What is cybersecurity
Since then, and with internet penetration globally at an estimated 3.4 billion users (approximately 46% of the world’s population2), the opportunities for cybercrime have ballooned exponentially.Combating this is a multi-disciplinary affair that spans hardware and software through to policy and people – all of it aimed at both preventing cybercrime occurring in the first place, or minimising its impact when it does. This is the practice of cybersecurity.
There is no silver bullet, however; cybersecurity is a constantly evolving, constantly active process just like the threats it aims to prevent.What happens when security fails? While what frequently makes the news are breaches of user accounts and the publication of names and passwords – the type that the Ashley Madison hack publicly exemplified– it’s often financial gain, or the theftof critical business or government intelligence, that drives the cyber underworld.One fact remains clear: it’s only going to increase. As we integrate technology further into our lives, the opportunities for abuse grow. So too, then, must the defences we employ to stop them through the education and practice of cybersecurity.
Types of cyber security
In order to be better protected, it’s important to know the different types of cybersecurity. These include critical infrastructure security, network security, application security, information security, cloud security, data loss prevention, and end-user education.
Critical infrastructure security: Consists of cyber-physical systems such as electricity grid and water purification systems.
Network security: Protects internal networks from intruders by securing infrastructure. Examples of network security include the implementation of two-factor authentication (2FA) and new, strong passwords.
Application security: Uses software and hardware to defend against external threats that may present themselves in an application’s development stage. Examples of application security include antivirus programs, firewalls and encryption.
Information security: Also known as InfoSec, protects both physical and digital data—essentially data in any form—from unauthorized access, use, change, disclosure, deletion, or other forms of malintent.
Cloud security: A software-based tool that protects and monitors your data in the cloud, to help eliminate the risks associated with on-premises attacks.
Data loss prevention: Consists of developing policies and processes for handling and preventing the loss of data, and developing recovery policies in the event of a cyber security breach. This includes setting network permissions and policies for data storage.
End-user education: Acknowledges that cyber security systems are only as strong as their potentially weakest links: the people that are using them. End-user education involves teaching users to follow best practices like not clicking on unknown links or downloading suspicious attachments in emails—which could let in malware and other forms of malicious software.
Types of cyber threats
There are many types of cyberthreats that can attack your devices and networks, but they generally fall into three categories. The categories are attacks on confidentiality, integrity and availability.
- Attacks on confidentiality. These attacks can be designed to steal your personal identifying information and your bank account or credit card information. Following these attack, your information can be sold or traded on the dark web for others to purchase and use.
- Attacks on integrity. These attacks consist of personal or enterprise sabotage, and are often called leaks. A cybercriminal will access and release sensitive information for the purpose of exposing the data and influencing the public to lose trust in a person or an organization.
- Attacks on availability. The aim of this type of cyberattack is to block users from accessing their own data until they pay a fee or ransom. Typically, a cybercriminal will infiltrate a network and authorized parties from accessing important data, demanding that a ransom be paid. Companies sometimes pay the ransom and fix the cyber vulnerability afterward so that they can avoid halting business activities.
Here are a few types of cyber threats that fall into the three categories listed above.
Social engineering, a type of attack on confidentiality, is the process of psychologically manipulating people into performing actions or giving away information. Phishing attacks are the most common form of social engineering. Phishing attacks usually come in the form of a deceptive email with the goal of tricking the recipient into giving away personal information.
APTs (advanced persistent threats), a type of attack on integrity, where an unauthorized user infiltrates a network undetected and stays in the network for a long time. The intent of an APT is to steal data and not harm the network. APTs often happen in sectors with high-value information, such as national defense, manufacturing, and the finance industry.
Malware or malicious software, is a type of attack on availability. It refers to software that is designed to gain access to or damage a computer without the knowledge of the owner. Malware can do everything from stealing your login information and using your computer to send spam, to crashing your computer system. Several common types of malware include spyware, keyloggers, true viruses, and worms.
Ransomware, another form of malicious software, also is a type of attack on availability. Its goal is to lock and encrypt your computer or device data—essentially holding your files hostage—and then demand a ransom to restore access. A victim typically must pay the ransom within a set amount of time or risk losing access to the information forever. Common types of ransomware include crypto malware, lockers and scareware.
The scale of the cyber threat
The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. A report by RiskBased Security revealed that a shocking 7.9 billion records have been exposed by data breaches in the first nine months of 2019 alone. This figure is more than double (112%) the number of records exposed in the same period in 2018.
Medical services, retailers and public entities experienced the most breaches, with malicious criminals responsible for most incidents. Some of these sectors are more appealing to cybercriminals because they collect financial and medical data, but all businesses that use networks can be targeted for customer data, corporate espionage, or customer attacks.
With the scale of the cyber threat set to continue to rise, the International Data Corporation predicts that worldwide spending on cyber-security solutions will reach a massive $133.7 billion by 2022. Governments across the globe have responded to the rising cyber threat with guidance to help organizations implement effective cyber-security practices.
In the U.S., the National Institute of Standards and Technology (NIST) has created a cyber-security framework. To combat the proliferation of malicious code and aid in early detection, the framework recommends continuous, real-time monitoring of all electronic resources.
The importance of system monitoring is echoed in the “10 steps to cyber security”, guidance provided by the U.K. government’s National Cyber Security Centre. In Australia, The Australian Cyber Security Centre (ACSC) regularly publishes guidance on how organizations can counter the latest cyber-security threats.
Types of cyber threats
The threats countered by cyber-security are three-fold:
1. Cybercrime includes single actors or groups targeting systems for financial gain or to cause disruption.
2. Cyber-attack often involves politically motivated information gathering.
3. Cyberterrorism is intended to undermine electronic systems to cause panic or fear.
So, how do malicious actors gain control of computer systems? Here are some common methods used to threaten cyber-security:
Malware
Malware means malicious software. One of the most common cyber threats, malware is software that a cybercriminal or hacker has created to disrupt or damage a legitimate user’s computer. Often spread via an unsolicited email attachment or legitimate-looking download, malware may be used by cybercriminals to make money or in politically motivated cyber-attacks.
There are a number of different types of malware, including:
· Virus: A self-replicating program that attaches itself to clean file and spreads throughout a computer system, infecting files with malicious code.
· Trojans: A type of malware that is disguised as legitimate software. Cybercriminals trick users into uploading Trojans onto their computer where they cause damage or collect data.
· Spyware: A program that secretly records what a user does, so that cybercriminals can make use of this information. For example, spyware could capture credit card details.
· Ransomware: Malware which locks down a user’s files and data, with the threat of erasing it unless a ransom is paid.
· Adware: Advertising software which can be used to spread malware.
· Botnets: Networks of malware infected computers which cybercriminals use to perform tasks online without the user’s permission.
SQL injection
An SQL (structured language query) injection is a type of cyber-attack used to take control of and steal data from a database. Cybercriminals exploit vulnerabilities in data-driven applications to insert malicious code into a databased via a malicious SQL statement. This gives them access to the sensitive information contained in the database.
Phishing
Phishing is when cybercriminals target victims with emails that appear to be from a legitimate company asking for sensitive information. Phishing attacks are often used to dupe people into handing over credit card data and other personal information.
Man-in-the-middle attack
A man-in-the-middle attack is a type of cyber threat where a cybercriminal intercepts communication between two individuals in order to steal data. For example, on an unsecure WiFi network, an attacker could intercept data being passed from the victim’s device and the network.
Denial-of-service attack
A denial-of-service attack is where cybercriminals prevent a computer system from fulfilling legitimate requests by overwhelming the networks and servers with traffic. This renders the system unusable, preventing an organization from carrying out vital functions.
Latest cyber threats
What are the latest cyber threats that individuals and organizations need to guard against? Here are some of the most recent cyber threats that the U.K., U.S., and Australian governments have reported on.
Dridex malware
In December 2019, the U.S. Department of Justice (DoJ) charged the leader of an organized cyber-criminal group for their part in a global Dridex malware attack. This malicious campaign affected the public, government, infrastructure and business worldwide.
Dridex is a financial trojan with a range of capabilities. Affecting victims since 2014, it infects computers though phishing emails or existing malware. Capable of stealing passwords, banking details and personal data which can be used in fraudulent transactions, it has caused massive financial losses amounting to hundreds of millions.
In response to the Dridex attacks, the U.K.’s National Cyber Security Centre advises the public to “ensure devices are patched, anti-virus is turned on and up to date and files are backed up”.
Romance scams
In February 2020, the FBI warned U.S. citizens to be aware of confidence fraud that cybercriminals commit using dating sites, chat rooms and apps. Perpetrators take advantage of people seeking new partners, duping victims into giving away personal data.
The FBI reports that romance cyber threats affected 114 victims in New Mexico in 2019, with financial losses amounting to $1.6 million.
Emotet malware
In late 2019, The Australian Cyber Security Centre warned national organizations about a widespread global cyber threat from Emotet malware.
Emotet is a sophisticated trojan that can steal data and also load other malware. Emotet thrives on unsophisticated password: a reminder of the importance of creating a secure password to guard against cyber threats.
Post a Comment
If you have any doubts, please let me know