Cyber Security: The Last Line of Defense
This article gives you a starting point for cyber security, providing some quick references you may need as you progress in developing for cyber security.
Join the DZone community and get the full member experience.Join For Free
Cyberworld, the Internet and its underlying infrastructure, have come under serious threat. Networks are compromised daily, data and information are continuously hacked, and computer viruses and other cyber incidents threaten our lives as we know it. What then is our last line of defense? How do we secure information, networks, and life? The answer is Cyber Security. Securing our information on the Internet can help us breathe easy and relax a little more. This article throws some light on the possible security threats in the cyber world, and how we can play our part in protecting ourselves.
What Is Cyber Security?
Cyber security, also referred to as Information Technology (IT) security, focuses on protecting computers, networks, programs, and data from unintended or unauthorized access, change or destruction. Cyber security protects the data and integrity of computing assets belonging to or connecting to an organization’s network. The purpose of cyber security is to defend against all forms of threats in the cyber world throughout the entire phase of a cyber attack.
Why Is Cyber Security Important?
Governments, military, corporations, financial institutions, hospitals and other businesses, collect, process, and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.
But why is this so important? Because, year after year, the worldwide expenditure for cyber security continues to grow: 71.1 billion in 2014 (7.9% over 2013), and 75 billion in 2015 (4.7% from 2014) and is expected to reach 101 billion by 2018. Organizations are starting to understand that malware is a publicly-available commodity that makes it easy for anyone to become a cyber attacker, and worse, some companies offer security solutions that do little to defend against attacks. Cyber security demands focus and dedication.
Types of Cyber Risks
Cyber risks can be divided into three distinct areas:
Cybercrime: Conducted by individuals working alone, or in organized groups, intent on extracting money, data or causing disruption. Cybercrime can take many forms. This includes acquiring credit/debit card data and intellectual property and impairing the operations of a website or service.
Cyberwar: A nation state conducting sabotage and espionage against another nation to cause disruption or to extract data. This could involve the use of Advanced Persistent Threats (APTs).
Cyberterror: An organization, working independently of a nation state, conducting terrorist activities through the medium of cyberspace.
Introduction to Cyber Criminals
A cyber criminal is an individual who commits cybercrimes, where he/she makes use of the computer either as a tool or as a target or as both.
Cyber Criminals Use Computers in Three Broad Ways:
Select the computer as their target: These criminals attack other people's computers to perform malicious activities, such as spreading viruses, data theft, identity theft, etc.
Use the computer as their weapon: They use the computer to carry out "conventional crimes," such as spam, fraud, illegal gambling, etc.
Use computers as their accessory: They use the computer to save stolen or illegally obtained data.
Cyber Criminals Often Work in Organized Groups
Some cyber-criminal roles are:
- Programmers: Write code or programs used by cyber-criminal organizations
- Distributors: Distribute and sell stolen data and goods from associated cyber criminals
- IT experts: Maintain a cyber-criminal organization's IT infrastructure, such as servers, encryption technologies, and databases
- Hackers: Exploit systems, applications, and network vulnerabilities
- Fraudsters: Create and deploy schemes like spam and phishing
- System hosts and providers: Host sites and servers that possess illegal contents
- Cashiers: Provide account names to cyber criminals and control drop accounts
- Money mules: Manage bank account wire transfers
- Tellers: Transfer and launder illegal money via digital and foreign exchange methods
- Leaders: Often connected to big bosses of large criminal organizations. They assemble and direct cyber-criminal teams and usually lack technical knowledge.
Here are several types of attacks cyber criminals use to commit crimes. (You may recognize a few of them):
Botnet: a network of software robots, or bots, that automatically spread malware
Fast Flux: moving data quickly among the computers in a botnet to make it difficult to trace the source of malware or phishing websites
Zombie Computer: a computer that has been hacked into and is used to launch malicious attacks or to become part of a botnet
Social Engineering: using lies and manipulation to trick people into revealing their personal information. Phishing is a form of social engineering
Denial-of-Service attacks: flooding a network or server with traffic in order to make it unavailable to its users
Skimmers: Devices that steal credit card information when the card is swiped through them. This can happen in stores or restaurants when the card is out of the owner's view, and frequently the credit card information is then sold online through a criminal community.
Types of Malware
Cyber criminals operate remotely, in what is called ‘automation at a distance,’ using numerous means of attacks available. This broadly falls under the umbrella term of malware (malicious software). This includes:
Aim: To gain access to steal, modify, and/or corrupt information and files from a targeted computer system.
Technique: A small piece of software program that can replicate itself and spread from one computer to another by attaching itself to another computer file.
Aim: Exploiting weaknesses in operating systems, seeking to damage networks, and often deliver payloads which allow remote control of the infected computer.
Technique: Worms are self-replicating and do not require a program to attach themselves. Worms continually look for vulnerabilities and report back to the worm author when weaknesses are discovered.
Aim: To take control of your computer and/or to collect personal information without your knowledge.
Technique: By opening attachments, clicking links or downloading infected software, spyware/adware is installed on your computer.
Aim: To create a ‘backdoor’ on your computer by which information can be stolen and damage caused.
Technique: A software program appears to perform one function (for example, virus removal) but acts as something else.
The attack vector is a systematic way or path which is used to gain access to your system or network by hackers. There are also a number of attack vectors available to cyber criminals which allow them to infect computers with malware or to harvest stolen data: phishing, pharming, drive-by, MITM (man in the middle attack), social engineering, among others.
A Few Ways to Help Overcome the Most Common Cyber Threats a Business Faces
Big and small businesses constantly find themselves vulnerable, confused, and unsuspecting of cyber security threats. It is absolutely necessary to be prepared to deal with cyber threats and succeed against the most common cyber threats being encountered.
Internal attacks are probably one of the deadliest attacks because it threatens client’s data and systems. Dishonest employees and IT staff who possess the right training can gain access to systems, which can cause major damages. The best way to avoid this threat is to restrict and monitor everyone who has privileged access to important data and files, ensuring their access to these files are terminated immediately upon relieving them of their duties from the company.
BYOD – Bring Your Own Device
Data theft is at an all-time high, so many companies have implemented BYOD policies. To deal with BYOD security issues, it is absolutely necessary to have a structured and effective policy in place. This will help companies monitor their business emails closely, and keep an eye out for what works and documents are being downloaded.
Third-party Service Providers
Technology is becoming more complex and a lot of companies are relying on third-party service providers to help maintain their systems. This can sometimes leave your business vulnerable because some of these third-party service providers use remote access tools to connect to their network. They leave their clients’ networks vulnerable because they do not always have the best and effective security protocols when connecting to clients’ networks. In addition, using the same passwords for all clients can result in major security breaches and serious risks.
Being enlightened and aware of the major security breaches and threats encountered in the cyber world is very important. In 2016, we are facing a multitude of threats, from headless worms to ghost-ware and two-faced malware. Every minute we face a million threat in cyberspace. The most important thing is to be aware and be prepared, rather than wait for a threat to surface. Preparation is key to defeating these faceless threats. Knowing more about cyber security measures can help you stay on top in your industry.
While we are bombarded with millions of threats daily, taking a proactive step in securing your data, files and information is the best defense out there for your business. Helping clients and businesses deal with cyber threats is also very important, as it becomes a huge problem if left unattended over time.
So, what you think? Do you agree with the points raised in this article? Let us know in the comments.
Opinions expressed by DZone contributors are their own.