Boot and Claw: An Illustrated Guide to Threats as Halloween Monsters
This season, we’re dressing up some of the most common threats in Halloween costumes to give them a festive face. We looked at classic and modern monsters and see which profile fits these threats. The Scare Scale is a simple way to rate how concerned you should be when this threat comes knocking on your door. So for those who aren’t familiar with these threats, it’s time to get your Halloween on and learn what goes bump inside your systems and devices.
Bots – as a Zombie Horde
The zombie is a monster that has taken several forms over the decades. From brain-eating undead to pack of infected parkour monsters, each type of zombie has its own set of traits. Another definition of a zombie is of a mindless creature that does the bidding of its master. This is what bots are all about. They gain control of your computer and make it do what its master tells it to. The number of zombies being controlled is usually vast; enough to send systems crashing when a zombie army (thousands of unwillingly controlled computers) sends an overwhelming number of requests to a website.
Spam – as a Swarm of Bats
Everyone can agree that spam is annoying. It’s the email equivalent of receiving telephone directories when everything can be found online, except you keep getting phone directories on a daily basis, and it never seems to stop. We see spam as bats in a cinematic sense. One bat isn’t a problem, but an entire horde coming at you? The time we spend deleting these files is much like the time we spend hiding from as a swarm of flyby bats. If you’re one of those unlucky few, you can also get scratched or bitten by one or two.
Trojans – as a Werewolf
Trojans look like legitimate programs. If they were people, they’d probably have names like Mary or Dave—super generic and seemingly harmless. However, once installed, they unleash havoc similar to a person transforming into a werewolf in the middle of a family dinner. Trying to deal with or contain a Trojan can be similar to dealing with an overpowered wolfman. You would be surprised how much damage it can cause once it starts turning bad.
Exploits – as a Vampire
Similar to zombies, vampires have been portrayed several ways throughout the years, including ones that sparkle under the sun. But going back to a more classic version, Bram Stoker’s Dracula is a vampire with limited powers, but is exceptionally cunning. In the novel, Dracula expertly maneuvers his way around the heroes to get to an Englishman’s fiancé, Mina. This devious and strategic targeting of weaknesses is what exploits do. They gnaw at the code, search for weak spots, and vigilantly look for more openings until they get to their target, where they do their damage. Because not all vampires get invited inside people’s houses for tea, some work harder than others to get a bite out of the living.
Crypto-Ransomware – as a Witch
It's a classic story: A prince rides his horse around the forest when a witch places a curse on him, turns him into a frog, and the only way to break the curse is to get kissed. That’s pretty much what happens when you get infected by crypto-ransomware. This threat type "curses" its victims by encrypting critical files, rendering them useless unless the victim pays the ransom. Of course, the witch may or may not break the curse, and the same could be said about crypto-ransomware. You’ll be left with files you can’t open and a strong urge to bang your head against a nearby wall.
Data Breaches – as Undead Pirates
Nothing makes grownups scream like babies than have a huge chunk of their clients’ files stolen. This is the real horror story. When networks are raided and pillaged, there isn’t much one can do but stand in the rubble of what was and see the vastness of what has been taken. This scene is reminiscent to a pirate crew invading a port village. Except this time, the pirates are undead, mostly unseen, and usually unstoppable. Like the pirates in this scenario, threat actors involved in data breaches spend most of their time in the deep, waiting for its next big attack.
Targeted Attacks – as The Invisible Man
Targeted Attacks start when people get emails, phone calls, or even text messages from sources that won't raise suspicion, but they're ultimately part of a bigger scheme. It’s almost as if the Invisible Man was following them around, taking down notes and creating opportunities to make people divulge sensitive information. The Invisible Man preys on the unknowing as he follows people around, while a Targeted Attack relentlessly attempt to compromise a person’s digital infrastructure while maintaining anonymity. The Invisible Man A.K.A. the person behind the Targeted Attack moves deeper into the victim’s systems without leaving a trace. Every megabyte of data may already be gone and the user wouldn’t suspect a thing.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases