Ransomware, fraud, CEO, identity theft, DDoS attacks, APT, identity theft, attacks on critical infrastructure… These are some of the ten ciberriesgos more frequent and with greater economic impact.

The Spanish Association of Risk Management and Insurance (AGERS), and ISMS Forum Spain has presented this week the guide ‘Top 10 Cyber Risks’, which lists the 10 ciberriesgos more frequent and with greater economic impact, due to damage patromoniales, reputational, third-party claims or possible sanctions that may result.


  1. information Leakage. May damage the reputation of the company and its operations, also cause loss of business opportunities and criminal sanctions, civil and administrative. is Usually caused by the loss or theft of a laptop or a mobile phone, the loss of some storage devices (USB, hard disk…) or if an attacker penetrates the system. is Yahoo recognized the filtering in the database of your mail accounts, affecting more than 1,000 million users. And Equifax said that a hacker accessed its database, affecting 145,5 million accounts. 9 out of every 10 cases has a mobile the economic or espionage. The method of attack can be malware, a backdoor, a rootkit, or social engineering.
  2. the

  3. Ransomware. The aim of this malware is to infiltrate into systems to damage or encrypt your files, requesting a rescue -usually in bitcoins — to retrieve the information. is Often camouflage themselves within other programs or applications you use regularly, as attachments in emails, links in announcements, program updates, reliable, etc., in Addition, is spreading the Ransomware of Things (RoT), designed specifically to attack internet-connected devices. Incidents like Wannacry or Petya affected companies as important as Phone, FedEx or the pharmaceutical company MERCK. serves both as the tactics of social engineering as phishing and using botnet.
  4. the

  5. Phishing. Is based on phishing site web, leading to the confusion to get some benefit by deception to the victims. For example, it can be an e-mail supposedly sent by our bank, inviting you to click on a link to change our password because there is a problem. is The mobile is usually economic, but you can also search the data theft confidential or cause reputational harm. And uses of the different variants of phishing (Pharming, Wi-Phishing, Spear Phishing, Smishing,Vishing), social engineering or identity theft.
  6. the

  7. identity Spoofing. The criminals can be made to pass by another person, deceiving the person in charge of verifying the identity in the registration process. Is achieved demonstrating that you know information or have certain characteristics of the person impersonated, as personal data (date of birth, ID number, name of the children…) or access credentials. can Also be social engineering to deceive, the registrar. In addition to the economic interest, can claim damage to the reputation of the victim, or to perform espionage industrial or commercial.The attackers obtain the data through social engineering, phishing, impersonation of mail or websites , exploiting the information published on social networks, through hacks or buying records in the market black.
  8. Advanced Persistent Threat (APT). It is an attack on a specific organization through the combination of different methods in order to infiltrate and expand into its technological infrastructure , serving of entry point to subtract sensitive information or harm the critical processes of the organization on an ongoing basis. The peculiarity is that cybercriminals carefully study their objective to customize the attack . They are carried out by groups allegedly linked to different governments , such as FancyBear, CozyBear (Russia), OceanLotus (Vietnam), Codoso Team (China) or Lazarus Group (North Korea). For example, the ‘Carbabank’ campaign targeted hundreds of financial institutions in 30 countries and took about two years to detect.
  9. Fraud the CEO. He uses the phishing — especially through email — and social engineering to incite a used to make some kind of sensitive transaction — financial or information — towards a destination controlled by the attackers. Before that, cybercriminals study the victim in depth until they have the precise information of their victim . Leoni, the largest manufacturer of electric cables in Europe, acknowledged having been the victim of this type of attack, losing almost 40 million euros.
  10. DDoS attack. The most common way is by generating an service consumption of the company’s information systems in an artificial and malicious way , preventing others Users can use it. The services are usually saturated momentarily and on time to request compensation after stopping doing so. It is usually done for economic reasons , but also for hackactivism or to expose vulnerabilities .
  11. Impersonation or modification of the web. This is alter a web page by modifying its code in an unauthorized way. It can be done to change the content of the web, as a protest or claim ; to impersonate the legitimate site, seeking to obtain confidential information ; or confuse the user, in order to install harmful code on his device. Cybercriminals use automatic programs that scan the Internet for vulnerable sites to perform a SQL injection attack, taking control of the server. They can search damage the reputation of the victim, spread false content or news, claim messages, perform malicious actions using the victim’s system, etc.
  12. Internet of Things. Connected devices are vulnerable to attacks, putting at risk the personal data they collect: tastes, consumption, movements, conversations, images. In addition, the attack on these elements poses significant security threats if they manage to interfere with autonomous car systems or video surveillance cameras and home opening systems, for example. In addition, IoT devices are being used to create networks to carry out DDoS attacks or to undermine bitcoins.
  13. Critical infrastructure attacks. Some states have used cyberattacks against the interests of enemy or competing countries to destabilize them. For example, 80.000 people who ran out of electricity for six hours in Ukraine in December 2015, due to a blackout caused by the BlackEnergy Trojan, after which the Russian government allegedly hides. An employee of a power plant received an email with an attachment that he opened, executing a malicious code that generated a backdoor through which the Trojan entered. The objectives of these attacks are usually political or social.