Types Of Malicious Damage Of A Company’s IT System

Within an IT system for a company there are many types of threats on the networks and systems, it’s important to protect against these threats as best as possible. Another way a malicious threat can happen is internally, someone who has access to the server rooms could use something as simple as a USB to load a key logger to the server and have a lot of information such as passwords send to their own personal PC. These workers may do this kind of damage because they feel they are not getting paid enough or are not being treated fairly in comparison to their fellow workers.

A person who has access to the servers could also cause physical damage towards the server causing major website outages, they could delete files, unplug wires and cables, or they could physically start breaking equipment. These types of threats are internal threats and happen within the company or organisation. When a data breach happens, the organisation is supposed to notify its users of said breach and tell them to change passwords or contact their bank depending on the data that was leaked, this can make customers and users distrust the organisation and start to use competitors instead.

External data threats happen from outside of the organisation, these can include hackers who have found an exploit within the website and can literally take data from their own homes, another type of external thread is DDOS attacks, this is where an external source sends lots of requests to the server causing it to slow down or even crash. An example of a DDOS attack is when a group of anonymous hackers launched a campaign against Donald Trump on April 1st, they took down the billionaire’s websites including hotel chains and his presidential campaign, they also took down email servers. The group of hackers hoped that this attack would damage trumps reputation and hurt his run for president.

Another external threat would be data theft, this is when a group of people attempt to impersonate an organisation or e commerce website to steal customer data, this happens in the form of phishing usually by scam emails with fake links encouraging customers to enter sensitive data. An example of a phishing email would be a fake PayPal email stating that you have authorised an expensive payment and that you must log in immediately using this link to stop the payment, the link will be a fake version of PayPal and will prompt you to log in, these login details will then be sent to the scammers.