What is a cyberattack?

Cyberattacks are attempts to gain unauthorized access to computer systems and steal, modify, or destroy data. Learn how to protect against these attacks.

What is a cyberattack?

Cyberattacks aim to damage or gain control or access to important documents and systems within a business or personal computer network.

Cyberattacks are distributed by individuals or organizations for political, criminal, or personal intentions to destroy or gain access to classified information.

Here are some examples of cyberattacks:

• Malware
• Distributed Denial-of-Service (DDoS) attack
• Phishing
• SQL injection attacks
• Cross-site scripting (XSS)
• Botnets
• Ransomware

Using reliable software and a solid cyber strategy can lower the chances of a business or personal database being affected by a cyberattack.

What are the different types of cyberattacks and threats?

Cyberattacks come in various forms through computer networks and systems. Malware and phishing are two cyberattack examples used to gain control of sensitive data from businesses and personal electronic devices. Learn about the types of cyberattacks and their effect on recent technology.

  • Malware

    Malware, or malicious software, disguises itself as a trusted email attachment or program (i.e., encrypted document or file folder) to exploit viruses and allow hackers into a computer network. This type of cyberattack often disrupts an entire IT network. Some examples of malware are trojans, spyware, worms, viruses, and adware. 

  • Distributed Denial-of-Service (DDoS) attack

    A DDoS attack is when several hacked computer systems target a site or network and deny the user experience on that specific website or network. For example, hundreds of pop-ups, advertisements, and even a crashing site can contribute to a DDoS attack on a compromised server.

  • Phishing

    Phishing is the act of sending fraudulent emails on behalf of reputable companies. Hackers use phishing to gain access to data on a personal or business’ network.

  • SQL injection attacks

    An SQL injection attack is when a cybercriminal exploits software by taking advantage of apps (i.e., LinkedIn, Target) to steal, delete, or gain control of data.

  • Cross-site scripting (XSS)

    Cross-site scripting (XSS) is when a cybercriminal sends a “script-injected” or spammed website link to your inbox, and it’s opened—releasing personal information to said criminal.

  • Botnets

    Botnets are when multiple computers, normally on a private network, are infected with viruses and other forms of malicious software, I.e., pop-up messages or spam.

  • Ransomware

    Ransomware is a type of malicious software, or malware, that threatens a victim by destroying or blocking access to critical data or systems until a ransom is paid. 

Recent cyberattacks and trends

Cyberattacks are common and a popular topic of interest, especially when being reported by media outlets. Most of these cyberattacks have affected thousands, if not millions, of the general population. This includes cyberattacks on social media platforms, websites that house personal data, and more.

Here are some of the most recent cyberattacks and trends from the past decade:

  • United States Office of Personnel Management

    Noted as “one of the most significant data breaches in US history,” the US Office of Personnel Management was hacked in April 2015 costing 21.5M investigations, 19.7M applicants that applied for an investigation, and 5.6M fingerprints to be stolen.

  • Equifax

    In 2017, Equifax failed to correct network vulnerability by properly securing their data. This led to over 147.9M customers in the United States, UK, and Canada getting their credit card details and social security numbers stolen by hackers.

  • Russian cyberattacks

    Within the past year, over 58% of all cyberattacks observed by Microsoft have been attributed to hackers in Russia. Their hackers have been effective in stealing data from other countries with a 32% success rate in 2021.

  • CNA Financial

    Insurance company CNA Financial was hit with a ransomware attack in March 2021, leaving employees locked out of internal systems and resources. The cyber hackers also stole valuable data, reportedly resulting in a USD$40 million settlement paid by CNA Financial.

  • Colonial Pipeline

    When the Colonial Pipeline Company was hacked on May 7, 2021, all operations were shut down to contain the attack. In order to restore the computerized system used to manage oil pipelines throughout the southeastern United States, Colonial Pipeline paid the hackers a ransom of 75 bitcoins (equivalent to USD$4.4 million at the time). This cyberattack was the largest in U.S. history to target oil infrastructure.

  • Cryptocurrency

    In March and April 2022, three different lending protocols came under cyberattack. In the span of one week, hackers stole USD$15.6 million worth of cryptocurrency from Inverse Finance, USD$625 million from gaming-focused Ronin Network, and USD$3.6 million from Ola Finance.

How to prevent cyberattacks

Taking a proactive approach by focusing on cyberattack prevention is key to making sure your personal and business networks are safe. However, most people don’t know where to start.

Here are some ways to help keep your data safe:

• Investing in a reliable cybersecurity system.
• Hiring IT administrators that will keep a close watch on all networks within a business.
• Using a Two-Factor or Multi-Factor Authentication system. This will ensure that all members with an account or have access to the system are verified employees or stakeholders of the company.
• Educate your employees through ongoing internal training on cyberattacks and cybersecurity, and what steps to take if a data breach was to occur.
• Hire a third-party security team to assist your internal IT department with monitoring business networks and systems.

Protection against cyberattacks

Protection against cyberattacks is important. Luckily, there’s software available that can help with that.


Here are some resources that help protect your computer from cybercriminals:

Cloud security

Cloud security allows data to be stored for back-up in case of a lost network or system.

Identity and access management

Identity and access management creates a system to verify identities, ensuring the individual has a right to access internal information, i.e., two-factor authentication.

Risk management

Risk management keeps employees up to date and educated on how to handle a data breach if it were to occur.

Integrated SIEM and XDR

Defend against cyberattacks with integrated security information and event management (SIEM) and extended detection and response (XDR) that uncovers even the stealthiest attacks and coordinates response across the entire digital estate—all while reducing tool stack complexity and cost.

Learn more about Microsoft Security

Frequently asked questions


Cyberattack mitigation is when companies develop strategies to prevent incidents, like cyberattacks, that limits the amount of damage done if a threat is posed.

Threat protection can fall under three components to enforce cyberattack mitigation: prevention, identification, and remediation.

Prevention: businesses place policies and procedures in order to eliminate the possibility of a threat hosted by outside organizations or individuals.

Identification: security software and management allow businesses to manage less and innovate more without the worry of internal data breaches.

Remediation: utilizing business software like Zero Trust, and strategies to contain active security threats that have breached internal networks and systems.

Cyberattack remediation is how businesses deal with cyberattacks – their processes, strategies, and how they handle active threats moving forward.

Cyberattacks are unauthorized attempts to exploit, steal, and damage confidential information by taking advantage of vulnerable computer systems. The motivation behind cyberattacks can be political, criminal, and/or personal.


Cyber threats are individuals or businesses that can have internal or external access into a company’s network, and willingly abuse these processes. Examples could include cyberterrorist organizations, former employees, or an industry competitor.


Cyber risks are networks who are deemed most “at risk” for cyberattacks. Cyber risks are analyzed by FBI cyberattack data and data from the National Governors Association for state elections to determine what organization needs additional cybersecurity, and how much businesses are spending on cybersecurity and protection.

Cyberattacks occur whenever cyberterrorists try to gain access to a business or personal network for informational purposes. The motivation can be criminal, political, and/or personal. These individuals or organizations usually find holes within the company’s IT processes and take advantage of these vulnerable systems.