What is Cyber Security?
While rapid technological developments have provided vast areas of new opportunity and potential sources of efficiency for organisations of all sizes, these new technologies have also brought unprecedented threats with them. Cyber security – defined as the protection of systems, networks and data in cyberspace – is a critical issue for all businesses. Cyber security will only become more important as more devices, ‘the internet of things’, become connected to the internet.
Introduction to cyber criminals
Cyberspace is unregulated and cyber crime is increasingly simple and cheap to commit: the Fortinet 2013 Cybercrime Report found that an effective botnet – a network of private computers infected with malicious software and controlled without the owners’ knowledge – can be established for as little as $700 (about £420), or can be rented for just $535 (about £320) per week. Cyber criminals can now even buy off-the-shelf hacking software, complete with support services.
Congruent with the rapid pace of technological change, the world of cyber crime never stops innovating either. Every month, Microsoft publishes a bulletin of the vulnerabilities of its systems, an ever-growing list of known threats, bugs and viruses. For a more complete overview of cyber security threats, mailing lists such as Bugtraq can provide up-to-date resources listing all new bugs.
Types of malware
Cyber criminals operate remotely, in what is called ‘automation at a distance’, using numerous means of attack available, which broadly fall under the umbrella term of malware (malicious software). These include:
Aim: Gain access to, steal, modify and/or corrupt information and files from a targeted computer system.
Technique: A small piece of software program that can replicate itself and spread from one computer to another by attaching itself to another computer file.
Aim: By exploiting weaknesses in operating systems, worms seek to damage networks and often deliver payloads which allow remote control of the infected computer.
Technique: Worms are self-replicating and do not require a program to attach themselves to. Worms continually look for vulnerabilities and report back to the worm author when weaknesses are discovered.
Aim: To take control of your computer and/or to collect personal information without your knowledge.
Technique: By opening attachments, clicking links or downloading infected software, spyware/adware is installed on your computer.
Aim: To create a ‘backdoor’ on your computer by which information can be stolen and damage caused.
Technique: A software program appears to perform one function (for example, virus removal) but actually acts as something else.
There are also a number of attack vectors available to cyber criminals which allow them to infect computers with malware or to harvest stolen data:
An attempt to acquire users’ information by masquerading as a legitimate entity. Examples include spoof emails and websites. See ‘social engineering’ below.
An attack to redirect a website’s traffic to a different, fake website, where the individuals’ information is then compromised. See ‘social engineering’ below.
Opportunistic attacks against specific weaknesses within a system.
‘Man in the middle attack’ where a middleman impersonates each endpoint and is thus able to manipulate both victims.
- Social engineering
Exploiting the weakness of the individual by making them click malicious links, or by physically gaining access to a computer through deception. Pharming and phishing are examples of social engineering.
5 cybersecurity trends to watch for 2016
Here are five major trends in cybersecurity that you should have in mind when updating your InfoSec plans for 2016.
As more and more of the services we use reside in the cloud, IT departments can lose oversight and control. Employees are bypassing IT to snag the services they feel they need, and there’s a real danger that they’re bypassing security protocols and systems in the process. You should take steps to ensure that your IT department has full visibility.
Even approved cloud vendors must be scrutinized on an ongoing basis. Do you know where your data resides? Do your cloud service providers meet your security standards? If they aren’t in compliance, their failure to meet regulatory requirements could be something that you’re liable for. Don’t take it on trust, test your third-party vendors and verify for yourself.
The impact of ransomware is growing. According to the Cyber Threat Alliance, the recent CyrptoWall v3 threat has cost hundreds of thousands of users worldwide more than $325 million so far. This kind of attack encrypts important files, rendering data inaccessible until you pay the ransom. It often relies upon social engineering techniques to gain a foothold.
It works, and we expect to see a lot more of it over the next 12 months, because the easiest way for many individuals and businesses to get their data back is just to pay the ransom. With a bit of forethought, better education and real-time security protection, not to mention a regular, robust backup routine, the threat of ransomware can be cut down to size.
Cybercriminals follow the path of least resistance and the easiest way for them to gain access to your precious data is usually by tricking a person into handing over the keys, not by writing a clever piece of code. Phishing attacks are growing more sophisticated all the time, as official-looking messages and websites, or communications that apparently come from trusted sources, are employed to gain access to your systems.
The targeting of high-level execs or anyone with a high security clearance is on the rise. If cybercriminals can hack a CEO’s account, for example, they can use it to wreak havoc and expose a lot of sensitive data. Educating potential targets about the dangers is not enough. You need a combination of real-time monitoring and scanning systems, with protective blocking capabilities. That said, sometimes laying down a security policy for employee education is all you need.
The open source movement has leveled the playing field for many companies, and there are also lots of off-the-shelf software packages that are very popular. Integrating this software will often make more business sense than developing something in-house, but you have to keep vulnerabilities in mind. Publicly known vulnerabilities are one of the biggest threats for IT departments.
Consider that HP’s 2015 Cyber Risk Report found that 44% of 2014 breaches came from vulnerabilities that are two to four years old, and you can see the problem. Software must be patched regularly, and expertise is required to avoid common misconfigurations that offer attackers an easy way in.
The Internet of Things
We’ve seen a wave of mobile devices and wearables stream into the workplace, each offering a new potential inroad for a cybercriminal, but the Internet of Things represents another looming threat. As connectivity spreads into every corner of our lives and businesses, it becomes more and more challenging to maintain a clear view of entry points and data flow.
The IoT may herald some exciting business opportunities, but we must be mindful about ensuring that access is limited and secure. Sensitive data should be encrypted, access must be restricted, and oversight is needed. It’s important to be able to manage and block access to enterprise devices and networks when necessary.
If you expect to enjoy success in 2016, and you want to ensure that your plans aren’t derailed, then make sure that these cybersecurity trends are on your radar.
The opinions expressed in this Blog are those of Michelle Drolet and do not necessarily represent those of the IDG Communications, Inc., its parent, subsidiary or affiliated companies.
- Posted by : Edna Mae Buniel