What is Cyber Security?

January 30, 2024

What is cyber security? Cyber security involves protecting computers, servers, mobile devices, electronic systems, networks, and data from harmful attacks. Also known as information technology security or electronic information security, this term covers several key areas:

• Network Security: This is about safeguarding a computer network from intruders, be it targeted attackers or widespread malware.
• Application Security: The focus here is on ensuring that software and devices are threat-free. Securing applications is crucial, as a compromised app can expose the protected data. Effective security starts from the design phase, long before the deployment of the software or device.
• Information Security: This aspect is concerned with safeguarding data integrity and privacy, both during storage and transmission.
• Operational Security: This includes strategies and decisions for managing and protecting data assets. It encompasses everything from user network access permissions to how and where data is stored or shared.
• Disaster Recovery and Business Continuity: These policies outline how an organisation should respond to a cyber security incident or any disruptive event that leads to the loss of data or operational capability. Disaster recovery focuses on restoring operations and information to pre-event levels, while business continuity outlines how to keep functioning in the absence of certain resources.
• End-user Education: This addresses the unpredictability of human behaviour in cyber security. Training users in best security practices, such as avoiding suspicious email attachments or untrusted USB drives, is crucial to maintain an organisation’s security.

The Magnitude of Cyber Security Threats

The threat posed by cyber attacks is escalating globally at an alarming rate, with data breaches increasingly common. A startling revelation from a RiskBased Security report is that in just the first nine months of 2019, an astounding 7.9 billion records were compromised, a figure that’s more than double (112% increase) the number of records exposed during the same period in 2018.

Sectors like medical services, retail, and public agencies are experiencing the most breaches, predominantly orchestrated by malicious actors. These sectors are particularly targeted due to their handling of sensitive financial and medical information. However, any business that relies on network systems is vulnerable to data theft, corporate espionage, or direct attacks on customers.

Given the growing severity of cyber threats, it’s no surprise that global investment in cyber security measures is also on the rise. Gartner forecasts that cyber security spending will hit $188.3 billion in 2023 and exceed $260 billion worldwide by 2026. In response to these threats, governments worldwide are issuing guidelines to assist organisations in developing effective cyber security strategies.

In the United States, the National Institute of Standards and Technology (NIST) has formulated a cyber security framework that emphasises continuous, real-time monitoring of all electronic resources to mitigate the spread of malicious software and enhance early detection.

Similarly, the U.K. government’s National Cyber Security Centre endorses system monitoring in its “10 steps to cyber security.” Meanwhile, the Australian Cyber Security Centre (ACSC) frequently issues advice on how to defend against emerging cyber security risks.

Cyber Security Threat Categories

Cyber security combats three primary types of threats:

• Cybercrime: This involves individuals or groups attacking systems for financial gain or to cause disruption.
• Cyber-attack: These are usually politically motivated attacks aimed at gathering sensitive information.
• Cyberterrorism: Aimed at causing panic or fear, this involves attacking electronic systems.

But how do attackers take control of computer systems? Below are some prevalent methods posing threats to cyber security:

Malware (Malicious Software)

Malware is software developed by cybercriminals or hackers to disrupt or damage a legitimate user’s computer. It is often distributed through unsolicited email attachments or seemingly legitimate downloads. Malware is a tool for cybercriminals to make money or facilitate politically motivated attacks.

Different types of malware include:

• Virus: This software self-replicates by attaching to clean files and spreads malicious code throughout the computer system.
• Trojans: Disguised as legitimate software, they trick users into loading them onto their computers, where they can cause damage or harvest data.
• Spyware: This secretly monitors user activity to collect information, like credit card details.
• Ransomware: It locks and threatens to delete a user’s files and data unless a ransom is paid.
• Adware: Advertising software that can be a conduit for spreading malware.
• Botnets: Networks of infected computers used by cybercriminals to carry out tasks online without the user’s consent.

SQL Injection

SQL injection is a cyber-attack method that targets databases. Attackers exploit flaws in data-driven applications to insert harmful code through a malicious SQL statement, allowing them to gain control over and extract information from the database.

Phishing

Phishing involves cybercriminals sending deceptive emails that mimic legitimate companies, aiming to obtain sensitive information from the recipients. Commonly, these attacks trick individuals into revealing personal details like credit card numbers and login credentials.

Man-in-the-Middle Attack

In a man-in-the-middle attack, a cybercriminal discreetly intercepts and steals data during a digital conversation between two parties. For instance, on an unprotected Wi-Fi network, an attacker could capture data transferred between a user’s device and the network.

Denial-of-Service Attack

A denial-of-service attack disrupts normal system operations by flooding the network and servers with excessive traffic. This overload prevents the system from responding to legitimate requests, rendering it inoperative and hindering an organisation’s essential activities.

Recent Cyber Security Threats

Understanding the latest cyber threats is crucial for both individuals and organisations. Here’s an overview of some recent threats as reported by government agencies in the UK, US, and Australia.

Dridex Malware

The US Department of Justice in December 2019 indicted the leader of a cyber-criminal group involved in a worldwide Dridex malware campaign, impacting individuals, governments, infrastructure, and businesses globally. Dridex, a financial trojan active since 2014, spreads through phishing emails or existing malware. It can steal passwords, banking details, and personal information, leading to fraudulent transactions and significant financial losses. The UK’s National Cyber Security Centre recommends keeping devices updated, ensuring active and updated antivirus, and backing up files as a defence against Dridex.

Romance Scams

In February 2020, the FBI alerted US citizens about confidence fraud on dating sites, chat rooms, and apps. Cybercriminals exploit individuals seeking romantic partners, tricking them into divulging personal information. In New Mexico alone, 114 victims reported losses totaling $1.6 million in 2019 due to these romance scams.

Emotet Malware

The Australian Cyber Security Centre, in late 2019, issued warnings about the Emotet malware, a global threat. Emotet is a sophisticated trojan capable of data theft and loading additional malware. It often exploits weak passwords, highlighting the need for robust password security to protect against such threats.

Endpoint Security: Protecting End Users

Endpoint security, or end-user protection, is a vital component of cyber security. Often, it’s the end user who inadvertently introduces malware or other cyber threats to their devices, such as desktops, laptops, or mobile phones.

So, how do cyber security strategies safeguard end users and systems? Firstly, they utilise cryptographic protocols to encrypt emails, files, and crucial data. This encryption not only secures the information during transmission but also shields it from theft or accidental loss.

Moreover, end-user security software continuously scans devices for malicious codes, isolating and then eliminating these threats. It can detect malware hidden in the primary boot record and is equipped to encrypt or completely erase data from a computer’s hard drive.

Electronic security measures also prioritise real-time detection of malware. Many systems employ heuristic and behavioural analysis to observe the behaviour and code of programs, protecting against viruses or Trojans that morph their appearance (polymorphic and metamorphic malware). Security software can isolate suspicious programs in a virtual environment away from the user’s network to examine their behaviour, enhancing the software’s ability to identify new infections.

As cyber security professionals uncover new threats and develop countermeasures, security software continues to advance. For these tools to be effective, it’s crucial to educate employees on their usage. Importantly, regularly updating and maintaining the operation of security software is key to defending against the latest cyber threats.

Cyber Safety Guidelines: Safeguarding Against Cyber Attacks

Businesses and individuals can take several measures to protect themselves from cyber threats. Here are key cyber safety recommendations:

1. Regularly Update Software and Operating System: Stay protected with the latest security updates and patches.
2. Install Anti-Virus Software: Solutions like Kaspersky Total Security can identify and eliminate threats. Keep this software regularly updated to maintain optimal protection.
3. Create Strong Passwords: Use passwords that are complex and difficult to decipher.
4. Be Cautious with Email Attachments: Avoid opening attachments from unknown senders as they might contain malware.
5. Don’t Click Suspicious Links: Avoid clicking on links in emails from unknown sources or unfamiliar websites, as this is a frequent method for spreading malware.
6. Steer Clear of Unsecure Public WiFi: Using unsecured WiFi networks in public places can expose you to risks like man-in-the-middle attacks.
7. Hire Cyber Security Professionals: For businesses, investing in cyber security experts is key to keep sensitive data safe, and is essential for larger businesses. Cyber security jobs are on the rise as the threat of cyber attacks grows.

Published on 30-01-2024