Understanding Cyber Security Part 2

4. CYBER THREAT DEFINITION

Cyber threats are defined by the National Institute of Standards and Technology (NIST) as “Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service”. It comes in different forms as I explain next.

cyber-attack
5. TYPES OF CYBER THREATS

Keeping up with new technologies, security trends and cyber threats is a challenging task for organisations and cyber security professionals all over the world, although extremely important in order to be ahead of criminals and ensure information, data, systems, programs and other forms of assets are protected from malicious events. Cyber threats take many forms, which include the following, but it is not limited to:

types-of-cyber-threats
5.1 Cyber Crime

This type of threat includes single actors or groups targeting systems and critical infrastructures for financial gain or to cause disruption.

5.2 Cyber Attack

It is an attack launched by cyber criminals using one or more devices against a single or multiple computers or networks. Once successful it can disable systems, steal data, or use a vulnerable asset as a launch point for other attacks. A variety of threats have been used by cyber criminals to launch their attacks, including malware, phishing, ransomware, denial of service, among other methods, which I will be displaying and discussing below.

5.3 Cyber Terrorism

This type of threat refers to unlawful attacks against electronic systems to intimidate a government or its people and cause panic or fear.

5.4 Virus

It is a computer program able to copy itself and infect devices without permission or knowledge of the user. It might corrupt or delete data on a device, use e-mail programs to spread itself to other devices, or even delete everything on a hard disk.

5.5 Spyware

It is a program that secretly records actions from a user on his/her device without his/her knowledge, so that cyber criminals can make use of this information (e.g., credit card details, etc.).

5.6 Advertising Supported Software (Adware)

It is a software that displays unwanted advertisements on a user device normally in a form of pop-ups. It is also able to change the user browser’s homepage, add spyware and just bombard the user’s device with advertisements.

5.7 Malware

It is a form of software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. This includes a virus, worm, trojan horse, spyware, some forms of adware or other code-based entity that infects an asset.

5.8 Trojan Horse

It is a computer program that appears to be harmless, however it has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program. Cyber criminals trick users into uploading trojan horses on their devices for whatever their purposes are.

5.9 Ransomware

It is another form of malware which criminals encrypt an organisation or individual’s data and demand payment (normally through cryptocurrency) to restore the access. Ransomware has become one of the biggest concerns of C-levels from different industries these days, where organisations’ critical data has become unavailable to staff and shared with unauthorised parties when there is no payment.

5.10 Social Engineering

It is the act of tricking an individual into revealing sensitive information, obtaining unauthorized access, or committing fraud by alluring such individual to gain his/her confidence and trust.

5.11 Phishing

It is a technique used by criminals for attempting to collect sensitive data, such as bank account details, credential details, through a fraudulent request in email or on a web site, in which the criminals masquerade themselves as legitimate business or reputable people.

5.12 Spear Phishing

It is a form of phishing attack that has a highly target user, organisation or business.

5.13 Insider Threats

Are security breaches or losses caused by employees, third parties or customers. Insider threats can be either malicious or negligent in nature.

5.14 Distributed Denial-of-Service (DDoS)

It is a form of threat where attackers make use of a great number of hosts (which are mostly infected) with the intention to disrupt the traffic of a targeted system, such as a server, website or other network resource. Such thing occurs by flooding the target with messages, connection requests or packets, which will slow down the target or make it unavailable, preventing legitimate connections through its use.

5.15 Advanced Persistent Threats (APTs)

APTs are prolonged attacks involving sophisticated levels of expertise and significant resources in which a malicious actor infiltrates into a network and remains undetected for long periods of time with the intention to steal companies’ data, adapting to protect itself from an organisation’s efforts to resist to it, and with the determination to maintain the level of interaction needed to execute its objectives.

5.16 Man-in-the-Middle (MITM)

It is a threat where the attacker positions himself/herself in between the user and the system so that he/she can intercept and alter data transmitted between them.

5.17 Zero-Day Exploits

It is a form of attack that exploits a previously unknown hardware, firmware, or software vulnerability.

5.18 Vishing

Vishing is a form of phishing (e.g., email, text, phone call or direct-chat message) that appears to be from a trusted source, but in fact it isn’t. The main purpose of the attack is to steal someone’s identity or money.

5.19 Botnet

Botnet is the combination of the word robot and network. Malicious actors have been using trojan viruses to breach the security of several users’ devices, take control of them, and organize all the infected devices into a network of “bots” that can be managed remotely by the criminal to launch attacks.

6. CHALLENGES FACED BY ORGANISATIONS TO IMPLEMENT CYBER SECURITY

Implementing cyber security can be very challenging for organisations, especially for those which have minimum support (or none) from the board, poor cyber security culture, lack of security policy, standards, guidelines, baselines, processes and controls, and a shortage of skilled cyber security professionals to oversee the activities within the organisation. On top of that we have the evolving nature of security risks associated with immense cyber threats knocking on organisations’ “doors” constantly. Furthermore, cyber security defences are expensive and having the proper budget to afford them in conjunction with training for the cyber team is a paramount.

challenges-in-cyber-security-data-protectyion

lthough the effort from governments and private bodies to enforce their regulations, legislation and standards, keeping up with frequent changes and attacks, as well as implementing controls and updating practices to protect against the attacks, can be extremely difficult.

In addition to that, with more data being collected and sent to different locations (inter-state or off-shore), due to the use of cloud, the likelihood of cyber criminals getting access to and stealing Personally Identifiable Information (PII) has become a new concern for C-levels and cyber security professionals within organisations.

Cyber security programs, once approved by the board and stablished in the organisation, should also address end-user education, as employees may accidently bring malicious code into the workplace on their devices (BYOD) and put the environment at risk. Regular cyber security awareness campaign will guide employees in keeping their workplace protected from cyber threats.

References:

1.  https://www.nist.gov
2. https://www.isc2.org

Ultimate Career Guide Part 2

Cyber Security is in high demand, and there are plenty of job opportunities to choose from in this exciting industry. With salaries often several times higher than most average IT professionals, being a cyber security professional could be a great career of your choice.

read more

Ultimate Career Guide Part 1

Cyber Security is in high demand, and there are plenty of job opportunities to choose from in this exciting industry. With salaries often several times higher than most average IT professionals, being a cyber security professional could be a great career of your choice.

read more