Scary Cybersecurity Stories

Cybersecurity is scary enough before you add ghosts in with the hackers...

Scary Cybersecurity Stories
Image by Merlito Pabatao 

I’ve met a lot of people who can tell a scary ghost story, but I know even more people who can tell a scary “when I got hacked” story. The difference is that the ‘I got hacked’ stories were a lot scarier. Both kinds of stories have a lot in common in that both involve ghosts; one kind of ghost opens your kitchen drawers and the other (hackers) silently infiltrates your PC.

People often say “just because you haven’t seen a ghost, it doesn’t mean they don't exist” and that kind of works with cybersecurity too. You may or may not believe in ghosts, but you should definitely believe in hackers and cybercriminals, even if you have never seen one before.

When it comes to cyber threats, take Disney’s Captain Barbosa’s advice,

“You best start believing in ghost stories… you’re in one!”

On that note, let's dive into some scary cybersecurity ghost stories!


Malware is your everyday kind of ghost. They are everywhere and all around us even if you never see them. Malware silently infects your computer in a ghostlike way and gets up to all kinds of spooky mischief. I am being simple for simple’s sake though, malware is a catch-all phrase for spyware, viruses, worms, and ransomware and covers lots of internet nasties.


Ransomware is like a vindictive poltergeist. They leave victims in a compromised position because the thing is, it’s tough to fight a poltergeist. Do the victims pay the ransom because they need their data back? Or do they refuse and risk that data (often customer data) will be sold or destroyed? Honestly, many who’ve been targeted by ransomware probably would have sold their soul for the chance to get their data back.


Adware is a mischief-causing kind of ghost because its sole purpose is to display advertising to you, which may suck, but at least it doesn't encrypt all your files! It may, however, walk you right into traps when it pretends to help or support.

Unpatched Security Vulnerabilities

Sometimes we let the ghosts in or attract them to us in the first place by having ***the horror***unpatched security vulnerabilities in your platform. To be fair, unless you are a cybersecurity expert or a fortune teller, you may not even know you have security vulnerabilities. Maybe there’s a bug, a breach, or a hacker, but USVs operate like a lurking ghost. If a door is open, it’ll find its way in.

Trojan Horses (Backdoors)

Some ghosts are the type who hide within objects, like the scary doll in your grandma’s basement. Your suspicions about it are valid, then confirmed when it’s already too late. Many websites use other backend programs, also called a backdoor, to help functionality for certain features. It’s not uncommon, most of the time it’s safe, but this can create problems for the user if the backend program is infiltrated. When users are mass-hacked, a backend program with poor security and the potential to host absolute evil could be the cause.

Unknown Bugs

Like unaware, residual energies, some sites have bugs. Planted or not, those bugs can affect your tech and allow hackers access to your browser, and through your browser to your computer. Bugs can be just as detrimental as malware, but while malware is intentional harm, bugs are often considered unintentional.

Malicious Links and Websites

Malicious links are like your kid’s “imaginary” friend. Malicious links can be clicked on harmlessly, but cause a myriad of problems for the user. These ghosts end up taking you through from website to website while installing malware and letting other ghosts through to your machine.

This article isn’t meant to scare you into submission, but in the spirit of Halloween, stay spooked, friends. It’s a well-known fact that most cyber attacks happen through a browser, meaning that in order to protect your machine, you need to protect it from the browser.

Yes, you need your browser, and you can use it safely. Try remote browser isolation technology to keep your browser isolated away from your computer, and therefore your personal or company data. A remote browser is a tool that physically isolates the browser a person is using from the machine they’re on. This means no ghosts or other cyber threats can climb in through your browser to harm your computer. When you log into WEBGAP, you log into a containerized browser. When you log out of WEBGAP, the browser you used and all data history completely disappears as though it was never there. From a remote browser user’s perspective, you’re browsing like, well... a ghost.

Like what we write? Follow WEBGAP on Twitter!

The awesome image used in this blog post was created by

Kate Larson

Operations Manager