Top cybersecurity threats in 2020

What is Budapest convention?

The Budapest Convention on Cybercrime is the first international treaty for Internet and computer crime by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. It was open for signature in 2001 and came intoforce in 2004.As of September 2019, 64 states have ratified the convention.
The European Commission adopted a provision that requires all members of theEuropean Union all activities defined as “attack through interference with information systems” to be punishable as terrorist act, if their goal is “serious alteration or destruction of political, economic or social structures”.

Main cyber threats to any person or organisation

1. Phishing: Phishing is the act of attempting to acquire information, such as  username, passwords and credit card details  by masquerading as a trustworthy entity in an electronic communication. Phishing email may contain links to websites that are infected with malware. Phishing typically carried out by email spoofing or instant messaging.
   

   
   
                               Phishing mail
2. Vishing (Voice Phishing): The term is a combination of 'voice and 'phishing'. When phishing is done with the help of telephonic system, it is called vishing.
   

   
   
                                Vishing scam
3. Whaling: Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.
   

   
   
                         How whaling work
4. Tabnabbing: Tabnabbing is one of the latest phishing technologies. It takes advantage of tabbed browsing(which uses multiple open tabs) that a user uses and silently redirects the user to the affected site. This technique operates in reverse to most phishing techniques as it does not directly take the user to the fraudulent site, but, instead, phishers load their fake page in one of the open tabs.
5. Spoofing: A spoofing attack is a situation in which one person or programme successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. A spoofing attack involves one programme, system or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another programme. The purpose of this is usually to fool programmes, systems or users into revealing confidential information, such as user names and passwords, to the attacker.
6. Zombies: A zombie is a computer connected to the internet that has been compromised by a hacker, computer virus or trojan horse. It can be used to perform malicious tasks under remote direction. Botnets of zombie computers are often used to spread email spam and launch denial-of- service attacks. Most owners of zombie computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to zombies.
   

           zombie attack on computer system
7. Botnets: A botnet is a collection of internet connected programmes communicating with other similar programmes in order to perform tasks.Botnets sometimes compromise computers whose security defences have been breached and control conceded to a third party. Each such compromised device, known as a 'bot', is created when a computer is penetrated by software from a malware (malicious software) distribution.
8. Pharming: It is an attack to redirect a website's traffic to a different, fake website, where the individual's information is then compromised.
9. Drive-by: These are opportunistic attacks against specific weaknesses  within a system.
10. Spam: The unsolicited sending of bulk email for commercial purposes, is unlawful in some jurisdictions. While anti-spam laws are relatively new, limits on unsolicited electronic communications have existed for some time.