By 2010, a new pattern of cyber criminal activity had been detected. Attackers could breach a network and stay hidden in the network for a long period without detection. Such types of attacks were referred to as advanced persistent threats. Hacking became a profession and cyber criminals were taking the time to study targeted systems and acquire the tools needed to attack them. Once an attack was successful, the attackers would maintain access to it as they stole or modified data. One of these incidences was the Stuxnet attack against a nuclear fuel enrichment facility in Iran. The attackers, believed to have been state-sponsored, breached the security systems of the facility and stayed hidden in their networks for a long time. The malware collected enough information to determine how to carry out the attack that caused the destruction of the facility. This attack was most significant due to the zero-day vulnerabilities it used and the fact that the attacked computers were not even connected to the internet.
In addition to advanced persistent attacks, phishing also made a comeback. Phishing was initially popular when members of the public were just getting computers and access to the internet for the first time. However, the phishing attacks of that time were quite rudimentary. The most common one was called the Nigerian Prince scam. It was an email sent to many people highlighting the tribulations of a purported Nigerian prince trying to get his inheritance money, but who needed some assistance to do so. Mostly, the targets were being asked to send some money to help clear the money. The scam gained popularity, before becoming less effective after it was publicized. However, 2011 saw a new wave of phishing attacks that were more sophisticated. The attempts shifted from simply trying to trick internet users into sending small amounts of money. Hackers started cloning legitimate company websites and email templates and informing them that there was a problem with the user accounts created with these companies. Users were being offered to rectify the issue by logging into given links. On the cloned websites, users would give out their real credentials and the hackers would use these credentials to steal data or money or gain access to sensitive systems.
After this, Denial of Service (DoS) attacks also came into the spotlight. The increased number of personal computers on the internet that did not have sufficient security systems was a blessing to hackers. They would install malware in such computers that would recruit them into a network of zombie computers, called a botnet. These zombie computers would be commanded by the hackers to send illegitimate traffic at specified targets, thus causing DoS and DDoS attacks.