Difference between revisions of "Cyber Security"

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.^[1]

Types of Cyber Attacks^[2]

Cyber attacks come in all shapes and sizes. Some may be overt ransomware attacks (hijacking important business products or tools in exchange for money to release them), while some are covert operations by which criminals infiltrate a system to gain valuable data only to be discovered months after-the-fact, if at all. Criminals are getting craftier with their malicious deeds and here are some of the basic types of cyber attacks affecting thousands of people each day.

• Malware: Malware is used to describe malicious software, including spyware, ransomware and viruses. It usually breaches networks through a vulnerability, like clicking on suspicious email links or installing a risky application. Once inside a network, malware can obtain sensitive information, further produce more harmful software throughout the system and can even block access to vital business network components (ransomware).
• Phishing: Phishing is the practice of sending malicious communications (usually emails) designed to appear from reputable, well-known sources. These emails use the same names, logos, wording, etc., as a CEO or company to dull suspicions and get victims to click on harmful links. Once a phishing link is clicked, cyber criminals have access to sensitive data like credit card, social security or login information.
• Social Engineering: Social engineering is the process of psychologically manipulating people into divulging personal information. Phishing is a form of social engineering, where criminals take advantage of people’s natural curiosity or trust. An example of more advanced social engineering is with voice manipulation. In this case, cyber criminals take an individual’s voice (from sources like a voicemail or social media post) and manipulate it to call friends or relatives and ask for credit card or other personal information.
• Man-in-the-Middle Attack: Man-in-the-Middle (MitM) attacks occur when criminals interrupt the traffic between a two-party transaction. For example, criminals can insert themselves between a public Wi-Fi and an individual’s device. Without a protected Wi-Fi connection, cyber criminals can sometimes view all of a victim’s information without ever being caught.
• Zero-day attack: Zero-day attacks are becoming more-and-more common. Essentially, these attacks occur between a network vulnerability announcement and a patch solution. In the name of transparency and security, most companies will announce that they found a problem with their network safety, but some criminals will take this opportunity to unleash attacks before the company can come up with a security patch.

Cybersecurity Challenges^[3]

Cybersecurity is continually challenged by hackers, data loss, privacy, risk management, and changing cybersecurity strategies. Nothing currently indicates that cyber-attacks will decrease. Moreover, with the more entry points, there are for attacks, the more cybersecurity is needed to secure networks and devices.

One of the most problematic elements of cybersecurity is the continually evolving nature of security risks. As new technologies emerge, and technology is used in new or different ways, new avenues of attack are developed as well. Keeping up with these continual changes and advances in attacks can be challenging to organizations, as well as updating their practices to protect against them. This also includes ensuring that all the elements of cybersecurity are continually changed and updated to protect against potential vulnerabilities. This can be especially challenging for smaller organizations.

Additionally, today, there is a lot of potential data an organization can gather on individuals who take part in one of their services. With more data being collected, the likelihood of a cybercriminal who wants to steal personally identifiable information is another concern. For example, an organization that stores personally identifiable information in the cloud may be subject to a ransomware attack, and should do what they can to prevent a cloud breach.

Cybersecurity should also address end-user education, as an employee may accidently bring a virus into a workplace on their work computer, laptop, or smartphone.

Another large challenge to cybersecurity includes a job shortage. As growth in data from businesses become more important, the need for more cybersecurity personnel to analyze, manage and respond to incidents increases. It is estimated that there are two million unfilled cybersecurity jobs worldwide. Cybersecurity Ventures also estimates that by 2021, there will be up to 3.5 million unfilled cybersecurity jobs.

However, new advances in machine learning and artificial intelligence (AI) have started to be developed to help in organizing and managing data -- although not to the effect needed.

Cybersecurity Best Practices^[4]

To minimize the risks of cyberattacks, follow basic cybersecurity best practices:

• Keep software up to date. Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
• Run up-to-date antivirus software. A reputable antivirus software application is an important protective measure against known malicious threats. It can automatically detect, quarantine, and remove various types of malware. Be sure to enable automatic virus definition updates to ensure maximum protection against the latest threats. Note: Because detection relies on signatures—known patterns that can identify code as malware—even the best antivirus will not provide adequate protections against new and advanced threats, such as zero-day exploits and polymorphic viruses.
• Use strong passwords. Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices. It is best to use long, strong passphrases or passwords that consist of at least 16 characters.
• Change default usernames and passwords. Default usernames and passwords are readily available to malicious actors. Change default passwords, as soon as possible, to a sufficiently strong and unique password.
• Implement multi-factor authentication (MFA). Authentication is a process used to validate a user’s identity. Attackers commonly exploit weak authentication processes. MFA uses at least two identity components to authenticate a user’s identity, minimizing the risk of a cyberattacker gaining access to an account if they know the username and password.
• Install a firewall. Firewalls may be able to prevent some types of attack vectors by blocking malicious traffic before it can enter a computer system, and by restricting unnecessary outbound communications. Some device operating systems include a firewall. Enable and properly configure the firewall as specified in the device or system owner’s manual.
• Be suspicious of unexpected emails. Phishing emails are currently one of the most prevalent risks to the average user. The goal of a phishing email is to gain information about you, steal money from you, or install malware on your device. Be suspicious of all unexpected emails.