WHAT IS CYBER SECURITY?
Introduction to Cyber Security
Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security. It applies for a variety of devices, from mobile devices to business machines and everything else connected to the Internet.
What’s its importance?
Nowadays, most of the devices are connected to devices are connected to the net from smart speakers, it also includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems. Making cyber security an importance concern for everyone, and as described in our previous article, HMM was hit with a major cyber-attack causing an interruption in the workflow causing loses in millions. It’s just not HMM, Facebook, Twitter has all been attacked in the past few months causing a data loss of billions of users, making it very important topic. Governments and companies have realized its importance and are channeling billions of dollars’ worth of money to make their systems secure. Methods of Cyber Attack Over the years there have been several methods devised for attacking a company, in this section of the blog we’ll discuss a few common ways they have been breached and attacked in the past couple of years. Such attacks can be further classified into two categories, namely Enterprise-Level Attacks & Personal Attacks. Enterprise-Level Attacks:
? Spear phishing Attacks: It’s a target phishing attack on a specific person from a company/organization with the intent of installing malware on their machine which includes a company’s server. Employees receive mail posing as their company try to steal important credentials which are used for gaining access to their servers, which could be used for several malicious purposes.
? Ransomware Attacks: Ransomware is a form of virus which encrypts all the files until the ransom is paid, the ransom is to be paid in the form of cryptocurrency. Failure to do so within the given time-period will cause all of your data to be sold on the dark web. Recently a US nuclear weapons contractor was prey to a ransomware and the attackers threatened to release the stolen data to the Russian military.
? rDDoS: Ransomware Distributed Denial of Service also known as rDDoS is a form of DDoS attack [Distributed Denial of Service] where the attacker threatens a company with a DDoS attack if they don’t pay the ransom in the due time. In a report by Akamai a DDoS protection company, there was surge in the number of attacks due to the recent pandemic, since most of employees rely on their company servers.
Personal Attacks:
? Wi-Fi Attacks: This is a very common form of attack; the attacker connects to the same network as that of the victim by gaining access through malicious means. This often happens due to a weak password or encryption protocol [WEP]. The attacker poses as the router redirecting the traffic though his device, rather than the router thereby stealing the credentials, gaining important information or even creating a backdoor to the victim’s system.
? USB Rubber Ducky: As the name suggests the attack is carried out using a pen drive, whenever a USB device is connected to a system it’s either recognized as storage device or a peripheral device. This device is recognized as keyboard which the attackers use to execute certain commands creating a backdoor to the system which can be used for installing malware.
? Phishing: There is a thin line of difference between phishing and spear phishing attacks, just like a spear is meant to hit on a targeted spot in the same way spear phishing attacks target a specific person from a company/organization. Phishing attacks on the other hand are conducted on a mass scale often to steal credit card information, personal data or your credentials to certain websites.
Cyber Security Practices:
We all use the internet for multiple reasons from shopping to watching movies therefore it’s a smart move to learn about the best cybersecurity practices it can go a long way towards helping you to stay safe online. Here are a few ways to keep yourself safe online.
领英推荐
? Try avoiding sketchy websites, mails, pop-ups and links, they can be used for phishing your data, installing a malware or logging your IP address.
? Use a strong password for the websites you signup up, the stronger your password the harder it’s to crack.
? Whenever you’re using a public Wi-Fi use a VPN server to mask your data, the way it works is by routing the website traffic through their servers instead of the router and don’t connect to sketchy networks.
? Backup all of your files either physically in a hard drive or on the cloud, though the later one is more preferred and suggested since you can access your data from anywhere without carrying a hard drive around with you which is prone to physical damage.
? Activate 2FA [2 Factor Authentication] for all the websites which support it. Major platforms such as Instagram and Facebook support this feature, they use SMS, call or a third-party application such as Google Authenticator.
? Change your password frequently, passwords are meant to last forever….
Interesting Facts….
? The US government spend over $17.4 billion for cybersecurity related activities in the year 2020. ? The global average cost of a data breach is $3.9 million across SMBs.
? Since the recent pandemic, the FBI reported a 300% increase in reported cybercrimes. ? Over 9.7 million healthcare records were compromised in September 2020 alone!
? Total cost for cybercrime committed globally will reach $6 trillion by 2021.
We all mustnt think that my company is secure from cyber attacks. We should be ready to protect our important data right now.