Cyber-attacks: the constant digital risk
Elena Yndurain
Innovation Executive | Technology Strategy | Emerging Technologies | Go-To-Market | AI | Quantum
The war in Ukraine is being waged on many fronts; one of them is information technology. Russian cyber-attacks against Ukrainian financial and government institutions preceded the full-scale aggression, and prompted many Western countries, including Spain, to take prompt precautions to prevent such intrusions.?
Increasing cyber attacks have made it clear how defenseless we are. In the last decade there have been high-profile hacks: hackers stole diplomatic data from WikiLeaks, from customers of PlayStation, Dropbox, Target, Visa, Uber or Facebook, and from voters in the U.S. elections. The large department store chain Target, for example, lost $202 million when a famous cyber-attack compromised 70 million customer accounts, and cost the CEO and CIO his job.?
Cyber-attacks are defined as unauthorized access to computer systems with the aim of stealing, exposing, changing or destroying data. They are done through malicious software, Malware, which infiltrates systems to hijack data (ransomware), replicate and propagate (worms), access computers (Trojans) or transmit information (spyware).?
Attacks can enter any of the technological layers in which data circulate: devices, apps or the Internet. A common mode of access is called phishing, which arrives in an innocent-looking message, but actually manipulates the recipient to gain access to confidential information. Man-in-the-middle is an eavesdropping in which attackers insert themselves into a transaction between two parties. Denial of service (DoS) is an intrusion into a computer system that makes a service or resource inaccessible to legitimate users.?
Cybersecurity is now key and in high demand. Security company stocks rose last year above the S&P 500 index average. Organizations must take steps to protect and prevent risks at all layers of technology: restricting access to devices, testing software vulnerabilities, monitoring Internet attacks and controlling user passwords, among other things. There are cybersecurity regulations and data protection best practices such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework. It proposes five areas of action: identify risks, protect access, detect unusual activities, respond with measures and recover operations. In addition, cybersecurity communication must be managed with caution, informing and training on risks and how to act.?
领英推荐
Cybersecurity consists of implementing measures to protect against unauthorized use of digital data. It has several tools: the firewall protects the network by blocking dangerous traffic; the VPN (virtual private network) connection guarantees secure privacy inside and outside an organization; proxy servers intermediate Internet access by protecting users and the internal network from attacks; antivirus detects and eliminates file threats; email sandboxing extracts and analyzes attached files to validate them; finally, encryption protects data using algorithms that make it inaccessible to those without the proper password.?
Cybercrime is growing every day: new routes appear to steal data or install malware, technology changes and constant vigilance and innovation in cybersecurity policies are needed. Companies are dedicated to monitoring, auditing and patching systems, strengthening the network and conducting mock attacks to educate about risks. It is extremely difficult to keep abreast of cyber risks, which is why technology giants such as 亚马逊 , 谷歌 , IBM and 微软 provide de facto security measures in their solutions.?
In 2021 alone there were more than 623 million ransomware attacks globally. According to a SonicWall study, the average cost of a data breach in 2020 was $3.86 million. Costs include expenses to discover and respond to the breach, downtime, lost revenue and reputational damage.?
Remote access to the work environment complicates connection security. We are all exposed to cyberattacks, and therefore, as users, we have the responsibility to be digitally cautious: do not publish personal information, connect with secure wifi, shop in recognized places, update software or set complex passwords and change them often. In short... not to let our guard down.?
Published in El Mundo / Actualidad Economica on March 13th, 2022?