Threats To Information Security

What Are The Threats To Information Security?

Cyber Security

Today, we rely on data more than ever. But the more we rely on it, the more threats to information security there are. What are these?

Let us dig deeper into that in this article.

Threats To Information Security

There are many kinds of threats to information security (Infosec). These threats are the risk of experiencing an attack. There are six main kinds of these threats:

  • Social Engineering
  • Man in the Middle (MitM)
  • Malware and Spyware
  • Distributed Denial of Service (DDoS)
  • Passwords Attacks
  • Advanced Persistent Threats (APT)

We will cover some of these six below.

Kinds of Threats to Information Security

Social Engineering

This is the act of manipulating people to do any kind of action. Thus, in the end, victims may not be aware that they already divulged sensitive info.

So, some social engineering attacks are:

  • Phishing. This is the most common one. Most of the time, attackers send fraudulent emails. These emails may look legit from a reputable company but with an attached malware. Then, it may urge users to click a link and leading them to hand over sensitive info.
  • Spear Phishing. Another kind of phishing that only targets those with security privileges. Like system admins or senior executives.
  • Homograph Attacks. Attackers make a website of a well-known company that looks real. Then, those who did not notice it being fake may pass their credentials to the attacker.

Man in the Middle (MitM)

MitM attacks is when users access a remote system on the internet. They may think they are connected to the server. But without knowing, attackers put themselves in the middle.

So, once they are there, they may steal vital information. Some of these attacks are:

  • Session Hijacking. Attackers hijack a session between the client and the network. Then, they copy the IP address of the client. So that the server will think they are still connected with the client.
  • Eavesdropping Attack. Attackers make use of any opening in the network. Then, they access the information sent between the client and the server.

Malware and Spyware

Attackers have many ways to let malware inside their victim’s device. Then, once it is in, it can keep track of their activities. And send it to the attacker to use.

Some of these attacks are:

  • Trojan Virus. This is a file that may look normal. Once users click it, it can launch an attack on the system. Then, it can make a backdoor for attackers to use.
  • Ransomware. This keeps users from getting access to their files. Attackers will then threaten to delete or get these files online. They will only let go once the victim pays a ransom.
  • Wiper Malware. It aims to destroy data or systems. To do this, it overwrites target files or deleting the whole file system. Most of the time, attackers who use this want to send a political message.


So, these are some of the threats to Infosec. But there are a lot more. If you want to keep your data from any harm, you need to make a strong Infosec plan.

Our Score

Leave a Reply

Your email address will not be published. Required fields are marked *