

Devices that are removed from a company’s offices are subject to loss or theft. If this happens, an attacker who steals or recovers the device will be able to view all of the information that the device contains.

Impact

Loss or theft of information and the inability to track where that information has gone for reporting purposes.

These are just a couple examples of potential threats that an organization can deal with on a day-to-day basis. For additional scenarios and for any specific questions regarding your own cybersecurity needs, contact AIM’s Cybersecurity Coordinator Paul LaPorte by phone at 315-624-9800, or by e-mail at [email protected]