These threats are identified as: * Malicious code activity * Tends to increase in countries experiencing rapid growth in broadband infrastructure and connectivity, , readily available malicious code kits are making it simple for attackers to mount attacks, the online underground economy and malicious activity are benefiting from the downturn in the global economy. * Web-based targeted attacks on enterprises are increasing * Targeted attacks using advanced persistent threats (APT) * Designed to main undetected in order to gather information over prolonged periods.
This type of attack has been observed in other large-scale data breaches that caused large numbers of identities to be exposed * Hacking attack using an SQL- injection attack * The hackers can gain access to a company’s payment processing network. The attackers then installed malicious code designed to gather sensitive information from the network, which allowed them to easily access the network at their nonviolence. Researching biblically available information about a company or its employees * Creating pushing emails messages, also referred as spear pushing, that will be sent to the company or even specific staff employees. * Messages often contain attachments that exploit weaknesses in client-side applications, or links to websites that exploit vulnerabilities in Web browsers or browser plug-ins. * A successful attack could give the attacker access to a company’s network.